incorporated elements from novas config and switched to flake -- WARNING, not tested or built yet
This commit is contained in:
parent
2769723008
commit
8452ef7ea6
@ -9,8 +9,6 @@ gitignore-import-and-ignore: True
|
|||||||
# and "Contents of ..." sections
|
# and "Contents of ..." sections
|
||||||
ignore-tree-and-content:
|
ignore-tree-and-content:
|
||||||
- ".repo-to-text-settings.yaml"
|
- ".repo-to-text-settings.yaml"
|
||||||
- "documentation"
|
|
||||||
- ".git-crypt"
|
|
||||||
|
|
||||||
# Ignore files and directories for "Contents of ..." section
|
# Ignore files and directories for "Contents of ..." section
|
||||||
ignore-content:
|
ignore-content:
|
||||||
|
159
README.md
Normal file
159
README.md
Normal file
@ -0,0 +1,159 @@
|
|||||||
|
# NixOS Configuration Structure
|
||||||
|
|
||||||
|
This repository contains a NixOS configuration managed through a flake-driven approach. Each directory serves a specific purpose in the overall configuration structure.
|
||||||
|
|
||||||
|
## Directory Structure Overview
|
||||||
|
|
||||||
|
### `flake.nix`
|
||||||
|
The entry point and source of truth for the entire configuration. This file:
|
||||||
|
- Defines system configurations
|
||||||
|
- Sets up home-manager configurations
|
||||||
|
- Enables profiles
|
||||||
|
- Manages input sources
|
||||||
|
- Configures the Nix environment
|
||||||
|
|
||||||
|
### `lib/`
|
||||||
|
Library functions and utilities that power the configuration system.
|
||||||
|
|
||||||
|
- `conds.nix`: Condition checking helpers for configuration logic
|
||||||
|
- `default.nix`: Main library entry point that re-exports all functions
|
||||||
|
- `mkHome.nix`: Home-manager configuration builder
|
||||||
|
- `mkHost.nix`: NixOS host configuration builder
|
||||||
|
- `secrets.nix`: Secret management helper functions
|
||||||
|
- `utils.nix`: General utility functions used throughout the configuration
|
||||||
|
|
||||||
|
### `profiles/`
|
||||||
|
Profile definitions that enable specific sets of modules and configurations.
|
||||||
|
|
||||||
|
- `core/`: System-level profiles
|
||||||
|
- `minimal.nix`: Basic system setup
|
||||||
|
- `workstation.nix`: Desktop/laptop configuration
|
||||||
|
- `server.nix`: Server-specific setup
|
||||||
|
|
||||||
|
- `home/`: Home-manager profiles
|
||||||
|
- `desktop.nix`: Desktop environment configuration
|
||||||
|
- `development.nix`: Development tools and settings
|
||||||
|
- `gaming.nix`: Gaming-related configuration
|
||||||
|
|
||||||
|
Profiles are enabled through the flake.nix and determine which modules are activated.
|
||||||
|
|
||||||
|
### `modules/`
|
||||||
|
Module definitions that implement actual functionality. Modules are enabled by profiles.
|
||||||
|
|
||||||
|
- `core/`: System-level modules
|
||||||
|
- `age.nix`: Age encryption setup
|
||||||
|
- `desktop.nix`: Desktop environment fundamentals
|
||||||
|
- `filesystem.nix`: Filesystem configurations
|
||||||
|
- `home-manager.nix`: Home-manager integration
|
||||||
|
- `networking.nix`: Network configuration
|
||||||
|
- `nix.nix`: Nix package manager settings
|
||||||
|
- `security/`: Security-related modules
|
||||||
|
- `user.nix`: User management
|
||||||
|
- `xdg.nix`: XDG base directory support
|
||||||
|
|
||||||
|
- `home/`: Home-manager modules
|
||||||
|
- `comms/`: Communication tools
|
||||||
|
- `development/`: Development environments
|
||||||
|
- `firefox/`: Browser configuration
|
||||||
|
- `media/`: Media applications
|
||||||
|
- `terminal/`: Terminal emulators
|
||||||
|
- `theme/`: Theming configuration
|
||||||
|
- `virtualization/`: Virtualization tools
|
||||||
|
|
||||||
|
### `system/`
|
||||||
|
System-level configurations that are used by modules.
|
||||||
|
|
||||||
|
- `boot/`: Boot-related configurations
|
||||||
|
- `quietboot.nix`: Silent boot configuration
|
||||||
|
- `systemd-boot.nix`: Systemd-boot setup
|
||||||
|
|
||||||
|
- `desktop/`: Desktop environment configurations
|
||||||
|
- `appimage.nix`: AppImage support
|
||||||
|
- `plasma6.nix`: KDE Plasma 6 configuration
|
||||||
|
|
||||||
|
- `hardware/`: Hardware-specific settings
|
||||||
|
- `bluetooth.nix`: Bluetooth configuration
|
||||||
|
- `hardware-acceleration.nix`: GPU acceleration
|
||||||
|
- `qmk.nix`: QMK keyboard firmware
|
||||||
|
- `rgb.nix`: RGB lighting control
|
||||||
|
|
||||||
|
- `locales/`: Language and locale settings
|
||||||
|
- `us-english.nix`: US English locale configuration
|
||||||
|
|
||||||
|
- `services/`: System services
|
||||||
|
- `flatpak.nix`: Flatpak support
|
||||||
|
- `printing.nix`: Printer configuration
|
||||||
|
- `sunshine.nix`: Sunshine streaming
|
||||||
|
- `syncthing.nix`: Syncthing file sync
|
||||||
|
- `tailscale.nix`: Tailscale VPN
|
||||||
|
|
||||||
|
- `shell/`: Shell configurations
|
||||||
|
- `aliases.nix`: Shell aliases
|
||||||
|
- `atuin.nix`: Shell history database
|
||||||
|
- `zsh.nix`: Zsh configuration
|
||||||
|
- `tmux.nix`: Tmux terminal multiplexer
|
||||||
|
|
||||||
|
### `secrets/`
|
||||||
|
Secret management using age encryption.
|
||||||
|
|
||||||
|
- `encrypted/`: Encrypted secret files
|
||||||
|
- `identities/`: Age identities for decryption
|
||||||
|
- `users/`: User-specific secret configurations
|
||||||
|
- `${username}/`: Per-user secret definitions
|
||||||
|
|
||||||
|
### `hosts/`
|
||||||
|
Host-specific configurations created via mkHost.
|
||||||
|
|
||||||
|
- `${hostname}/`
|
||||||
|
- `hardware-configuration.nix`: Hardware-specific settings
|
||||||
|
- `default.nix`: Host-specific overrides
|
||||||
|
|
||||||
|
### `users/`
|
||||||
|
User-specific configurations created via mkHome.
|
||||||
|
|
||||||
|
- `${username}/`
|
||||||
|
- `config/`: User-specific configurations
|
||||||
|
- `dotfiles/`: User dotfiles
|
||||||
|
- `${hostname}.nix`: Host-specific user settings
|
||||||
|
|
||||||
|
### `pkgs/`
|
||||||
|
Custom package definitions and overlays.
|
||||||
|
|
||||||
|
- `default.nix`: Entry point for custom packages
|
||||||
|
- `overlays/`: Nixpkgs overlays
|
||||||
|
- `default.nix`: Main overlay entry point
|
||||||
|
- `modifications/`: Modified existing packages
|
||||||
|
- `custom/`: Custom package definitions
|
||||||
|
- `patches/`: Package patches for existing packages
|
||||||
|
|
||||||
|
The pkgs directory serves several purposes:
|
||||||
|
- Define custom packages not available in nixpkgs
|
||||||
|
- Modify existing packages from nixpkgs
|
||||||
|
- Create overlays for system-wide package modifications
|
||||||
|
- Store patches for package modifications
|
||||||
|
|
||||||
|
Package definitions here can be used throughout the configuration by:
|
||||||
|
1. Being imported through overlays in flake.nix
|
||||||
|
2. Direct reference in module configurations
|
||||||
|
3. Usage in home-manager configurations
|
||||||
|
4. Integration with development environments
|
||||||
|
|
||||||
|
## Configuration Flow
|
||||||
|
|
||||||
|
1. `flake.nix` initiates configuration
|
||||||
|
2. `lib` functions build configurations
|
||||||
|
3. Profiles enable appropriate modules
|
||||||
|
4. Modules implement functionality using system configurations
|
||||||
|
5. Secrets are applied where needed
|
||||||
|
6. Host-specific configurations override as needed
|
||||||
|
7. User configurations are applied through home-manager
|
||||||
|
|
||||||
|
## Important Notes
|
||||||
|
|
||||||
|
- Configurations should flow from the flake.nix
|
||||||
|
- Profiles should enable modules, not implement functionality
|
||||||
|
- Modules should be composable and configurable
|
||||||
|
- System configurations should be reusable
|
||||||
|
- Secrets should be managed through age/agenix
|
||||||
|
- Host configurations should only contain necessary overrides
|
||||||
|
- User configurations should be host-aware
|
@ -1,38 +0,0 @@
|
|||||||
# NixOS Steam Deck Recovery Procedures
|
|
||||||
|
|
||||||
This documentation covers recovery procedures for NixOS on Steam Deck. It was created based on real recovery scenarios and provides practical solutions for common issues.
|
|
||||||
|
|
||||||
## Quick Reference
|
|
||||||
|
|
||||||
1. Boot Issues
|
|
||||||
- [Boot Recovery Guide](./boot-recovery.md)
|
|
||||||
- Common root causes: filesystem mounts, hardware configuration
|
|
||||||
|
|
||||||
2. Network Issues
|
|
||||||
- [Network Recovery Guide](./network-recovery.md)
|
|
||||||
- Essential for rebuilding with Jovian packages
|
|
||||||
|
|
||||||
3. Filesystem Issues
|
|
||||||
- [Filesystem Troubleshooting](./filesystem-issues.md)
|
|
||||||
- Handling mount points and permissions
|
|
||||||
|
|
||||||
## Emergency Recovery Steps
|
|
||||||
|
|
||||||
1. Boot into emergency mode
|
|
||||||
2. Establish network connectivity
|
|
||||||
3. Fix configuration issues
|
|
||||||
4. Rebuild system
|
|
||||||
5. Verify and reboot
|
|
||||||
|
|
||||||
## Prevention Strategies
|
|
||||||
|
|
||||||
1. Maintain separate configurations:
|
|
||||||
- Main configuration
|
|
||||||
- Minimal fallback configuration
|
|
||||||
- Hardware-specific configuration
|
|
||||||
|
|
||||||
2. Regular backups of working configurations
|
|
||||||
|
|
||||||
3. Testing changes in VM before applying
|
|
||||||
|
|
||||||
4. Maintaining recovery tools and scripts
|
|
@ -1,19 +0,0 @@
|
|||||||
# Recovery Scripts
|
|
||||||
|
|
||||||
This directory contains scripts for automating common recovery tasks.
|
|
||||||
|
|
||||||
## Available Scripts
|
|
||||||
|
|
||||||
1. `network-recovery.sh`
|
|
||||||
- Automates network setup in emergency environment
|
|
||||||
- Handles both ethernet and wifi configurations
|
|
||||||
- Usage: `sudo ./network-recovery.sh`
|
|
||||||
|
|
||||||
## Script Development Guidelines
|
|
||||||
|
|
||||||
1. All scripts should:
|
|
||||||
- Include clear documentation
|
|
||||||
- Handle errors gracefully
|
|
||||||
- Provide status feedback
|
|
||||||
- Support both automatic and interactive modes
|
|
||||||
- Create backups before making changes
|
|
@ -1,146 +0,0 @@
|
|||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
# Colors for output
|
|
||||||
RED='\033[0;31m'
|
|
||||||
GREEN='\033[0;32m'
|
|
||||||
YELLOW='\033[1;33m'
|
|
||||||
NC='\033[0m' # No Color
|
|
||||||
|
|
||||||
# Function to print status messages
|
|
||||||
print_status() {
|
|
||||||
echo -e "${GREEN}[*]${NC} $1"
|
|
||||||
}
|
|
||||||
|
|
||||||
print_error() {
|
|
||||||
echo -e "${RED}[!]${NC} $1"
|
|
||||||
}
|
|
||||||
|
|
||||||
print_warning() {
|
|
||||||
echo -e "${YELLOW}[!]${NC} $1"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Find ethernet interface
|
|
||||||
find_interface() {
|
|
||||||
local interface=$(ip link show | grep enp | cut -d: -f2 | tr -d ' ' | head -n1)
|
|
||||||
if [ -z "$interface" ]; then
|
|
||||||
print_error "No ethernet interface found"
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
echo "$interface"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Prompt for network configuration
|
|
||||||
get_network_config() {
|
|
||||||
local default_interface=$(find_interface)
|
|
||||||
|
|
||||||
echo "Current network interfaces:"
|
|
||||||
ip link show
|
|
||||||
|
|
||||||
read -p "Enter interface name [$default_interface]: " interface
|
|
||||||
interface=${interface:-$default_interface}
|
|
||||||
|
|
||||||
read -p "Enter static IP address (e.g., 10.0.0.68): " static_ip
|
|
||||||
read -p "Enter gateway IP address (e.g., 10.0.0.1): " gateway_ip
|
|
||||||
|
|
||||||
# Validate IP addresses
|
|
||||||
if [[ ! $static_ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
|
|
||||||
print_error "Invalid static IP format"
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
if [[ ! $gateway_ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
|
|
||||||
print_error "Invalid gateway IP format"
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Configure network
|
|
||||||
setup_network() {
|
|
||||||
print_status "Setting up network interface $interface..."
