sneexy/nixos
1
0
Fork 0
mirror of https://git.gay/sneexy/nixos.git synced 2026-01-11 13:13:15 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore: split default nix config

Browse source
This commit is contained in:
Ruben 2024-04-21 12:59:57 -05:00
commit 8e5f8e619f
No known key found for this signature in database
GPG key ID: A6C94D84D2DA13EE
7 changed files with 278 additions and 255 deletions
Download patch file Download diff file Expand all files Collapse all files

78
config/desktop.nix Normal file
View file

@ -0,0 +1,78 @@
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: {
# so, funny thing i learned - "xserver" is basically the blanket term for all gui stuff in nixos.
# this really confuses me, because i'm trying to keep xorg out of this install and only wayland in.
# i may miss some spots though.
# see: https://www.reddit.com/r/NixOS/comments/17ia1g8/i_dont_understand_nixoss_wayland_setup/
# EDIT: they changed it !!!!
services.xserver.enable = true;
# use sddm and only use its wayland session
services.displayManager.sddm.enable = true;
services.displayManager.sddm.wayland.enable = true;
# default to plasma wayland session
services.displayManager.defaultSession = "plasma";
# gyattde rizzma 6
services.desktopManager.plasma6 = {
enable = true;
};
programs.xwayland.enable = true;
# Configure keymap in X11
services.xserver.xkb = {
layout = "us";
};
# don't install some of the default packages since i don't need them
environment.plasma6.excludePackages = with pkgs.kdePackages; [
elisa
];
environment.variables = {
# wayland related
NIXOS_OZONE_WL = "1";
# custom sudo prompt for the xds
SUDO_PROMPT = "[sudo] stick out your gyatt for the rizzler: ";
};
fonts = {
fontDir.enable = true;
packages = with pkgs; [
noto-fonts
lexend
liberation_ttf
unifont
(nerdfonts.override {fonts = ["JetBrainsMono" "Iosevka" "FiraCode" "DroidSansMono"];})
noto-fonts-color-emoji
];
fontconfig = {
defaultFonts = {
emoji = ["Noto Color Emoji"];
};
};
};
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# wireplumber exists so, lets *not* use the example session
wireplumber.enable = true;
};
}

47
config/networking.nix Normal file
View file

@ -0,0 +1,47 @@
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: {
# Enable networking
networking.networkmanager.enable = true;
# we're using/prioritizing dnscrypt!
networking.nameservers = ["127.0.0.1" "::1"];
# resolved and others conflicts with setting dns here
networking.resolvconf.enable = pkgs.lib.mkForce false;
networking.dhcpcd.extraConfig = "nohook resolv.conf";
services.resolved.enable = false;
# also ensuring that networkmanager doesn't modify dns settings
networking.networkmanager.dns = "none";
# dnscrypt settings
services.dnscrypt-proxy2 = {
enable = true;
settings = {
ipv6_servers = true;
require_dnssec = true;
sources.public-resolvers = {
# of course, sourcing from the main public lists
urls = [
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
];
cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md";
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
};
# You can choose a specific set of servers from https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/public-resolvers.md
# prioritize quad9, then adguard, and cloudflare as last resort
server_names = ["quad9-dnscrypt-ip4-filter-pri" "quad9-doh-ip4-port443-filter-pri" "quad9-doh-ip6-port443-filter-pri" "adguard-dns-doh" "adguard-dns-ipv6" "cloudflare" "cloudflare-ipv6"];
};
};
systemd.services.dnscrypt-proxy2.serviceConfig = {
StateDirectory = "dnscrypt-proxy";
};
}

71
config/nixos.nix Normal file
View file

@ -0,0 +1,71 @@
# This is your system's configuration file.
# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix)
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: {
# You can import other NixOS modules here
imports = [
# networking configuration
./networking.nix
# packages
./packages.nix
# desktop setup
./desktop.nix
];
# This will add each flake input as a registry
# To make nix3 commands consistent with your flake
nix.registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs);
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nix.nixPath = ["/etc/nix/path"];
environment.etc =
lib.mapAttrs'
(name: value: {
name = "nix/path/${name}";
value.source = value.flake;
})
config.nix.registry;
nix.settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Deduplicate and optimize nix store
auto-optimise-store = true;
};
# use linux-cachy from the nyx repo.
# is this actually "required"? no, not really. but i can have it, so why not?
# see nyx: https://www.nyx.chaotic.cx/
# see cachyos: https://github.com/CachyOS/linux-cachyos
boot.kernelPackages = pkgs.linuxPackages_cachyos;
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# enable plymouth because it looks cool :)))
boot.plymouth = {
enable = true;
theme = "bgrt";
};
# Enable CUPS to print documents.
services.printing = {
enable = true;
drivers = with pkgs; [canon-cups-ufr2];
};
services.avahi.enable = true;
services.avahi.nssmdns4 = true;
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "23.11";
}

80
config/packages.nix Normal file
View file

@ -0,0 +1,80 @@
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: {
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
# flatpaks for the one time i'll need them for some reason
services.flatpak.enable = true;
# system packages
environment.systemPackages = with pkgs; [
git
wget
fzf
curl
curlHTTP3
virt-manager
pinentry-curses
kitty
wezterm
distrobox
];
# firefox
programs.firefox.enable = true;
# steam
programs.steam.enable = true;
# android debugging tools
programs.adb.enable = true;
# gnupg is basically required for everything i use
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
# podmen
virtualisation.podman = {
enable = true;
dockerCompat = true;
dockerSocket.enable = true;
};
# virtualization stuff
virtualisation.libvirtd = {
enable = true;
#qemu.runAsRoot = false;
qemu.swtpm.enable = true;
};
virtualisation.spiceUSBRedirection.enable = true;
# waydroid
virtualisation.waydroid.enable = true;
}

