diff --git a/flake.nix b/flake.nix index d5773ff..2288091 100644 --- a/flake.nix +++ b/flake.nix @@ -15,7 +15,10 @@ packages.x86_64-linux.lutris = pkgs.lutris; nixosConfigurations = { - dustbowl = import ./nixos/dustbowl.nix; + dustbowl = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ ./nixos/dustbowl.nix ]; + }; }; }; } diff --git a/nixos/cachix.nix b/nixos/cachix.nix new file mode 100644 index 0000000..88b2f08 --- /dev/null +++ b/nixos/cachix.nix @@ -0,0 +1,13 @@ + +# WARN: this file will get overwritten by $ cachix use +{ pkgs, lib, ... }: + +let + folder = ./cachix; + toImport = name: value: folder + ("/" + name); + filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key; + imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder)); +in { + inherit imports; + nix.binaryCaches = ["https://cache.nixos.org/"]; +} diff --git a/nixos/cachix/zig-nightly.nix b/nixos/cachix/zig-nightly.nix new file mode 100644 index 0000000..5f0d1c2 --- /dev/null +++ b/nixos/cachix/zig-nightly.nix @@ -0,0 +1,11 @@ + +{ + nix = { + binaryCaches = [ + "https://zig-nightly.cachix.org" + ]; + binaryCachePublicKeys = [ + "zig-nightly.cachix.org-1:OnBNrwrXNoCtCzjuMEfruWSaZEixGGSvFhc9OBtx1wg=" + ]; + }; +} diff --git a/nixos/dustbowl.nix b/nixos/dustbowl.nix new file mode 100644 index 0000000..a7fcbaf --- /dev/null +++ b/nixos/dustbowl.nix @@ -0,0 +1,362 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + /etc/nixos/hardware-configuration.nix + /etc/nixos/private.nix + ./cachix.nix + ]; + + nixpkgs.config.allowUnfree = true; + nix = { + package = pkgs.nixFlakes; + extraOptions = '' + experimental-features = nix-command flakes ca-references + builders-use-substitutes = true + ''; + distributedBuilds = true; + }; + + # Kernel version + boot.kernelPackages = pkgs.linuxPackages_5_14; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot/efi"; + }; + boot.loader.grub = { + enable = true; + version = 2; + device = "nodev"; + efiSupport = true; + enableCryptodisk = true; + }; + boot.initrd.luks.devices = { + root = { + device = "/dev/disk/by-uuid/70c16b36-14b6-4939-9fc9-210774614e72"; + preLVM = true; + }; + }; + + networking.hostName = "dustbowl"; # Define your hostname. + networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.wireless.interfaces = [ "wlp2s0" ]; + # networking.wireless.userControlled.enable = true; + + # The global useDHCP flag is deprecated, therefore explicitly set to false here. + # Per-interface useDHCP will be mandatory in the future, so this generated config + # replicates the default behaviour. + networking.useDHCP = false; + networking.interfaces.wlp2s0.useDHCP = true; + + # services.dnscrypt-proxy2 = { + # enable = true; + # settings = { + # require_nolog = true; + # require_nofilter = true; + # sources.public-resolvers = { + # urls = [ "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" ]; + # cache_file = "public-resolvers.md"; + # minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; + # refresh_delay = 72; + # }; + # }; + # }; + + # udev rules + services.udev.packages = with pkgs; [ + yubikey-personalization + ]; + + # services.logind.lidSwitch = "ignore"; + + # Configure console + console = { + font = "Lat2-Terminus16"; + keyMap = "de"; + }; + + # Select internationalisation properties. + i18n = { + defaultLocale = "en_US.UTF-8"; + }; + + # Set location (e.g. for redshift) + location = { + latitude = 1.3766; + longitude = 103.8160; + }; + + environment.systemPackages = with pkgs; [ + ntfs3g + file + usbutils + pciutils + calc + wget + unzip + zip + psmisc + htop + vim + vis + git + pamix + bubblewrap + openconnect + yubikey-personalization + yubico-pam + nmap + bind.dnsutils + + # X server setup + # dwm + # st + alacritty + xsel + mons + maim + + # Wayland setup + grim + slurp + wl-clipboard + mako + + # GUI software + emacs + firefox + thunderbird + mpv + zathura + imv + ]; + + environment.pathsToLink = [ "/libexec" ]; + + # Use doas instead of sudo + security.sudo.enable = false; + security.doas = { + enable = true; + extraRules = [ + { + groups = ["wheel"]; + persist = true; + keepEnv = true; + } + ]; + }; + + # Enable gnupg + programs.gnupg.agent.enable = true; + + programs.fish.enable = true; + + # Steam + programs.steam.enable = true; + # hardware.opengl.driSupport32Bit = true; + # hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ]; + # hardware.pulseaudio.support32Bit = true; + + nixpkgs.config.packageOverrides = pkgs: rec { + # Override emacs + emacs = pkgs.emacs.override { + withGTK3 = true; + withGTK2 = false; + }; + + # Override firefox + firefox = pkgs.firefox.override { + forceWayland = true; + }; + }; + + # Configuration for dwm + # nixpkgs.config.dwm = { + # conf = builtins.fetchurl { + # url = "https://gitlab.com/joachimschmidt557/dotfiles/-/raw/master/dwm/config.h"; + # sha256 = "6fe60337a89b6bdec55351df3fba03b4e9689d786b726073702d0fbf41324882"; + # }; + # }; + + # Configuration for st + # nixpkgs.config.st = { + # patches = let + # scrollback = builtins.fetchurl { + # url = "https://st.suckless.org/patches/scrollback/st-scrollback-20200419-72e3f6c.diff"; + # sha256 = "042k00iy8fvr3xvq93fmnhmjqpl1kns24x50xsa82npgllbzwh8y"; + # }; + # scrollbackMouse = builtins.fetchurl { + # url = "https://st.suckless.org/patches/scrollback/st-scrollback-mouse-20191024-a2c479c.diff"; + # sha256 = "0z961sv4pxa1sxrbhalqzz2ldl7qb26qk9l11zx1hp8rh3cmi51i"; + # }; + # newTerm = builtins.fetchurl { + # url = "http://st.suckless.org/patches/newterm/st-newterm-0.8.2.diff"; + # sha256 = "10r7cbdym0zvifdsvaf34adzc1qc9nwywvg6g9bmhaafjrxjqr91"; + # }; + # in [ ]; + # conf = let + # path = builtins.fetchurl { + # url = "https://gitlab.com/joachimschmidt557/dotfiles/-/raw/master/st/config_scrollback.h"; + # sha256 = "0fm2j0i72p9s4wyv4szk7ai6jckv33m2z9g17a3xksvi8q77g7zp"; + # }; + # in builtins.readFile path; + # }; + + # Open ports in the firewall. + networking.firewall.allowedTCPPorts = [ 8080 ]; + networking.firewall.allowedUDPPorts = [ 8080 ]; + + # Enable CUPS to print documents. + services.printing.enable = true; + services.printing.drivers = [ pkgs.hplipWithPlugin ]; + hardware.sane.enable = true; + hardware.sane.extraBackends = [ pkgs.hplipWithPlugin ]; + + # Redshift + # services.redshift = { + # enable = true; + # package = pkgs.redshift-wlr; + # temperature.day = 6500; + # temperature.night = 2000; + # }; + + systemd.user.services.wlsunset = { + description = "wlsunset colour temperature adjuster"; + wantedBy = [ "graphical-session.target" ]; + partOf = [ "graphical-session.target" ]; + serviceConfig = { + ExecStart = '' + ${pkgs.wlsunset}/bin/wlsunset \ + -l 49.5 \ + -L 8.4 \ + -t 2000 \ + ''; + RestartSec = 3; + Restart = "always"; + }; + }; + + # Hardware + # Enable sound. + sound.enable = true; + # hardware.pulseaudio = { + # enable = true; + # package = pkgs.pulseaudioFull; + # extraModules = [ pkgs.pulseaudio-modules-bt ]; + # }; + hardware.bluetooth.enable = true; + + # UPower + services.upower.enable = true; + + # RealtimeKit + security.rtkit.enable = true; + + # Video acceleration + hardware.opengl.extraPackages = [ pkgs.vaapiIntel ]; + + # Enable the X11 windowing system. + services.xserver = { + enable = true; + layout = "de"; + xkbModel = "pc105"; + xkbVariant = "neo_qwertz"; + dpi = 150; + + # displayManager.startx.enable = true; + desktopManager.xterm.enable = false; + }; + + # PipeWire + services.pipewire = { + enable = true; + alsa = { + enable = true; + support32Bit = true; + }; + pulse.enable = true; + }; + + # Window manager + services.xserver.windowManager.i3 = { + enable = true; + extraPackages = with pkgs; [ + dmenu + i3status + i3lock + ]; + }; + + services.xserver.libinput = { + enable = true; + touchpad = { + naturalScrolling = true; + scrollMethod = "twofinger"; + }; + }; + + services.compton = { + enable = true; + backend = "glx"; + vSync = true; + }; + systemd.user.services.picom.serviceConfig.Restart = pkgs.lib.mkForce "no"; + + # xss-lock + programs.xss-lock = { + enable = true; + lockerCommand = "${pkgs.i3lock}/bin/i3lock"; + }; + + # Sway + programs.sway.enable = true; + + xdg.portal = { + enable = true; + extraPortals = [ pkgs.xdg-desktop-portal-wlr ]; + }; + + # Fonts + fonts.fonts = with pkgs; [ + fira-code + noto-fonts noto-fonts-emoji noto-fonts-extra + ]; + fonts.fontconfig = { + enable = true; + defaultFonts = { + emoji = [ "Noto Color Emoji" ]; + monospace = [ "Fira Code" ]; + sansSerif = [ "Noto Sans" ]; + }; + }; + + virtualisation.virtualbox.host.enable = true; + + users.users.joachim = { + isNormalUser = true; + home = "/home/joachim"; + shell = pkgs.fish; + extraGroups = [ "wheel" "scanner" ]; + }; + + # Yubikey PAM + security.pam.yubico = { + enable = true; + mode = "challenge-response"; + }; + + # This value determines the NixOS release with which your system is to be + # compatible, in order to avoid breaking some software such as database + # servers. You should change this only after NixOS release notes say you + # should. + system.stateVersion = "20.03"; # Did you read the comment? + +}