|
|
||||||
|
|
||||||
# Clear any existing IP addresses
|
|
||||||
ip addr flush dev $interface
|
|
||||||
|
|
||||||
# Bring up interface
|
|
||||||
ip link set $interface up
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
print_error "Failed to bring up interface"
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
# Add IP address
|
|
||||||
ip addr add $static_ip/24 dev $interface
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
print_error "Failed to set IP address"
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
# Remove any existing default routes
|
|
||||||
ip route del default 2>/dev/null
|
|
||||||
|
|
||||||
# Add default route
|
|
||||||
ip route add default via $gateway_ip dev $interface
|
|
||||||
if [ $? -ne 0 ]; then
|
|
||||||
print_error "Failed to add default route"
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
# Configure DNS
|
|
||||||
print_status "Configuring DNS..."
|
|
||||||
echo "nameserver $gateway_ip" > /etc/resolv.conf
|
|
||||||
echo "nameserver 8.8.8.8" >> /etc/resolv.conf
|
|
||||||
echo "nameserver 8.8.4.4" >> /etc/resolv.conf
|
|
||||||
|
|
||||||
# Disable IPv6
|
|
||||||
print_status "Disabling IPv6..."
|
|
||||||
sysctl -w net.ipv6.conf.all.disable_ipv6=1
|
|
||||||
sysctl -w net.ipv6.conf.default.disable_ipv6=1
|
|
||||||
sysctl -w net.ipv6.conf.lo.disable_ipv6=1
|
|
||||||
}
|
|
||||||
|
|
||||||
# Test connectivity
|
|
||||||
test_connectivity() {
|
|
||||||
print_status "Testing connectivity..."
|
|
||||||
|
|
||||||
# Test local network
|
|
||||||
print_status "Pinging gateway..."
|
|
||||||
if ! ping -c 1 $gateway_ip >/dev/null 2>&1; then
|
|
||||||
print_error "Cannot ping gateway"
|
|
||||||
return 1
|
|
||||||
}
|
|
||||||
|
|
||||||
# Test DNS resolution
|
|
||||||
print_status "Testing DNS resolution..."
|
|
||||||
if ! ping -c 1 github.com >/dev/null 2>&1; then
|
|
||||||
print_warning "DNS resolution failed"
|
|
||||||
return 1
|
|
||||||
}
|
|
||||||
|
|
||||||
print_status "Network setup complete and functional!"
|
|
||||||
return 0
|
|
||||||
}
|
|
||||||
|
|
||||||
# Main execution
|
|
||||||
main() {
|
|
||||||
if [[ $EUID -ne 0 ]]; then
|
|
||||||
print_error "This script must be run as root"
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
print_status "NixOS Network Recovery Script"
|
|
||||||
print_status "==============================="
|
|
||||||
|
|
||||||
get_network_config
|
|
||||||
setup_network
|
|
||||||
test_connectivity
|
|
||||||
|
|
||||||
if [ $? -eq 0 ]; then
|
|
||||||
print_status "You should now be able to run nixos-rebuild"
|
|
||||||
else
|
|
||||||
print_error "Network setup completed but connectivity test failed"
|
|
||||||
print_warning "Check your network settings and try again"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Run main function
|
|
||||||
main "$@"
|
|
@ -1,51 +0,0 @@
|
|||||||
# Common Issues and Solutions
|
|
||||||
|
|
||||||
## Network Configuration Issues
|
|
||||||
|
|
||||||
### Symptoms
|
|
||||||
- Unable to fetch packages
|
|
||||||
- No internet connectivity in emergency mode
|
|
||||||
|
|
||||||
### Solution
|
|
||||||
1. Use network-recovery.sh script
|
|
||||||
2. Manual network configuration:
|
|
||||||
```bash
|
|
||||||
ip link set INTERFACE up
|
|
||||||
ip addr add IP_ADDRESS/24 dev INTERFACE
|
|
||||||
ip route add default via GATEWAY
|
|
||||||
echo "nameserver 8.8.8.8" > /etc/resolv.conf
|
|
||||||
```
|
|
||||||
|
|
||||||
## Filesystem Mount Issues
|
|
||||||
|
|
||||||
### Symptoms
|
|
||||||
- Read-only filesystem errors
|
|
||||||
- Unable to modify configuration
|
|
||||||
- Failed mounts during boot
|
|
||||||
|
|
||||||
### Solution
|
|
||||||
1. Identify problematic mounts:
|
|
||||||
```bash
|
|
||||||
mount | grep ro
|
|
||||||
lsblk -f
|
|
||||||
```
|
|
||||||
2. Remount filesystems:
|
|
||||||
```bash
|
|
||||||
mount -o remount,rw /
|
|
||||||
mount -o remount,rw /nix/store
|
|
||||||
```
|
|
||||||
3. Check/modify hardware-configuration.nix
|
|
||||||
|
|
||||||
## DBus Issues
|
|
||||||
|
|
||||||
### Symptoms
|
|
||||||
- Failed to connect to bus
|
|
||||||
- Service startup failures
|
|
||||||
|
|
||||||
### Solution
|
|
||||||
1. Setup minimal DBus environment:
|
|
||||||
```bash
|
|
||||||
mkdir -p /run/dbus
|
|
||||||
mount -t tmpfs tmpfs /run
|
|
||||||
dbus-daemon --system --fork
|
|
||||||
```
|
|
@ -1,29 +0,0 @@
|
|||||||
# Jovian NixOS Specific Issues
|
|
||||||
|
|
||||||
## Package Fetching Issues
|
|
||||||
|
|
||||||
### Symptoms
|
|
||||||
- Unable to fetch Jovian packages
|
|
||||||
- Build failures related to Jovian components
|
|
||||||
|
|
||||||
### Solution
|
|
||||||
1. Ensure network connectivity
|
|
||||||
2. Verify Jovian configuration:
|
|
||||||
```nix
|
|
||||||
jovian = {
|
|
||||||
hardware.has.amd.gpu = true;
|
|
||||||
devices.steamdeck.enable = true;
|
|
||||||
};
|
|
||||||
```
|
|
||||||
3. Check Jovian cache availability
|
|
||||||
|
|
||||||
## Hardware Detection Issues
|
|
||||||
|
|
||||||
### Symptoms
|
|
||||||
- Missing Steam Deck specific features
|
|
||||||
- Hardware not properly recognized
|
|
||||||
|
|
||||||
### Solution
|
|
||||||
1. Verify hardware configuration
|
|
||||||
2. Check kernel modules
|
|
||||||
3. Review Jovian hardware settings
|
|
59
flake.nix
59
flake.nix
@ -4,60 +4,73 @@
|
|||||||
nixConfig = {
|
nixConfig = {
|
||||||
extra-substituters = [
|
extra-substituters = [
|
||||||
"https://nix-gaming.cachix.org"
|
"https://nix-gaming.cachix.org"
|
||||||
|
"https://nix-community.cachix.org"
|
||||||
];
|
];
|
||||||
extra-trusted-public-keys = [
|
extra-trusted-public-keys = [
|
||||||
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
|
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
|
||||||
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
# Core dependencies
|
# Core dependencies
|
||||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||||
|
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.11";
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
url = "github:nix-community/home-manager";
|
url = "github:nix-community/home-manager";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# System dependencies
|
||||||
|
systems.url = "github:nix-systems/default";
|
||||||
|
|
||||||
|
# Additional tools
|
||||||
|
agenix = {
|
||||||
|
url = "github:ryantm/agenix";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
|
|
||||||
# Gaming-specific inputs
|
# Gaming-specific inputs
|
||||||
nix-gaming = {
|
nix-gaming = {
|
||||||
url = "github:fufexan/nix-gaming";
|
url = "github:fufexan/nix-gaming";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Additional tools
|
|
||||||
agenix = {
|
|
||||||
url = "github:ryantm/agenix";
|
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = { self, nixpkgs, home-manager, ... } @ inputs:
|
outputs = { self, nixpkgs, home-manager, ... } @ inputs:
|
||||||
let
|
let
|
||||||
lib = nixpkgs.lib.extend
|
lib = nixpkgs.lib.extend
|
||||||
(final: prev: import ./lib { inherit inputs self; lib = final; });
|
(final: prev: import ./lib { inherit inputs self; lib = final; });
|
||||||
in
|
|
||||||
{
|
|
||||||
nixosConfigurations = {
|
|
||||||
steamnix = lib.mkHost {
|
|
||||||
hostname = "steamnix";
|
|
||||||
username = "jeirmeister";
|
|
||||||
system = "x86_64-linux";
|
|
||||||
profiles = [ "gaming" "desktop/plasma" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
homeConfigurations = {
|
# Helper function to create specialized system configs
|
||||||
"jeirmeister@steamnix" = lib.mkHome {
|
mkSystem = hostName: system: username:
|
||||||
username = "jeirmeister";
|
lib.mkHost {
|
||||||
hostname = "steamnix";
|
inherit system username hostName;
|
||||||
|
extraModules = [
|
||||||
|
# Add your host-specific modules here
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Helper function to create home-manager configs
|
||||||
|
mkHome = username: hostName:
|
||||||
|
lib.mkHome {
|
||||||
|
inherit username hostName;
|
||||||
profiles = [ "desktop" "development" "gaming" ];
|
profiles = [ "desktop" "development" "gaming" ];
|
||||||
};
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# NixOS configurations
|
||||||
|
nixosConfigurations = {
|
||||||
|
steamnix = mkSystem "steamnix" "x86_64-linux" "jeirmeister";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Custom packages and overlays
|
# Home-manager configurations
|
||||||
overlays = import ./overlays { inherit self; };
|
homeConfigurations = {
|
||||||
|
"jeirmeister@steamnix" = mkHome "jeirmeister" "steamnix";
|
||||||
|
};
|
||||||
|
|
||||||
# Formatter
|
# Formatter configuration
|
||||||
formatter = lib.forEachSystem (system: nixpkgs.legacyPackages.${system}.nixfmt);
|
formatter = lib.forEachSystem (system: nixpkgs.legacyPackages.${system}.nixfmt);
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
77
hosts/steamnix/default.nix
Normal file
77
hosts/steamnix/default.nix
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
jovianNixosRev = "f6423d86bec22c25a576b23262495c5536b0d069";
|
||||||
|
jovianNixos = builtins.fetchTarball {
|
||||||
|
url = "https://github.com/Jovian-Experiments/Jovian-NixOS/archive/${jovianNixosRev}.tar.gz";
|
||||||
|
sha256 = "sha256:1frd1dfqd97idwf1rj29ab0wvyfa2nx2h3bp9hkbmfa1m802avmb";
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
../common
|
||||||
|
./hardware-configuration.nix
|
||||||
|
(jovianNixos + "/modules")
|
||||||
|
];
|
||||||
|
|
||||||
|
# Configure host type
|
||||||
|
hostConfigs = {
|
||||||
|
hostType = "steamdeck";
|
||||||
|
hasGaming = true;
|
||||||
|
hasVR = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# Steam Deck Specific Configuration
|
||||||
|
jovian = {
|
||||||
|
hardware.has.amd.gpu = true;
|
||||||
|
devices.steamdeck = {
|
||||||
|
enable = true;
|
||||||
|
enableControllerUdevRules = true;
|
||||||
|
enableDefaultStage1Modules = true;
|
||||||
|
enablePerfControlUdevRules = true;
|
||||||
|
enableOsFanControl = true;
|
||||||
|
enableSoundSupport = true;
|
||||||
|
enableXorgRotation = true;
|
||||||
|
enableKernelPatches = true;
|
||||||
|
enableFwupdBiosUpdates = false;
|
||||||
|
autoUpdate = false;
|
||||||
|
};
|
||||||
|
steam.enable = false;
|
||||||
|
workarounds.ignoreMissingKernelModules = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
# Hardware and Display Configuration
|
||||||
|
hardware.video = {
|
||||||
|
displaylink.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services = {