2
machines/thonkpad/default.nix
View file

@ -10,7 +10,7 @@
# Include the results of the hardware scan.
./hardware-configuration.nix
# use shared configuration
../../nixos.nix
../../config/nixos.nix
];
# who up thonking they

2
machines/thunkpad/default.nix
View file

@ -10,7 +10,7 @@
# Include the results of the hardware scan.
./hardware-configuration.nix
# use shared configuration
../../nixos.nix
../../config/nixos.nix
];
# who up thunking they

253
nixos.nix
View file

@ -1,253 +0,0 @@
# This is your system's configuration file.
# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix)
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: {
# You can import other NixOS modules here
imports = [
# If you want to use modules your own flake exports (from modules/nixos):
# outputs.nixosModules.example
# Or modules from other flakes (such as nixos-hardware):
# inputs.hardware.nixosModules.common-cpu-amd
# inputs.hardware.nixosModules.common-ssd
# You can also split up your configuration and import pieces of it here:
# ./users.nix
];
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
# This will add each flake input as a registry
# To make nix3 commands consistent with your flake
nix.registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs);
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nix.nixPath = ["/etc/nix/path"];
environment.etc =
lib.mapAttrs'
(name: value: {
name = "nix/path/${name}";
value.source = value.flake;
})
config.nix.registry;
nix.settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Deduplicate and optimize nix store
auto-optimise-store = true;
};
# use linux-cachy from the nyx repo.
# is this actually "required"? no, not really. but i can have it, so why not?
# see nyx: https://www.nyx.chaotic.cx/
# see cachyos: https://github.com/CachyOS/linux-cachyos
boot.kernelPackages = pkgs.linuxPackages_cachyos;
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Enable networking
networking.networkmanager.enable = true;
# we're using/prioritizing dnscrypt!
networking.nameservers = ["127.0.0.1" "::1"];
# resolved and others conflicts with setting dns here
networking.resolvconf.enable = pkgs.lib.mkForce false;
networking.dhcpcd.extraConfig = "nohook resolv.conf";
services.resolved.enable = false;
# also ensuring that networkmanager doesn't modify dns settings
networking.networkmanager.dns = "none";
# dnscrypt settings
services.dnscrypt-proxy2 = {
enable = true;
settings = {
ipv6_servers = true;
require_dnssec = true;
sources.public-resolvers = {
# of course, sourcing from the main public lists
urls = [
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
];
cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md";
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
};
# You can choose a specific set of servers from https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/public-resolvers.md
# prioritize quad9, then adguard, and cloudflare as last resort
server_names = ["quad9-dnscrypt-ip4-filter-pri" "quad9-doh-ip4-port443-filter-pri" "quad9-doh-ip6-port443-filter-pri" "adguard-dns-doh" "adguard-dns-ipv6" "cloudflare" "cloudflare-ipv6"];
};
};
systemd.services.dnscrypt-proxy2.serviceConfig = {
StateDirectory = "dnscrypt-proxy";
};
# enable plymouth because it looks cool :)))
boot.plymouth = {
enable = true;
theme = "bgrt";
};
# Enable CUPS to print documents.
services.printing = {
enable = true;
drivers = with pkgs; [canon-cups-ufr2];
};
services.avahi.enable = true;
services.avahi.nssmdns4 = true;
# so, funny thing i learned - "xserver" is basically the blanket term for all gui stuff in nixos.
# this really confuses me, because i'm trying to keep xorg out of this install and only wayland in.
# i may miss some spots though.
# see: https://www.reddit.com/r/NixOS/comments/17ia1g8/i_dont_understand_nixoss_wayland_setup/
# EDIT: they changed it !!!!
services.xserver.enable = true;
# use sddm and only use its wayland session
services.displayManager.sddm.enable = true;
services.displayManager.sddm.wayland.enable = true;
# default to plasma wayland session
services.displayManager.defaultSession = "plasma";
# gyattde rizzma 6
services.desktopManager.plasma6 = {
enable = true;
};
programs.xwayland.enable = true;
# Configure keymap in X11
services.xserver.xkb = {
layout = "us";
};
# don't install some of the default packages since i don't need them
environment.plasma6.excludePackages = with pkgs.kdePackages; [
elisa
];
environment.variables = {
# wayland related
NIXOS_OZONE_WL = "1";
# custom sudo prompt for the xds
SUDO_PROMPT = "[sudo] stick out your gyatt for the rizzler: ";
};
fonts = {
fontDir.enable = true;
packages = with pkgs; [
noto-fonts
lexend
liberation_ttf
unifont
(nerdfonts.override {fonts = ["JetBrainsMono" "Iosevka" "FiraCode" "DroidSansMono"];})
noto-fonts-color-emoji
];
fontconfig = {
defaultFonts = {
emoji = ["Noto Color Emoji"];
};
};
};
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# wireplumber exists so, lets *not* use the example session
wireplumber.enable = true;
};
# flatpaks for the one time i'll need them for some reason
services.flatpak.enable = true;
# system packages
environment.systemPackages = with pkgs; [
git
wget
fzf
curl
curlHTTP3
virt-manager
pinentry-curses
kitty
wezterm
distrobox
];
# firefox
programs.firefox.enable = true;
# steam
programs.steam.enable = true;
# android debugging tools
programs.adb.enable = true;
# gnupg is basically required for everything i use
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
# podmen
virtualisation.podman = {
enable = true;
dockerCompat = true;
dockerSocket.enable = true;
};
# virtualization stuff
virtualisation.libvirtd = {
enable = true;
#qemu.runAsRoot = false;
qemu.swtpm.enable = true;
};
virtualisation.spiceUSBRedirection.enable = true;
# waydroid
virtualisation.waydroid.enable = true;
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "23.11";
}