|
||||||
|
xserver = {
|
||||||
|
enable = true;
|
||||||
|
xkb.layout = "us";
|
||||||
|
videoDrivers = [ "displaylink" "modesetting" ];
|
||||||
|
|
||||||
|
desktopManager.plasma6 = {
|
||||||
|
enable = true;
|
||||||
|
extraSessionCommands = ''
|
||||||
|
${pkgs.xorg.xrandr}/bin/xrandr --setprovideroutputsource 2 0;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
displayManager = {
|
||||||
|
sddm = {
|
||||||
|
enable = true;
|
||||||
|
wayland = true;
|
||||||
|
};
|
||||||
|
sessionCommands = ''
|
||||||
|
${lib.getBin pkgs.xorg.xrandr}/bin/xrandr --setprovideroutputsource 2 0
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
pipewire = {
|
||||||
|
enable = true;
|
||||||
|
alsa.enable = true;
|
||||||
|
pulse.enable = true;
|
||||||
|
};
|
||||||
|
};
|
7
lib/conds.nix
Normal file
7
lib/conds.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
{ lib }:
|
||||||
|
{
|
||||||
|
defaultStateVersion = "24.05";
|
||||||
|
runsDesktop = config: config.modules.desktop.enable;
|
||||||
|
isWayland = config: config.modules.desktop.wayland.enable;
|
||||||
|
isX11 = config: config.modules.desktop.x11.enable;
|
||||||
|
}
|
51
lib/default.nix
Normal file
51
lib/default.nix
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
{ self, inputs, lib }:
|
||||||
|
let
|
||||||
|
# Helper functions for internal use
|
||||||
|
internals = {
|
||||||
|
sys = import inputs.systems;
|
||||||
|
# Add standard lib function sets
|
||||||
|
inherit (lib) types mkOption;
|
||||||
|
};
|
||||||
|
|
||||||
|
# Define pkgsFor before using it
|
||||||
|
pkgsFor = lib.genAttrs internals.sys (system: import inputs.nixpkgs {
|
||||||
|
inherit system;
|
||||||
|
overlays = builtins.attrValues self.overlays;
|
||||||
|
config.allowUnfree = true;
|
||||||
|
});
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# Re-export all our functions
|
||||||
|
inherit (import ./mkHost.nix { inherit self inputs lib; }) mkHost;
|
||||||
|
inherit (import ./mkHome.nix { inherit self inputs lib; }) mkHome;
|
||||||
|
inherit (import ./utils.nix { inherit lib; })
|
||||||
|
mkOpt
|
||||||
|
mkBoolOpt
|
||||||
|
enable
|
||||||
|
disable
|
||||||
|
enableIf
|
||||||
|
mkModule;
|
||||||
|
inherit (import ./conds.nix { inherit lib; })
|
||||||
|
defaultStateVersion
|
||||||
|
runsDesktop
|
||||||
|
isWayland
|
||||||
|
isX11;
|
||||||
|
inherit (import ./secrets.nix { inherit lib; })
|
||||||
|
mkSecretFile
|
||||||
|
mkSecretIdentities;
|
||||||
|
|
||||||
|
# System-wide utilities
|
||||||
|
inherit pkgsFor;
|
||||||
|
forEachSystem = fn: lib.genAttrs internals.sys (system: fn pkgsFor.${system});
|
||||||
|
|
||||||
|
# Add mkModule helper function
|
||||||
|
utilMods = {
|
||||||
|
mkModule = config: name: module:
|
||||||
|
lib.mkIf config.modules.${name}.enable module;
|
||||||
|
|
||||||
|
mkEnabledModule = config: name: module: {
|
||||||
|
options.modules.${name}.enable = lib.mkEnableOption "Enable ${name} configurations";
|
||||||
|
config = lib.mkIf config.modules.${name}.enable module;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
34
lib/mkHome.nix
Normal file
34
lib/mkHome.nix
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{ self, inputs, lib }:
|
||||||
|
let
|
||||||
|
inherit (lib) mkOption types;
|
||||||
|
in {
|
||||||
|
mkHome = { username, hostname, profiles ? [] }:
|
||||||
|
let
|
||||||
|
system = "x86_64-linux"; # You can make this configurable if needed
|
||||||
|
pkgs = import inputs.nixpkgs {
|
||||||
|
inherit system;
|
||||||
|
config.allowUnfree = true;
|
||||||
|
};
|
||||||
|
in
|
||||||
|
inputs.home-manager.lib.homeManagerConfiguration {
|
||||||
|
inherit pkgs;
|
||||||
|
|
||||||
|
extraSpecialArgs = {
|
||||||
|
inherit username hostname;
|
||||||
|
};
|
||||||
|
|
||||||
|
modules = [
|
||||||
|
# Base home-manager configuration
|
||||||
|
../users/${username}/home.nix
|
||||||
|
|
||||||
|
# Basic home configuration
|
||||||
|
{
|
||||||
|
home = {
|
||||||
|
inherit username;
|
||||||
|
homeDirectory = "/home/${username}";
|
||||||
|
stateVersion = "24.05";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
] ++ (map (profile: ../profiles/${profile}) profiles);
|
||||||
|
};
|
||||||
|
}
|
50
lib/mkHost.nix
Normal file
50
lib/mkHost.nix
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
{ self, inputs, lib }:
|
||||||
|
let
|
||||||
|
inherit (lib) mkOption types;
|
||||||
|
in {
|
||||||
|
mkHost = { hostname, username, system ? "x86_64-linux", profiles ? [] }:
|
||||||
|
let
|
||||||
|
pkgs = import inputs.nixpkgs {
|
||||||
|
inherit system;
|
||||||
|
config.allowUnfree = true;
|
||||||
|
};
|
||||||
|
in
|
||||||
|
inputs.nixpkgs.lib.nixosSystem {
|
||||||
|
inherit system;
|
||||||
|
|
||||||
|
specialArgs = {
|
||||||
|
inherit inputs self hostname username;
|
||||||
|
};
|
||||||
|
|
||||||
|
modules = [
|
||||||
|
# Include host-specific configuration
|
||||||
|
../hosts/${hostname}/configuration.nix
|
||||||
|
|
||||||
|
# Include home-manager as a module
|
||||||
|
inputs.home-manager.nixosModules.home-manager
|
||||||
|
{
|
||||||
|
home-manager = {
|
||||||
|
useGlobalPkgs = true;
|
||||||
|
useUserPackages = true;
|
||||||
|
extraSpecialArgs = {
|
||||||
|
inherit username hostname;
|
||||||
|
};
|
||||||
|
users.${username} = {
|
||||||
|
imports = [
|
||||||
|
../users/${username}/home.nix
|
||||||
|
] ++ (map (profile: ../profiles/${profile}) profiles);
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
# Basic system configuration
|
||||||
|
{
|
||||||
|
networking.hostName = hostname;
|
||||||
|
system.stateVersion = "24.05";
|
||||||
|
|
||||||
|
# Allow unfree packages
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
15
lib/secrets.nix
Normal file
15
lib/secrets.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{ lib }:
|
||||||
|
let
|
||||||
|
internals.agePath = ../secrets;
|
||||||
|
in {
|
||||||
|
mkSecretFile = { user, source, destination ? null, owner ? null, group ? null }:
|
||||||
|
lib.filterAttrs (n: v: v != null) {
|
||||||
|
file = lib.path.append (internals.agePath + "/${user}") source;
|
||||||
|
path = destination;
|
||||||
|
inherit owner group;
|
||||||
|
};
|
||||||
|
|
||||||
|
mkSecretIdentities = identity:
|
||||||
|
lib.lists.forEach identity (x:
|
||||||
|
lib.path.append (internals.agePath + "/identities") x);
|
||||||
|
}
|
37
lib/utils.nix
Normal file
37
lib/utils.nix
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
{ lib }:
|
||||||
|
let
|
||||||
|
# Helper functions
|
||||||
|
mkEnableAttrs = value: elems: builtins.listToAttrs (map
|
||||||
|
(name: {
|
||||||
|
inherit name;
|
||||||
|
value.enable = value;
|
||||||
|
})
|
||||||
|
elems);
|
||||||
|
in
|
||||||
|
{
|
||||||
|
# Option helpers
|
||||||
|
mkOpt = type: default: lib.mkOption { inherit type default; };
|
||||||
|
mkBoolOpt = default: lib.mkOption { type = lib.types.bool; inherit default; };
|
||||||
|
|
||||||
|
# Module management
|
||||||
|
mkModule = config: name: module:
|
||||||
|
lib.mkIf config.modules.${name}.enable module;
|
||||||
|
|
||||||
|
enable = elems: mkEnableAttrs true elems;
|
||||||
|
disable = elems: mkEnableAttrs false elems;
|
||||||
|
enableIf = cond: elems: if cond then (mkEnableAttrs true elems) else (mkEnableAttrs false elems);
|
||||||
|
|
||||||
|
# Import helpers
|
||||||
|
concatImports = { paths ? [ ], include ? [ ], exclude ? [ ] }:
|
||||||
|
let
|
||||||
|
isExcluded = path: builtins.elem path exclude;
|
||||||
|
validPath = path: lib.pathExists path && !isExcluded path;
|
||||||
|
in
|
||||||
|
lib.flatten (map
|
||||||
|
(path:
|
||||||
|
if validPath path
|
||||||
|
then path
|
||||||
|
else [ ]
|
||||||
|
)
|
||||||
|
(paths ++ include));
|
||||||
|
}
|
@ -1,8 +1,9 @@
|
|||||||
{ config, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./gpg.nix
|
./gpg.nix
|
||||||
./ssh.nix
|
./ssh.nix
|
||||||
|
./hardening.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
@ -1,20 +1,9 @@
|
|||||||
{ lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
lib.utilMods.mkModule config "security.gpg" {
|
||||||
programs.gpg = {
|
programs.gpg = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
# Your default key
|
|
||||||
default-key = "0x33A40DF62D35C4A7";
|
|
||||||
|
|
||||||
# Key server settings
|
|
||||||
keyserver = "hkps://keys.openpgp.org";
|
|
||||||
keyserver-options = "auto-key-retrieve no-honor-keyserver-url";
|
|
||||||
|
|
||||||
# Trust model settings
|
|
||||||
trust-model = "tofu+pgp";
|
|
||||||
tofu-default-policy = "auto";
|
|
||||||
|
|
||||||
# Modern cipher preferences
|
# Modern cipher preferences
|
||||||
personal-cipher-preferences = "AES256 AES192 AES";
|
personal-cipher-preferences = "AES256 AES192 AES";
|
||||||
personal-digest-preferences = "SHA512 SHA384 SHA256";
|
personal-digest-preferences = "SHA512 SHA384 SHA256";
|
||||||
@ -37,18 +26,15 @@
|
|||||||
enableSshSupport = true;
|
enableSshSupport = true;
|
||||||
defaultCacheTtl = 1800;
|
defaultCacheTtl = 1800;
|
||||||
maxCacheTtl = 7200;
|
maxCacheTtl = 7200;
|
||||||
pinentryPackage = pkgs.pinentry-qt;
|
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
allow-preset-passphrase
|
allow-preset-passphrase
|
||||||
allow-loopback-pinentry
|
allow-loopback-pinentry
|
||||||
enable-ssh-support
|
enable-ssh-support
|
||||||
write-env-file
|
write-env-file
|
||||||
default-cache-ttl-ssh 1800
|
|
||||||
max-cache-ttl-ssh 7200
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
# Fix GPG home directory permissions
|
# Ensure proper GPG directory permissions on activation
|
||||||
home.activation.fixGpgPerms = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
|
home.activation.fixGpgPerms = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
|
||||||
if [ -d "$HOME/.gnupg" ]; then
|
if [ -d "$HOME/.gnupg" ]; then
|
||||||
chmod 700 "$HOME/.gnupg"
|
chmod 700 "$HOME/.gnupg"
|
||||||
@ -56,16 +42,4 @@
|
|||||||
find "$HOME/.gnupg" -type d -exec chmod 700 {} \;
|
find "$HOME/.gnupg" -type d -exec chmod 700 {} \;
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# Make sure we have the right packages
|
|
||||||
home.packages = with pkgs; [
|
|
||||||
gnupg
|
|
||||||
pinentry-qt
|
|
||||||
pgpdump # Analyze PGP/GPG keys and packets
|
|
||||||
|
|
||||||
# Future secret management tools
|
|
||||||
sops # Simple encryption tool
|
|
||||||
age # Modern encryption tool (required for agenix)
|
|
||||||
ssh-to-age # Convert SSH keys to age keys
|
|
||||||
];
|
|
||||||
}
|
}
|
53
modules/core/_security/hardening.nix
Normal file
53
modules/core/_security/hardening.nix
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
{ config, lib, ... }:
|
||||||
|
|
||||||
|
lib.utilMods.mkModule config "security.hardening" {
|
||||||
|
# TCP hardening from your original config
|
||||||
|
boot.kernelModules = [ "tcp_bbr" ];
|
||||||
|
boot.kernel.sysctl = {
|
||||||
|
# Prevent bogus ICMP errors from filling up logs
|
||||||
|
"net.ipv4.icmp_ignore_bogus_error_responses" = 1;
|
||||||
|
# Reverse path filtering for IP spoofing mitigation
|
||||||
|
"net.ipv4.conf.default.rp_filter" = 1;
|
||||||
|
"net.ipv4.conf.all.rp_filter" = 1;
|
||||||
|
# Disable IP source routing (we're not a router)
|
||||||
|
"net.ipv4.conf.all.accept_source_route" = 0;
|
||||||
|
"net.ipv6.conf.all.accept_source_route" = 0;
|
||||||
|
# Disable ICMP redirects
|
||||||
|
"net.ipv4.conf.all.send_redirects" = 0;
|
||||||
|
"net.ipv4.conf.default.send_redirects" = 0;
|
||||||
|
# MITM mitigations
|
||||||
|
"net.ipv4.conf.all.accept_redirects" = 0;
|
||||||
|
"net.ipv4.conf.default.accept_redirects" = 0;
|
||||||
|
"net.ipv4.conf.all.secure_redirects" = 0;
|
||||||
|
"net.ipv4.conf.default.secure_redirects" = 0;
|
||||||
|
"net.ipv6.conf.all.accept_redirects" = 0;
|
||||||
|
"net.ipv6.conf.default.accept_redirects" = 0;
|
||||||
|
# SYN flood protection
|
||||||
|
"net.ipv4.tcp_syncookies" = 1;
|
||||||
|
# TIME-WAIT assassination protection
|
||||||
|
"net.ipv4.tcp_rfc1337" = 1;
|
||||||
|
|
||||||
|
## TCP optimization
|
||||||
|
# Enable TCP Fast Open
|
||||||
|
"net.ipv4.tcp_fastopen" = 3;
|
||||||
|
# Bufferbloat mitigations
|
||||||
|
"net.ipv4.tcp_congestion_control" = "bbr";
|
||||||
|
"net.core.default_qdisc" = "cake";
|
||||||
|
};
|
||||||
|
|
||||||
|
# Make /tmp volatile
|
||||||
|
boot.tmp.cleanOnBoot = true;
|
||||||
|
|
||||||
|
# Basic security settings
|
||||||
|
security = {
|
||||||
|
# Prevent replacing the running kernel image
|
||||||
|
protectKernelImage = true;
|
||||||
|
# Allow terminal users to execute programs
|
||||||
|
pam.loginLimits = [{
|
||||||
|
domain = "@users";
|
||||||
|
item = "nofile";
|
||||||
|
type = "soft";
|
||||||
|
value = 4096;
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
}
|
38
modules/core/_security/ssh.nix
Normal file
38
modules/core/_security/ssh.nix
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
lib.utilMods.mkModule config "security.ssh" {
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
# Security hardening
|
||||||
|
PasswordAuthentication = false;
|
||||||
|
PermitRootLogin = "no";
|
||||||
|
# Automatically remove stale sockets
|
||||||
|
StreamLocalBindUnlink = "yes";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.ssh = {
|
||||||
|
startAgent = true;
|
||||||
|
extraConfig = ''
|
||||||
|
AddKeysToAgent yes
|
||||||
|
UseKeychain yes
|
||||||
|
IdentitiesOnly yes
|
||||||
|
HashKnownHosts yes
|
||||||
|
'';
|
||||||
|
|
||||||
|
# For better security
|
||||||
|
serverAliveInterval = 60;
|
||||||
|
serverAliveCountMax = 2;
|
||||||
|
};
|
||||||
|
|
||||||
|
# Ensure SSH directory exists with correct permissions
|
||||||
|
home.file.".ssh/.keep".text = "";
|
||||||
|
home.activation.sshPermissions = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
|
||||||
|
chmod 700 ~/.ssh
|
||||||
|
if [ -f ~/.ssh/id_ed25519 ]; then
|
||||||
|
chmod 600 ~/.ssh/id_ed25519
|
||||||
|
chmod 644 ~/.ssh/id_ed25519.pub
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
}
|
66
modules/core/age.nix
Normal file
66
modules/core/age.nix
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.variables;
|
||||||
|
pcscdCfg = pkgs.writeText "reader.conf" "";
|
||||||
|
pcscdPkg = pkgs.pcsclite;
|
||||||
|
pcscdPluginEnv = pkgs.buildEnv {
|
||||||
|
name = "pcscd-plugins";
|
||||||
|
paths = map (p: "${p}/pcsc/drivers") [pkgs.ccid];
|
||||||
|
};
|
||||||
|
in
|
||||||
|
{imports = with inputs; [agenix.nixosModules.default];}
|
||||||
|
// {
|
||||||
|
options.variables.userIdentityPaths = lib.mkOption {
|
||||||
|
default = [];
|
||||||
|
type = lib.types.listOf lib.types.path;
|
||||||
|
description = "List of secret identity paths for the user";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkMerge [
|
||||||
|
(lib.mkIf (cfg.userIdentityPaths != []) {
|
||||||
|
age.identityPaths = lib.mkOptionDefault cfg.userIdentityPaths;
|
||||||
|
hm.age.identityPaths = lib.mkOptionDefault cfg.userIdentityPaths;
|
||||||
|
})
|
||||||
|
|
||||||
|
{
|
||||||
|
home-manager.sharedModules = with inputs; [
|
||||||
|
agenix.homeManagerModules.default
|
||||||
|
];
|
||||||
|
environment.systemPackages = with pkgs; [agenix age age-plugin-yubikey];
|
||||||
|
|
||||||
|
age.ageBin = "PATH=$PATH:${lib.makeBinPath [pkgs.age-plugin-yubikey]} ${pkgs.age}/bin/age";
|
||||||
|
|
||||||
|
services.pcscd.enable = lib.mkForce true;
|
||||||
|
# TODO: Figure out why this is broken
|
||||||
|
#systemd.services.pcscd.serviceConfig.ExecStart = mkForce [
|
||||||
|
# "${pcscdPkg}/bin/pcscd -f -c ${pcscdCfg}"
|
||||||
|
#];
|
||||||
|
|
||||||
|
# HACK: Start pcscd before decrypting secrets
|
||||||
|
boot.initrd.systemd = {
|
||||||
|
enable = lib.mkDefault true;
|
||||||
|
packages = [(lib.getBin pcscdPkg)];
|
||||||
|
storePaths = [
|
||||||
|
"${pcscdPkg}/bin/pcscd"
|
||||||
|
"${pcscdCfg}"
|
||||||
|
"${pcscdPluginEnv}"
|
||||||
|
];
|
||||||
|
|
||||||
|
sockets.pcscd.wantedBy = ["sockets.target"];
|
||||||
|
services.pcscd = {
|
||||||
|
environment.PCSCLITE_HP_DROPDIR = pcscdPluginEnv;
|
||||||
|
after = ["rollback.service"];
|
||||||
|
serviceConfig.ExecStart = [
|
||||||
|
""
|
||||||
|
"${pcscdPkg}/bin/pcscd -f -c ${pcscdCfg}"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
26
modules/core/default.nix
Normal file
26
modules/core/default.nix
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
options.modules = {
|
||||||
|
core = lib.mkOption {
|
||||||
|
type = lib.types.submodule {
|
||||||
|
options = {
|
||||||
|
profile = lib.mkOption {
|
||||||
|
type = lib.types.enum [ "minimal" "workstation" "server" ];
|
||||||
|
default = "minimal";
|
||||||
|
description = "The core profile to use for this system";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
# Import the selected profile
|
||||||
|
imports = [ ../profiles/core/${config.modules.core.profile}.nix ];
|
||||||
|
|
||||||
|
# Common core settings that apply to all profiles
|
||||||
|
nix.settings.auto-optimise-store = true;
|
||||||
|
boot.tmp.cleanOnBoot = true;
|
||||||
|
};
|
||||||
|
}
|
144
modules/core/desktop.nix
Normal file
144
modules/core/desktop.nix
Normal file
@ -0,0 +1,144 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.modules.desktop;
|
||||||
|
waylandEnv = {
|
||||||
|
NIXOS_OZONE_WL = "1";
|
||||||
|
MOZ_ENABLE_WAYLAND = "1";
|
||||||
|
GDK_BACKEND = "wayland,x11";
|
||||||
|
SDL_VIDEODRIVER = "x11";
|
||||||
|
CLUTTER_BACKEND = "wayland";
|
||||||
|
# QT_QPA_PLATFORM = "wayland";
|
||||||
|
# LIBSEAT_BACKEND = "logind";
|
||||||
|
XDG_SESSION_TYPE = "wayland";
|
||||||
|
#WLR_NO_HARDWARE_CURSORS = "1";
|
||||||
|
# _JAVA_AWT_WM_NONREPARENTING = "1";
|
||||||
|
# GDK_SCALE = "2";
|
||||||
|
# ELECTRON_OZONE_PLATFORM_HINT = "wayland";
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
options.modules.desktop = {
|
||||||
|
enable = lib.mkEnableOption "Enable desktop configurations";
|
||||||
|
x11.enable = lib.mkEnableOption "Enable X11 integration" // {default = true;};
|
||||||
|
wayland.enable = lib.mkEnableOption "Enable wayland integration";
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf cfg.enable (lib.mkMerge [
|
||||||
|
# X11 Configs
|
||||||
|
(lib.mkIf cfg.x11.enable {
|
||||||
|
# Enable the X11 windowing system.
|
||||||
|
services.xserver = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
# Configure keymap in X11
|
||||||
|
xkb = {
|
||||||
|
layout = "us";
|
||||||
|
variant = "";
|
||||||
|
options = "terminate:ctrl_alt_bksp,caps:ctrl_modifier";
|
||||||
|
};
|
||||||
|
|
||||||
|
# Remove xterm terminal
|
||||||
|
excludePackages = with pkgs; [xterm];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Install installation
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
# X11
|
||||||
|
xorg.xkbutils
|
||||||
|
xorg.xkill
|
||||||
|
xorg.libxcb
|
||||||
|
];
|
||||||
|
})
|
||||||
|
# Wayland Configs
|
||||||
|
(lib.mkIf cfg.wayland.enable {
|
||||||
|
environment = {
|
||||||
|
# NOTE This will break stuff if there is a non-wayland user on the same machine,
|
||||||
|
# but application launchers need this.
|
||||||
|
sessionVariables = waylandEnv;
|
||||||
|
# Install necessary wayland protocol packages
|
||||||
|
systemPackages = with pkgs; [
|
||||||
|
#xorg.xeyes
|
||||||
|
kdePackages.xwaylandvideobridge
|
||||||
|
libsForQt5.qt5.qtwayland
|
||||||
|
qt6.qtwayland
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
hm.home.sessionVariables = waylandEnv;
|
||||||
|
})
|
||||||
|
|
||||||
|
# Common
|
||||||
|
{
|
||||||
|
modules.fonts.enable = true;
|
||||||
|
services = {
|
||||||
|
# Enable touchpad support
|
||||||
|
libinput.enable = true;
|
||||||
|
# Enable color management service
|
||||||
|
colord.enable = true;
|
||||||
|
# Enable pipewire
|
||||||
|
pipewire = {
|
||||||
|
enable = true;
|
||||||
|
alsa = {
|
||||||
|
enable = true;
|
||||||
|
support32Bit = true;
|
||||||
|
};
|
||||||
|
pulse.enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
#Notifications
|
||||||
|
libnotify
|
||||||
|
|
||||||
|
#PDF
|
||||||
|
poppler
|
||||||
|
|
||||||
|
# Enable guestures for touchpad
|
||||||
|
libinput-gestures
|
||||||
|
# Install audio configuration tools (Especially important for VR)
|
||||||
|
pavucontrol
|
||||||
|
pulseaudio
|
||||||
|
];
|
||||||
|
|
||||||
|
# Enable the RealtimeKit system service
|
||||||
|
security.rtkit.enable = true;
|
||||||
|
|
||||||
|
# Disable PulseAudio
|
||||||
|
hardware.pulseaudio.enable = lib.mkForce false;
|
||||||
|
|
||||||
|
# Enable networking
|
||||||
|
networking.networkmanager.enable = true;
|
||||||
|
|
||||||
|
# Enable for GTK
|
||||||
|
programs.dconf.enable = true;
|
||||||
|
|
||||||
|
xdg.portal = {
|
||||||
|
enable = true;
|
||||||
|
xdgOpenUsePortal = true;
|
||||||
|
wlr.enable = true;
|
||||||
|
extraPortals = with pkgs; [xdg-desktop-portal-gtk];
|
||||||
|
};
|
||||||
|
|
||||||
|
hm.xdg = {
|
||||||
|
/*
|
||||||
|
portal = {
|
||||||
|
enable = true;
|
||||||
|
xdgOpenUsePortal = true;
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
# Don't generate config at the usual place.
|
||||||
|
# Allow desktop applications to write their file association
|
||||||
|
# preferences to this file.
|
||||||
|
configFile."mimeapps.list".enable = false;
|
||||||
|
# Home-manager also writes xdg-mime-apps configuration to the
|
||||||
|
# "deprecated" location. Desktop applications will look in this
|
||||||
|
# list for associations, if no association was found in the
|
||||||
|
# previous config file.
|
||||||
|
dataFile."applications/mimeapps.list".force = true;
|
||||||
|
mimeApps.enable = true;
|
||||||
|
};
|
||||||
|
}
|
||||||
|
]);
|
||||||
|
}
|
24
modules/core/filesystem.nix
Executable file
24
modules/core/filesystem.nix
Executable file
@ -0,0 +1,24 @@
|
|||||||
|
{pkgs, ...}: {
|
||||||
|
services.usbmuxd.enable = true;
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
libimobiledevice
|
||||||
|
ifuse # optional, to mount using 'ifuse'
|
||||||
|
gvfs
|
||||||
|
usbmuxd
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.supportedFilesystems = [
|
||||||
|
"btrfs"
|
||||||
|
"ext2"
|
||||||
|
"ext3"
|
||||||
|
"ext4"
|
||||||
|
"exfat"
|
||||||
|
"f2fs"
|
||||||
|
"fat8"
|
||||||
|
"fat16"
|
||||||
|
"fat32"
|
||||||
|
"ntfs"
|
||||||
|
"xfs"
|
||||||
|
];
|
||||||
|
}
|
108
modules/core/home-manager.nix
Normal file
108
modules/core/home-manager.nix
Normal file
@ -0,0 +1,108 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
self,
|
||||||
|
inputs,
|
||||||
|
stateVersion,
|
||||||
|
hostname,
|
||||||
|
username,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
hm-config = config.hm;
|
||||||
|
activationScript = let
|
||||||
|
commands = builtins.concatStringsSep "\n" (
|
||||||
|
map (file: ''rm -fv "${file}" && echo Deleted "${file}"'') hm-config.nukeFiles
|
||||||
|
);
|
||||||
|
in ''
|
||||||
|
#!/run/current-system/sw/bin/bash
|
||||||
|
set -o errexit
|
||||||
|
set -o nounset
|
||||||
|
|
||||||
|
echo "[home-nuker] Nuking files so Home Manager can get its will"
|
||||||
|
|
||||||
|
${commands}
|
||||||
|
'';
|
||||||
|
in
|
||||||
|
{
|
||||||
|
imports = with inputs; [
|
||||||
|
home-manager.nixosModules.home-manager
|
||||||
|
# Let us use hm as shorthand for home-manager config
|
||||||
|
(lib.mkAliasOptionModule ["hm"] ["home-manager" "users" username])
|
||||||
|
];
|
||||||
|
}
|
||||||
|
// lib.utilMods.mkEnabledModule config "core.homeManager" {
|
||||||
|
# Home file nuking script that deletes stuff just before we run home-manager's activation scripts
|
||||||
|
system.userActivationScripts.home-conflict-file-nuker = lib.mkIf (hm-config.nukeFiles != []) activationScript;
|
||||||
|
|
||||||
|
home-manager = {
|
||||||
|
useGlobalPkgs = true;
|
||||||
|
useUserPackages = true;
|
||||||
|
extraSpecialArgs = {inherit self inputs stateVersion hostname username;};
|
||||||
|
backupFileExtension = ".bak";
|
||||||
|
sharedModules = with inputs;
|
||||||
|
[
|
||||||
|
#agenix.homeManagerModules.default
|
||||||
|
nix-index-database.hmModules.nix-index
|
||||||
|
plasma-manager.homeManagerModules.plasma-manager
|
||||||
|
#stylix.homeManagerModules.stylix
|
||||||
|
]
|
||||||
|
# Import modules specific and user configs for home-manager
|
||||||
|
# TODO: Maybe make ./config in users be available to NixOS too and just pass any Home-Manager configs via hm?
|
||||||
|
++ lib.utils.concatImports {
|
||||||
|
paths = [
|
||||||
|
../home
|
||||||
|
../../users/${username}/config
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Import specific stuff for the user
|
||||||
|
users.${username} = import ../../users/${username}/${config.networking.hostName}.nix;
|
||||||
|
};
|
||||||
|
|
||||||
|
hm = {
|
||||||
|
nix.settings = config.nix.settings;
|
||||||
|
|
||||||
|
programs = {
|
||||||
|
home-manager.enable = true;
|
||||||
|
emacs.enable = lib.mkDefault true;
|
||||||
|
git.enable = lib.mkDefault true;
|
||||||
|
ssh.enable = lib.mkDefault true;
|
||||||
|
gpg.enable = lib.mkDefault true;
|
||||||
|
};
|
||||||
|
|
||||||
|
home = {
|
||||||
|
inherit username stateVersion;
|
||||||
|
inherit (config.variables.user) homeDirectory;
|
||||||
|
preferXdgDirectories = true;
|
||||||
|
|
||||||
|
sessionVariables = {
|
||||||
|
FLAKE = "${hm-config.home.homeDirectory}/Documents/NixConfig";
|
||||||
|
XDG_BIN_HOME = "${hm-config.home.homeDirectory}/.local/bin";
|
||||||
|
|
||||||
|
ANDROID_USER_HOME = "${hm-config.xdg.dataHome}/android";
|
||||||
|
CUDA_CACHE_PATH = "${hm-config.xdg.cacheHome}/nv";
|
||||||
|
TLDR_CACHE_DIR = "${hm-config.xdg.cacheHome}/tldr";
|
||||||
|
};
|
||||||
|
sessionPath = ["${hm-config.home.sessionVariables.XDG_BIN_HOME}"];
|
||||||
|
shellAliases.wget = ''wget --hsts-file="${hm-config.xdg.dataHome}/wget-hsts"'';
|
||||||
|
};
|
||||||
|
|
||||||
|
# (De)activate wanted systemd units when changing configs
|
||||||
|
systemd.user.startServices = "sd-switch";
|
||||||
|
|
||||||
|
# Enable HTML help page
|
||||||
|
manual.html.enable = true;
|
||||||
|
|
||||||
|
news.display = "silent";
|
||||||
|
|
||||||
|
# Make sure XDG is enabled
|
||||||
|
xdg.enable = true;
|
||||||
|
|
||||||
|
xresources.path = lib.mkForce "${hm-config.xdg.configHome}/.Xresources";
|
||||||
|
|
||||||
|
gtk = {
|
||||||
|
enable = true;
|
||||||
|
gtk2.configLocation = lib.mkForce "${hm-config.xdg.configHome}/gtk-2.0/gtkrc";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
194
modules/core/ld.nix
Normal file
194
modules/core/ld.nix
Normal file
@ -0,0 +1,194 @@
|
|||||||
|
# Taken from https://github.com/ywmaa/dotfiles/blob/main/nix-config/dynamic_binaries_support.nix
|
||||||
|
{pkgs, ...}: {
|
||||||
|
# allow running binaries
|
||||||
|
services.envfs.enable = true;
|
||||||
|
programs.nix-ld.enable = true;
|
||||||
|
programs.nix-ld.libraries = with pkgs; [
|
||||||
|
# Needed for operating system detection until
|
||||||
|
# https://github.com/ValveSoftware/steam-for-linux/issues/5909 is resolved
|
||||||
|
lsb-release
|
||||||
|
# Errors in output without those
|
||||||
|
pciutils
|
||||||
|
# Games' dependencies
|
||||||
|
xorg.xrandr
|
||||||
|
which
|
||||||
|
# Needed by gdialog, including in the steam-runtime
|
||||||
|
perl
|
||||||
|
# Open URLs
|
||||||
|
xdg-utils
|
||||||
|
iana-etc
|
||||||
|
# Steam Play / Proton
|
||||||
|
python3
|
||||||
|
|
||||||
|
# It tries to execute xdg-user-dir and spams the log with command not founds
|
||||||
|
xdg-user-dirs
|
||||||
|
|
||||||
|
# electron based launchers need newer versions of these libraries than what runtime provides
|
||||||
|
sqlite
|
||||||
|
# Godot + Blender
|
||||||
|
stdenv.cc.cc
|
||||||
|
# Blender
|
||||||
|
libdecor
|
||||||
|
# Godot Engine
|
||||||
|
libunwind
|
||||||
|
# Others
|
||||||
|
xorg.libXcomposite
|
||||||
|
xorg.libXtst
|
||||||
|
xorg.libXrandr
|
||||||
|
xorg.libXext
|
||||||
|
xorg.libX11
|
||||||
|
xorg.libXfixes
|
||||||
|
xorg.libxkbfile
|
||||||
|
libGL
|
||||||
|
libva
|
||||||
|
libva-utils
|
||||||
|
#pipewire.lib
|
||||||
|
ocamlPackages.alsa
|
||||||
|
alsa-lib
|
||||||
|
libpulseaudio
|
||||||
|
# steamwebhelper
|
||||||
|
harfbuzz
|
||||||
|
libthai
|
||||||
|
pango
|
||||||
|
brotli
|
||||||
|
fuse3
|
||||||
|
icu
|
||||||
|
libglvnd
|
||||||
|
libnotify
|
||||||
|
libxml2
|
||||||
|
openssl
|
||||||
|
pipewire
|
||||||
|
pulseaudio
|
||||||
|
systemd
|
||||||
|
x264
|
||||||
|
libplist
|
||||||
|
|
||||||
|
lsof # friends options won't display "Launch Game" without it
|
||||||
|
file # called by steam's setup.sh
|
||||||
|
|
||||||
|
# dependencies for mesa drivers, needed inside pressure-vessel
|
||||||
|
mesa
|
||||||
|
mesa.llvmPackages.llvm.lib
|
||||||
|
vulkan-loader
|
||||||
|
expat
|
||||||
|
wayland
|
||||||
|
xorg.libxcb
|
||||||
|
xorg.libXdamage
|
||||||
|
xorg.libxshmfence
|
||||||
|
xorg.libXxf86vm
|
||||||
|
libelf
|
||||||
|
(lib.getLib elfutils)
|
||||||
|
|
||||||
|
# Without these it silently fails
|
||||||
|
xorg.libXinerama
|
||||||
|
xorg.libXcursor
|
||||||
|
xorg.libXrender
|
||||||
|
xorg.libXScrnSaver
|
||||||
|
xorg.libXi
|
||||||
|
xorg.libSM
|
||||||
|
xorg.libICE
|
||||||
|
gnome2.GConf
|
||||||
|
curlWithGnuTls
|
||||||
|
nspr
|
||||||
|
nss
|
||||||
|
cups
|
||||||
|
libcap
|
||||||
|
SDL2
|
||||||
|
libusb1
|
||||||
|
dbus
|
||||||
|
dbus-glib
|
||||||
|
gsettings-desktop-schemas
|
||||||
|
ffmpeg
|
||||||
|
libudev0-shim
|
||||||
|
|
||||||
|
# Verified games requirements
|
||||||
|
fontconfig
|
||||||
|
freetype
|
||||||
|
xorg.libXt
|
||||||
|
xorg.libXmu
|
||||||
|
libogg
|
||||||
|
libvorbis
|
||||||
|
SDL
|
||||||
|
SDL2_image
|
||||||
|
glew110
|
||||||
|
libidn
|
||||||
|
tbb
|
||||||
|
zlib
|
||||||
|
|
||||||
|
# SteamVR
|
||||||
|
procps
|
||||||
|
usbutils
|
||||||
|
udev
|
||||||
|
|
||||||
|
# Other things from runtime
|
||||||
|
glib
|
||||||
|
gtk2
|
||||||
|
gtk3
|
||||||
|
bzip2
|
||||||
|
flac
|
||||||
|
freeglut
|
||||||
|
libjpeg
|
||||||
|
libpng
|
||||||
|
libpng12
|
||||||
|
libsamplerate
|
||||||
|
libmikmod
|
||||||
|
libtheora
|
||||||
|
libtiff
|
||||||
|
pixman
|
||||||
|
speex
|
||||||
|
SDL_image
|
||||||
|
SDL_ttf
|
||||||
|
SDL_mixer
|
||||||
|
SDL2_ttf
|
||||||
|
SDL2_mixer
|
||||||
|
libappindicator-gtk2
|
||||||
|
libappindicator-gtk3
|
||||||
|
libdbusmenu-gtk2
|
||||||
|
libindicator-gtk2
|
||||||
|
libcaca
|
||||||
|
libcanberra
|
||||||
|
libgcrypt
|
||||||
|
libvpx
|
||||||
|
librsvg
|
||||||
|
xorg.libXft
|
||||||
|
libvdpau
|
||||||
|
|
||||||
|
# required by coreutils stuff to run correctly
|
||||||
|
# Steam ends up with LD_LIBRARY_PATH=<bunch of runtime stuff>:/usr/lib:<etc>
|
||||||
|
# which overrides DT_RUNPATH in our binaries, so it tries to dynload the
|
||||||
|
# very old versions of stuff from the runtime.
|
||||||
|
# FIXME: how do we even fix this correctly
|
||||||
|
attr
|
||||||
|
|
||||||
|
# Not formally in runtime but needed by some games
|
||||||
|
at-spi2-atk
|
||||||
|
at-spi2-core # CrossCode
|
||||||
|
gst_all_1.gstreamer
|
||||||
|
gst_all_1.gst-plugins-ugly
|
||||||
|
gst_all_1.gst-plugins-base
|
||||||
|
json-glib # paradox launcher (Stellaris)
|
||||||
|
libdrm
|
||||||
|
libxkbcommon # paradox launcher
|
||||||
|
libxcrypt # Alien Isolation, XCOM 2, Company of Heroes 2
|
||||||
|
mono
|
||||||
|
xorg.xkeyboardconfig
|
||||||
|
xorg.libpciaccess
|
||||||
|
icu # dotnet runtime, e.g. Stardew Valley
|
||||||
|
|
||||||
|
# screeps dependencies
|
||||||
|
atk
|
||||||
|
cairo
|
||||||
|
gdk-pixbuf
|
||||||
|
|
||||||
|
# Prison Architect
|
||||||
|
libGLU
|
||||||
|
libuuid
|
||||||
|
libbsd
|
||||||
|
|
||||||
|
# Loop Hero
|
||||||
|
libidn2
|
||||||
|
libpsl
|
||||||
|
nghttp2.lib
|
||||||
|
rtmpdump
|
||||||
|
];
|
||||||
|
}
|
18
modules/core/networking.nix
Normal file
18
modules/core/networking.nix
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
_: {
|
||||||
|
networking.firewall.enable = true;
|
||||||
|
systemd.network.wait-online.enable = false;
|
||||||
|
systemd.services.NetworkManager-wait-online.enable = false;
|
||||||
|
|
||||||
|
# Enable mDNS
|
||||||
|
services.avahi = {
|
||||||
|
enable = true;
|
||||||
|
nssmdns4 = true;
|
||||||
|
# for a WiFi printer
|
||||||
|
openFirewall = true;
|
||||||
|
# Make user systemd service work with avahi
|
||||||
|
publish = {
|
||||||
|
enable = true;
|
||||||
|
userServices = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
83
modules/core/nix.nix
Normal file
83
modules/core/nix.nix
Normal file
@ -0,0 +1,83 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
pkgs,
|
||||||
|
self,
|
||||||
|
lib,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
# Config Nixpkgs
|
||||||
|
nixpkgs = {
|
||||||
|
overlays = builtins.attrValues self.overlays;
|
||||||
|
config = {
|
||||||
|
allowUnfree = true;
|
||||||
|
joypixels.acceptLicense = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
nix = {
|
||||||
|
# Makes `nix run` commands use unfree
|
||||||
|
registry = lib.mkForce {
|
||||||
|
nixpkgs.flake = inputs.nixpkgs;
|
||||||
|
nixpkgs-stable.flake = inputs.nixpkgs-stable;
|
||||||
|
|
||||||
|
# Allow running unfree packages with nix3 commands via `nix run unfree#steam`
|
||||||
|
unfree.flake = pkgs.callPackage lib.mkUnfreeNixpkgs {path = inputs.nixpkgs;};
|
||||||
|
unfree-stable.flake = pkgs.callPackage lib.mkUnfreeNixpkgs {path = inputs.nixpkgs-stable;};
|
||||||
|
};
|
||||||
|
|
||||||
|
# Disable channels
|
||||||
|
channel.enable = false;
|
||||||
|
# Force latest nix version
|
||||||
|
package = pkgs.nixVersions.nix_2_23;
|
||||||
|
|
||||||
|
# Perform nix store optimisation weekly to maintain low disk usage
|
||||||
|
optimise = {
|
||||||
|
automatic = true;
|
||||||
|
dates = ["weekly"]; # Optional; allows customizing optimisation schedule
|
||||||
|
};
|
||||||
|
|
||||||
|
# Perform garbage collection weekly to maintain low disk usage
|
||||||
|
gc = {
|
||||||
|
automatic = true;
|
||||||
|
dates = "weekly";
|
||||||
|
# Delete generations that are more than 14 days old
|
||||||
|
options = "--delete-older-than 14d";
|
||||||
|
};
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
# Make sure flakes is enabled
|
||||||
|
experimental-features = ["nix-command" "flakes"];
|
||||||
|
|
||||||
|
# No warnings if git isn't pushed
|
||||||
|
warn-dirty = false;
|
||||||
|
|
||||||
|
# Force XDG Base Directory paths
|
||||||
|
use-xdg-base-directories = true;
|
||||||
|
|
||||||
|
# for Nix path
|
||||||
|
nix-path = ["nixpkgs=${pkgs.path}"];
|
||||||
|
|
||||||
|
# Make root and any user in the wheel group trusted
|
||||||
|
trusted-users = ["root" "@wheel"];
|
||||||
|
|
||||||
|
substituters = [
|
||||||
|
"https://nix-community.cachix.org"
|
||||||
|
"https://nix-gaming.cachix.org"
|
||||||
|
];
|
||||||
|
trusted-public-keys = [
|
||||||
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||||
|
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
|
||||||
|
];
|
||||||
|
|
||||||
|
# Reasonable defaults, see https://jackson.dev/post/nix-reasonable-defaults/
|
||||||
|
connect-timeout = 5;
|
||||||
|
log-lines = 25;
|
||||||
|
min-free = 128000000; # 128MB
|
||||||
|
max-free = 1000000000; # 1GB
|
||||||
|
fallback = true; # If binary cache fails, it's okay
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
documentation.nixos.enable = false; # Apparently speeds up rebuild time
|
||||||
|
}
|
42
modules/core/security.nix
Executable file
42
modules/core/security.nix
Executable file
@ -0,0 +1,42 @@
|
|||||||
|
_: {
|
||||||
|
# Make /tmp clean itself on remote. /tmp should be volatile storage!
|
||||||
|
boot.tmp.cleanOnBoot = true;
|
||||||
|
|
||||||
|
boot.kernelModules = ["tcp_bbr"];
|
||||||
|
|
||||||
|
## TCP hardening
|
||||||
|
boot.kernel.sysctl = {
|
||||||
|
# Prevent bogus ICMP errors from filling up logs.
|
||||||
|
"net.ipv4.icmp_ignore_bogus_error_responses" = 1;
|
||||||
|
# Reverse path filtering causes the kernel to do source validation of
|
||||||
|
# packets received from all interfaces. This can mitigate IP spoofing.
|
||||||
|
"net.ipv4.conf.default.rp_filter" = 1;
|
||||||
|
"net.ipv4.conf.all.rp_filter" = 1;
|
||||||
|
# Do not accept IP source route packets (we're not a router)
|
||||||
|
"net.ipv4.conf.all.accept_source_route" = 0;
|
||||||
|
"net.ipv6.conf.all.accept_source_route" = 0;
|
||||||
|
# Don't send ICMP redirects (again, we're on a router)
|
||||||
|
"net.ipv4.conf.all.send_redirects" = 0;
|
||||||
|
"net.ipv4.conf.default.send_redirects" = 0;
|
||||||
|
# Refuse ICMP redirects (MITM mitigations)
|
||||||
|
"net.ipv4.conf.all.accept_redirects" = 0;
|
||||||
|
"net.ipv4.conf.default.accept_redirects" = 0;
|
||||||
|
"net.ipv4.conf.all.secure_redirects" = 0;
|
||||||
|
"net.ipv4.conf.default.secure_redirects" = 0;
|
||||||
|
"net.ipv6.conf.all.accept_redirects" = 0;
|
||||||
|
"net.ipv6.conf.default.accept_redirects" = 0;
|
||||||
|
# Protects against SYN flood attacks
|
||||||
|
"net.ipv4.tcp_syncookies" = 1;
|
||||||
|
# Incomplete protection again TIME-WAIT assassination
|
||||||
|
"net.ipv4.tcp_rfc1337" = 1;
|
||||||
|
|
||||||
|
## TCP optimization
|
||||||
|
# TCP Fast Open is a TCP extension that reduces network latency by packing
|
||||||
|
# data in the sender’s initial TCP SYN. Setting 3 = enable TCP Fast Open for
|
||||||
|
# both incoming and outgoing connections:
|
||||||
|
"net.ipv4.tcp_fastopen" = 3;
|
||||||
|
# Bufferbloat mitigations + slight improvement in throughput & latency
|
||||||
|
"net.ipv4.tcp_congestion_control" = "bbr";
|
||||||
|
"net.core.default_qdisc" = "cake";
|
||||||
|
};
|
||||||
|
}
|
59
modules/core/user.nix
Normal file
59
modules/core/user.nix
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
options,
|
||||||
|
username,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
internals = {
|
||||||
|
cfg = config.variables.user;
|
||||||
|
hostname = config.networking.hostName;
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
options.variables.user = {
|
||||||
|
fullName = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "";
|
||||||
|
example = "John Doe";
|
||||||
|
description = ''
|
||||||
|
Your first and last name.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
emailAddress = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "";
|
||||||
|
example = "johndoe@example.com";
|
||||||
|
description = ''
|
||||||
|
Your email address.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
homeDirectory = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
description = ''
|
||||||
|
The directory for the user's folders. This should only be set if it's in a non-default location.
|
||||||
|
'';
|
||||||
|
default = "/home/${username}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
#users.mutableUsers = false; # Makes it so we can only do password stuff via nixos, safer for not bricking system
|
||||||
|
|
||||||
|
users.users.${username} = {
|
||||||
|
isNormalUser = true;
|
||||||
|
description = internals.cfg.fullName;
|
||||||
|
};
|
||||||
|
|
||||||
|
time = {
|
||||||
|
hardwareClockInLocalTime = lib.mkDefault true;
|
||||||
|
# Set UTC as default timezone, users can override if they want to
|
||||||
|
timeZone = lib.mkDefault "UTC";
|
||||||
|
};
|
||||||
|
|
||||||
|
assertions = [
|
||||||
|
#{assertion = options.variables.user.fullName.isDefined;}
|
||||||
|
#{assertion = options.variables.user.emailaddress.isDefined;}
|
||||||
|
{assertion = options.variables.user.homeDirectory.isDefined;}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
16
modules/core/xdg.nix
Normal file
16
modules/core/xdg.nix
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
environment.sessionVariables = {
|
||||||
|
XDG_CACHE_HOME = "$HOME/.cache";
|
||||||
|
XDG_CONFIG_HOME = "$HOME/.config";
|
||||||
|
XDG_DATA_HOME = "$HOME/.local/share";
|
||||||
|
XDG_STATE_HOME = "$HOME/.local/state";
|
||||||
|
|
||||||
|
ANDROID_USER_HOME = "$XDG_DATA_HOME/android";
|
||||||
|
CUDA_CACHE_PATH = "$XDG_CACHE_HOME/nv";
|
||||||
|
TLDR_CACHE_DIR = "$XDG_CACHE_HOME/tldr";
|
||||||
|
};
|
||||||
|
}
|
25
modules/home/comms/discord.nix
Normal file
25
modules/home/comms/discord.nix
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
osConfig,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "discord" {
|
||||||
|
home.packages = with pkgs;
|
||||||
|
if (lib.conds.isWayland osConfig)
|
||||||
|
then [discord-wayland vesktop]
|
||||||
|
else [discord];
|
||||||
|
|
||||||
|
# make vesktop autostart properly
|
||||||
|
xdg.configFile."autostart/vesktop.desktop".text = ''
|
||||||
|
[Desktop Entry]
|
||||||
|
Type=Application
|
||||||
|
Version=1.0
|
||||||
|
Name=Vencord
|
||||||
|
Comment=Vencord autostart script
|
||||||
|
Exec=sh -c "${pkgs.vesktop}/bin/vesktop --start-minimized"
|
||||||
|
Terminal=false
|
||||||
|
StartupNotify=false
|
||||||
|
'';
|
||||||
|
}
|
@ -14,9 +14,5 @@
|
|||||||
todoist-electron
|
todoist-electron
|
||||||
obs-studio
|
obs-studio
|
||||||
|
|
||||||
# Browsers
|
|
||||||
floorp
|
|
||||||
ungoogled-chromium
|
|
||||||
brave
|
|
||||||
];
|
];
|
||||||
}
|
}
|
47
modules/home/defaults.nix
Normal file
47
modules/home/defaults.nix
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
osConfig,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.variables;
|
||||||
|
in {
|
||||||
|
options.variables = {
|
||||||
|
defaultTerminal = lib.mkOption {
|
||||||
|
default =
|
||||||
|
if osConfig.modules.desktop.enable
|
||||||
|
then (throw "defaultTerminal not set")
|
||||||
|
else null;
|
||||||
|
type = lib.types.str;
|
||||||
|
};
|
||||||
|
|
||||||
|
defaultBrowser = lib.mkOption {
|
||||||
|
default =
|
||||||
|
if osConfig.modules.desktop.enable
|
||||||
|
then (throw "defaultBrowser not set")
|
||||||
|
else null;
|
||||||
|
type = lib.types.str;
|
||||||
|
};
|
||||||
|
|
||||||
|
defaultTextEditor = lib.mkOption {
|
||||||
|
default = "";
|
||||||
|
type = lib.types.str;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkMerge [
|
||||||
|
(lib.mkIf ((lib.conds.runsDesktop osConfig) && cfg.defaultTerminal != null) {
|
||||||
|
home.sessionVariables.TERMINAL = cfg.defaultTerminal;
|
||||||
|
|
||||||
|
modules.${cfg.defaultTerminal}.enable = true;
|
||||||
|
})
|
||||||
|
|
||||||
|
(lib.mkIf ((lib.conds.runsDesktop osConfig) && cfg.defaultBrowser != null) {
|
||||||
|
modules.${cfg.defaultBrowser}.enable = true;
|
||||||
|
})
|
||||||
|
|
||||||
|
(lib.mkIf (cfg.defaultTextEditor != null) {
|
||||||
|
modules.${cfg.defaultTextEditor}.enable = true;
|
||||||
|
})
|
||||||
|
];
|
||||||
|
}
|
15
modules/home/development/c.nix
Normal file
15
modules/home/development/c.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "c" {
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
# :editor format
|
||||||
|
clang-tools
|
||||||
|
# :tools lsp
|
||||||
|
omnisharp-roslyn
|
||||||
|
gcc
|
||||||
|
];
|
||||||
|
}
|
19
modules/home/development/java.nix
Normal file
19
modules/home/development/java.nix
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "java" {
|
||||||
|
programs.java.enable = true;
|
||||||
|
|
||||||
|
home.sessionVariables.JDTLS_PATH = "${pkgs.jdt-language-server}/share/java";
|
||||||
|
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
# :tools lsp
|
||||||
|
java-language-server
|
||||||
|
|
||||||
|
# :lang java
|
||||||
|
jdt-language-server
|
||||||
|
];
|
||||||
|
}
|
12
modules/home/development/latex.nix
Normal file
12
modules/home/development/latex.nix
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "latex" {
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
# :editor format
|
||||||
|
texlive.combined.scheme-medium #LaTex
|
||||||
|
];
|
||||||
|
}
|
14
modules/home/development/lua.nix
Normal file
14
modules/home/development/lua.nix
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "lua" {
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
# :editor format
|
||||||
|
nodePackages.lua-fmt
|
||||||
|
# :tools lsp :lang lua
|
||||||
|
lua-language-server
|
||||||
|
];
|
||||||
|
}
|
14
modules/home/development/markdown.nix
Normal file
14
modules/home/development/markdown.nix
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "markdown" {
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
# :lang markdown
|
||||||
|
proselint
|
||||||
|
pandoc
|
||||||
|
grip
|
||||||
|
];
|
||||||
|
}
|
27
modules/home/development/nix.nix
Normal file
27
modules/home/development/nix.nix
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
alejandra-quiet = pkgs.writeShellScriptBin "alejandra-quiet" ''alejandra --quiet "$@"'';
|
||||||
|
in
|
||||||
|
lib.utilMods.mkModule config "nix" {
|
||||||
|
programs.nix-index-database.comma.enable = true;
|
||||||
|
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
nh # Nice wrapper for NixOS and HM
|
||||||
|
alejandra # Nix formatter
|
||||||
|
nix-output-monitor # Monitor Nix compilation
|
||||||
|
nvd # Nix/NixOS package version diff tool
|
||||||
|
nixpkgs-review # Review nixpkgs
|
||||||
|
nurl # Automated prefetch tool for
|
||||||
|
nix-init # Automatically create nix packages from URLs
|
||||||
|
nix-inspect # View nix configurations
|
||||||
|
nil # Nix LSP
|
||||||
|
deadnix # Deadcode finder for NIx
|
||||||
|
statix # Anti-pattern detector
|
||||||
|
|
||||||
|
alejandra-quiet # Wrapper for Emacs
|
||||||
|
];
|
||||||
|
}
|
31
modules/home/development/python.nix
Normal file
31
modules/home/development/python.nix
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "python" {
|
||||||
|
programs.pyenv.enable = true;
|
||||||
|
|
||||||
|
home.sessionVariables.PYENV_ROOT = "${config.xdg.dataHome}/pyenv";
|
||||||
|
|
||||||
|
home.sessionPath = ["${config.home.sessionVariables.PYENV_ROOT}/bin"];
|
||||||
|
|
||||||
|
home.packages = with pkgs; let
|
||||||
|
myPythonPackages = ps:
|
||||||
|
with ps; [
|
||||||
|
debugpy
|
||||||
|
pyflakes
|
||||||
|
isort
|
||||||
|
pytest
|
||||||
|
black
|
||||||
|
pip
|
||||||
|
pipx
|
||||||
|
];
|
||||||
|
in [
|
||||||
|
# :lang python, debugger, formatter
|
||||||
|
(python312.withPackages myPythonPackages)
|
||||||
|
pyright
|
||||||
|
pipenv
|
||||||
|
];
|
||||||
|
}
|
9
modules/home/development/rust.nix
Normal file
9
modules/home/development/rust.nix
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "rust" {
|
||||||
|
home.packages = with pkgs; [rustup];
|
||||||
|
}
|
16
modules/home/development/web.nix
Normal file
16
modules/home/development/web.nix
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "web" {
|
||||||
|
home.packages = with pkgs; [
|
||||||
|
# :editor format
|
||||||
|
html-tidy
|
||||||
|
|
||||||
|
# :lang web
|
||||||
|
stylelint
|
||||||
|
jsbeautifier
|
||||||
|
];
|
||||||
|
}
|
7
modules/home/firefox/default.nix
Normal file
7
modules/home/firefox/default.nix
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
_: {
|
||||||
|
imports = [
|
||||||
|
./firefox.nix
|
||||||
|
./floorp.nix
|
||||||
|
./zen.nix
|
||||||
|
];
|
||||||
|
}
|
13
modules/home/firefox/extensions.nix
Normal file
13
modules/home/firefox/extensions.nix
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
{pkgs, ...}:
|
||||||
|
with pkgs.nur.repos.rycee.firefox-addons; [
|
||||||
|
ublock-origin
|
||||||
|
sponsorblock
|
||||||
|
return-youtube-dislikes
|
||||||
|
darkreader
|
||||||
|
#bypass-paywalls-clean
|
||||||
|
plasma-integration
|
||||||
|
enhancer-for-youtube
|
||||||
|
indie-wiki-buddy
|
||||||
|
stylus
|
||||||
|
canvasblocker
|
||||||
|
]
|
62
modules/home/firefox/firefox.nix
Normal file
62
modules/home/firefox/firefox.nix
Normal file
@ -0,0 +1,62 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
username,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "firefox" {
|
||||||
|
xdg.mimeApps = let
|
||||||
|
defaultApplications = {
|
||||||
|
"default-web-browser" = ["firefox.desktop"];
|
||||||
|
"text/html" = ["firefox.desktop"];
|
||||||
|
"x-scheme-handler/http" = ["firefox.desktop"];
|
||||||
|
"x-scheme-handler/https" = ["firefox.desktop"];
|
||||||
|
"x-scheme-handler/about" = ["firefox.desktop"];
|
||||||
|
"x-scheme-handler/unknown" = ["firefox.desktop"];
|
||||||
|
"application/xhtml+xml" = ["firefox.desktop"];
|
||||||
|
"text/xml" = ["firefox.desktop"];
|
||||||
|
};
|
||||||
|
in
|
||||||
|
lib.mkIf (config.variables.defaultBrowser == "firefox") {
|
||||||
|
enable = true;
|
||||||
|
inherit defaultApplications;
|
||||||
|
associations.added = defaultApplications;
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.firefox.enable = true;
|
||||||
|
|
||||||
|
programs.firefox.nativeMessagingHosts = with pkgs; [fx-cast-bridge];
|
||||||
|
|
||||||
|
programs.firefox.profiles."${username}" = {
|
||||||
|
extensions = import ./extensions.nix {inherit pkgs;};
|
||||||
|
|
||||||
|
search = {
|
||||||
|
force = true;
|
||||||
|
default = "Ecosia";
|
||||||
|
engines = import ./searchEngines.nix {inherit lib pkgs;};
|
||||||
|
};
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
"widget.use-xdg-desktop-portal.file-picker" = 1;
|
||||||
|
"browser.disableResetPrompt" = true;
|
||||||
|
"browser.download.panel.shown" = true;
|
||||||
|
"browser.download.useDownloadDir" = true;
|
||||||
|
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
|
||||||
|
"browser.shell.checkDefaultBrowser" = true;
|
||||||
|
"browser.shell.defaultBrowserCheckCount" = 1;
|
||||||
|
"browser.startup.homepage" = "https://google.com";
|
||||||
|
"browser.bookmarks.showMobileBookmarks" = true;
|
||||||
|
"dom.security.https_only_mode" = true;
|
||||||
|
"identity.fxaccounts.enabled" = true;
|
||||||
|
"privacy.trackingprotection.enabled" = true;
|
||||||
|
"signon.rememberSignons" = false;
|
||||||
|
"browser.newtabpage.pinned" = lib.singleton {
|
||||||
|
title = "NixOS";
|
||||||
|
url = "https://nixos.org";
|
||||||
|
};
|
||||||
|
"browser.uiCustomization.state" = '' {"placements":{"widget-overflow-fixed-list":[],"unified-extensions-area":["privacy_privacy_com-browser-action","enhancerforyoutube_maximerf_addons_mozilla_org-browser-action","jid1-93cwpmrbvpjrqa_jetpack-browser-action","sponsorblocker_ajay_app-browser-action","_762f9885-5a13-4abd-9c77-433dcd38b8fd_-browser-action","_25cddbee-458b-4e9f-984d-dbf35511f124_-browser-action","canvasblocker_kkapsner_de-browser-action","_2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c_-browser-action","_74145f27-f039-47ce-a470-a662b129930a_-browser-action","_7a7a4a92-a2a0-41d1-9fd7-1e92480d612d_-browser-action","_cb31ec5d-c49a-4e5a-b240-16c767444f62_-browser-action"],"nav-bar":["back-button","forward-button","stop-reload-button","home-button","firefox-view-button","urlbar-container","fxa-toolbar-menu-button","downloads-button","library-button","keepassxc-browser_keepassxc_org-browser-action","ublock0_raymondhill_net-browser-action","addon_darkreader_org-browser-action","plasma-browser-integration_kde_org-browser-action","_testpilot-containers-browser-action","unified-extensions-button","reset-pbm-toolbar-button","_3c078156-979c-498b-8990-85f7987dd929_-browser-action","browserpass_maximbaz_com-browser-action"],"toolbar-menubar":["menubar-items"],"TabsToolbar":["tabbrowser-tabs","new-tab-button","alltabs-button"],"PersonalToolbar":["import-button","personal-bookmarks"]},"seen":["save-to-pocket-button","developer-button","ublock0_raymondhill_net-browser-action","_testpilot-containers-browser-action","privacy_privacy_com-browser-action","addon_darkreader_org-browser-action","enhancerforyoutube_maximerf_addons_mozilla_org-browser-action","jid1-93cwpmrbvpjrqa_jetpack-browser-action","keepassxc-browser_keepassxc_org-browser-action","plasma-browser-integration_kde_org-browser-action","sponsorblocker_ajay_app-browser-action","_762f9885-5a13-4abd-9c77-433dcd38b8fd_-browser-action","browserpass_maximbaz_com-browser-action","_25cddbee-458b-4e9f-984d-dbf35511f124_-browser-action","canvasblocker_kkapsner_de-browser-action","_2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c_-browser-action","_3c078156-979c-498b-8990-85f7987dd929_-browser-action","_74145f27-f039-47ce-a470-a662b129930a_-browser-action","_7a7a4a92-a2a0-41d1-9fd7-1e92480d612d_-browser-action","_cb31ec5d-c49a-4e5a-b240-16c767444f62_-browser-action"],"dirtyAreaCache":["nav-bar","PersonalToolbar","toolbar-menubar","TabsToolbar","widget-overflow-fixed-list","unified-extensions-area"],"currentVersion":20,"newElementCount":7}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
40
modules/home/firefox/floorp.nix
Normal file
40
modules/home/firefox/floorp.nix
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
username,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "floorp" {
|
||||||
|
xdg.mimeApps = let
|
||||||
|
defaultApplications = {
|
||||||
|
"default-web-browser" = ["floorp.desktop"];
|
||||||
|
"text/html" = ["floorp.desktop"];
|
||||||
|
"x-scheme-handler/http" = ["floorp.desktop"];
|
||||||
|
"x-scheme-handler/https" = ["floorp.desktop"];
|
||||||
|
"x-scheme-handler/about" = ["floorp.desktop"];
|
||||||
|
"x-scheme-handler/unknown" = ["floorp.desktop"];
|
||||||
|
"application/xhtml+xml" = ["floorp.desktop"];
|
||||||
|
"text/xml" = ["floorp.desktop"];
|
||||||
|
};
|
||||||
|
in
|
||||||
|
lib.mkIf (config.variables.defaultBrowser == "floorp") {
|
||||||
|
enable = true;
|
||||||
|
inherit defaultApplications;
|
||||||
|
associations.added = defaultApplications;
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.floorp.enable = true;
|
||||||
|
|
||||||
|
programs.floorp.nativeMessagingHosts = with pkgs; [fx-cast-bridge kdePackages.plasma-browser-integration];
|
||||||
|
|
||||||
|
programs.floorp.profiles."${username}" = {
|
||||||
|
extensions = import ./extensions.nix {inherit pkgs;};
|
||||||
|
|
||||||
|
search = {
|
||||||
|
force = true;
|
||||||
|
default = "Ecosia";
|
||||||
|
engines = import ./searchEngines.nix {inherit lib pkgs;};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
71
modules/home/firefox/searchEngines.nix
Normal file
71
modules/home/firefox/searchEngines.nix
Normal file
@ -0,0 +1,71 @@
|
|||||||
|
{
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
nix-icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
|
||||||
|
in {
|
||||||
|
"Ecosia" = {
|
||||||
|
iconUpdateURL = "https://www.ecosia.org/static/icons/favicon.ico";
|
||||||
|
updateInterval = 24 * 60 * 60 * 1000; # Every day
|
||||||
|
definedAliases = ["@e" "@ecosia"];
|
||||||
|
urls = lib.singleton {template = "https://www.ecosia.org/search?q={searchTerms}";};
|
||||||
|
};
|
||||||
|
|
||||||
|
"Nix Packages" = {
|
||||||
|
inherit nix-icon;
|
||||||
|
definedAliases = lib.singleton "@np";
|
||||||
|
urls = lib.singleton {template = "https://search.nixos.org/packages?type=packages&query={searchTerms}";};
|
||||||
|
};
|
||||||
|
|
||||||
|
"NixOS Options" = {
|
||||||
|
inherit nix-icon;
|
||||||
|
definedAliases = lib.singleton "@no";
|
||||||
|
urls = lib.singleton {template = "https://search.nixos.org/options?type=packages&query={searchTerms}";};
|
||||||
|
};
|
||||||
|
|
||||||
|
"NixOS Wiki" = {
|
||||||
|
inherit nix-icon;
|
||||||
|
definedAliases = lib.singleton "@nw";
|
||||||
|
urls = lib.singleton {template = "https://wiki.nixos.org/w/index.php?search={searchTerms}";};
|
||||||
|
};
|
||||||
|
|
||||||
|
"Nixpkgs PR Tracker" = {
|
||||||
|
inherit nix-icon;
|
||||||
|
definedAliases = ["@nprt"];
|
||||||
|
urls = lib.singleton {template = "https://nixpk.gs/pr-tracker.html?pr={searchTerms}";};
|
||||||
|
};
|
||||||
|
|
||||||
|
# All these after all from llakala
|
||||||
|
"Noogle" = {
|
||||||
|
inherit nix-icon;
|
||||||
|
definedAliases = ["@nog"];
|
||||||
|
urls = lib.singleton {template = "https://noogle.dev/q?term={searchTerms}";};
|
||||||
|
};
|
||||||
|
|
||||||
|
"Nixpkgs" = {
|
||||||
|
iconUpdateURL = "https://github.com/favicon.ico";
|
||||||
|
definedAliases = ["@npkgs"];
|
||||||
|
urls = lib.singleton {
|
||||||
|
template = "https://github.com/search";
|
||||||
|
# Thanks to xunuwu on github for being a reference to use of these functions
|
||||||
|
params = lib.attrsToList {
|
||||||
|
"type" = "code";
|
||||||
|
"q" = "repo:NixOS/nixpkgs lang:nix {searchTerms}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
"Github Nix Code" = {
|
||||||
|
iconUpdateURL = "https://github.com/favicon.ico";
|
||||||
|
definedAliases = ["@ghn"];
|
||||||
|
urls = lib.singleton {
|
||||||
|
template = "https://github.com/search";
|
||||||
|
# Thanks to xunuwu on github for being a reference to use of these functions
|
||||||
|
params = lib.attrsToList {
|
||||||
|
"type" = "code";
|
||||||
|
"q" = "lang:nix NOT is:fork {searchTerms}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
454
modules/home/media/gaming.nix
Normal file
454
modules/home/media/gaming.nix
Normal file
@ -0,0 +1,454 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
username,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.modules.gaming;
|
||||||
|
hm-config = config.hm;
|
||||||
|
in
|
||||||
|
lib.utilMods.mkModule' config "gaming" {
|
||||||
|
minecraft-server.enable = lib.mkEnableOption "Enable minecraft server configs";
|
||||||
|
vr.enable = lib.mkEnableOption "Enable virual reality configs";
|
||||||
|
} (lib.mkMerge [
|
||||||
|
# Minecraft
|
||||||
|
(lib.mkIf cfg.minecraft-server.enable {
|
||||||
|
# Allow Minecraft server ports
|
||||||
|
networking.firewall.allowedTCPPorts = [25565 24454];
|
||||||
|
|
||||||
|
hm.home.packages = with pkgs; [prismlauncher flite orca];
|
||||||
|
hm.programs.java.enable = true;
|
||||||
|
hm.home.shellAliases = {
|
||||||
|
start-minecraft-server = "cd ~/Games/MinecraftServer-1.21.x/ && ./run.sh --nogui && cd || cd";
|
||||||
|
start-minecraft-fabric-server = "cd ~/Games/MinecraftFabricServer-1.20.1/ && java -Xmx8G -jar ./fabric-server-mc.1.20.1-loader.0.15.7-launcher.1.0.0.jar nogui && cd || cd";
|
||||||
|
};
|
||||||
|
})
|
||||||
|
# VR
|
||||||
|
(lib.mkIf cfg.vr.enable {
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
android-tools
|
||||||
|
android-udev-rules
|
||||||
|
BeatSaberModManager
|
||||||
|
helvum
|
||||||
|
];
|
||||||
|
|
||||||
|
# Enable ALVR module on NixOS
|
||||||
|
programs.alvr.enable = true;
|
||||||
|
programs.alvr.openFirewall = true;
|
||||||
|
|
||||||
|
# Fixes issue with SteamVR not starting
|
||||||
|
system.activationScripts.fixSteamVR = "${pkgs.libcap}/bin/setcap CAP_SYS_NICE+ep /home/${username}/.local/share/Steam/steamapps/common/SteamVR/bin/linux64/vrcompositor-launcher";
|
||||||
|
|
||||||
|
hm.xdg.desktopEntries = {
|
||||||
|
"BeatSaberModManager" = {
|
||||||
|
name = "Beat Saber ModManager";
|
||||||
|
genericName = "Game";
|
||||||
|
exec = "BeatSaberModManager";
|
||||||
|
icon = "${pkgs.BeatSaberModManager}/lib/BeatSaberModManager/Resources/Icons/Icon.ico";
|
||||||
|
type = "Application";
|
||||||
|
categories = ["Game"];
|
||||||
|
startupNotify = true;
|
||||||
|
comment = "Beat Saber ModManager is a mod manager for Beat Saber";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
||||||
|
|
||||||
|
# Common
|
||||||
|
{
|
||||||
|
# Enable Steam hardware compatibility
|
||||||
|
hardware.steam-hardware.enable = true;
|
||||||
|
|
||||||
|
# Fixes SteamLink/Remote play crashing
|
||||||
|
environment.systemPackages = with pkgs; [protontricks keyutils goverlay ludusavi libcanberra protonup-qt];
|
||||||
|
|
||||||
|
environment.sessionVariables.ICED_BACKEND = "tiny-skia";
|
||||||
|
hardware.graphics = {
|
||||||
|
enable = true;
|
||||||
|
enable32Bit = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.gamemode = {
|
||||||
|
enable = true;
|
||||||
|
enableRenice = true;
|
||||||
|
settings = {
|
||||||
|
general = {
|
||||||
|
softrealtime = "off";
|
||||||
|
inhibit_screensaver = 1;
|
||||||
|
};
|
||||||
|
custom = {
|
||||||
|
start = "''${pkgs.libnotify}/bin/notify-send 'GameMode started'";
|
||||||
|
end = "''${pkgs.libnotify}/bin/notify-send 'GameMode ended'";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.steam = {
|
||||||
|
enable = true;
|
||||||
|
# Make Steam folder spawn in ~/.config instead of /home/USER
|
||||||
|
package = pkgs.steam.override {
|
||||||
|
extraEnv.HOME = "/home/${username}/.config";
|
||||||
|
extraLibraries = pkgs: [pkgs.xorg.libxcb];
|
||||||
|
};
|
||||||
|
remotePlay.openFirewall = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
xdg.mime = {
|
||||||
|
defaultApplications."x-scheme-handler/steam" = "steam.desktop";
|
||||||
|
addedAssociations."x-scheme-handler/steam" = "steam.desktop";
|
||||||
|
};
|
||||||
|
|
||||||
|
hm.xdg = {
|
||||||
|
userDirs.extraConfig.XDG_GAME_DIR = "${hm-config.home.homeDirectory}/Games";
|
||||||
|
|
||||||
|
mimeApps = {
|
||||||
|
defaultApplications."x-scheme-handler/steam" = "steam.desktop";
|
||||||
|
associations.added."x-scheme-handler/steam" = "steam.desktop";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
hm.programs.mangohud = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
### From https://github.com/flightlessmango/MangoHud/blob/master/data/MangoHud.conf
|
||||||
|
### MangoHud configuration file
|
||||||
|
### Uncomment any options you wish to enable. Default options are left uncommented
|
||||||
|
### Use some_parameter=0 to disable a parameter (only works with on/off parameters)
|
||||||
|
### Everything below can be used / overridden with the environment variable MANGOHUD_CONFIG instead
|
||||||
|
|
||||||
|
################ INFORMATIONAL #################
|
||||||
|
## prints possible options on stdout
|
||||||
|
# help = true;
|
||||||
|
|
||||||
|
################ PERFORMANCE #################
|
||||||
|
|
||||||
|
### Limit the application FPS. Comma-separated list of one or more FPS values (e.g. 0,30,60). 0 means unlimited (unless VSynced)
|
||||||
|
# fps_limit = 0;
|
||||||
|
|
||||||
|
### early = wait before present, late = wait after present
|
||||||
|
# fps_limit_method = "";
|
||||||
|
|
||||||
|
### VSync [0-3] 0 = adaptive; 1 = off; 2 = mailbox; 3 = on
|
||||||
|
# vsync = -1;
|
||||||
|
|
||||||
|
### OpenGL VSync [0-N] 0 = off; >=1 = wait for N v-blanks, N > 1 acts as a FPS limiter (FPS = display refresh rate / N)
|
||||||
|
# gl_vsync = -2;
|
||||||
|
|
||||||
|
### Mip-map LoD bias. Negative values will increase texture sharpness (and aliasing)
|
||||||
|
## Positive values will increase texture blurriness (-16 to 16)
|
||||||
|
# picmip = -17;
|
||||||
|
|
||||||
|
### Anisotropic filtering level. Improves sharpness of textures viewed at an angle (0 to 16)
|
||||||
|
# af = -1;
|
||||||
|
|
||||||
|
### Force bicubic filtering
|
||||||
|
# bicubic = true;
|
||||||
|
|
||||||
|
### Force trilinear filtering
|
||||||
|
# trilinear = true;
|
||||||
|
|
||||||
|
### Disable linear texture filtering. Makes textures look blocky
|
||||||
|
# retro = true;
|
||||||
|
|
||||||
|
################### VISUAL ###################
|
||||||
|
|
||||||
|
### Legacy layout
|
||||||
|
# legacy_layout = 0;
|
||||||
|
|
||||||
|
### pre defined presets
|
||||||
|
# -1 = default
|
||||||
|
# 0 = no display
|
||||||
|
# 1 = fps only
|
||||||
|
# 2 = horizontal view
|
||||||
|
# 3 = extended
|
||||||
|
# 4 = high detailed information
|
||||||
|
# preset = -1;
|
||||||
|
|
||||||
|
### Enable most of the toggleable parameters (currently excludes `histogram`)
|
||||||
|
# full = true;
|
||||||
|
|
||||||
|
### Show FPS only. ***Not meant to be used with other display params***
|
||||||
|
# fps_only = true;
|
||||||
|
|
||||||
|
### Display custom centered text, useful for a header
|
||||||
|
# custom_text_center = "";
|
||||||
|
|
||||||
|
### Display the current system time
|
||||||
|
# time = true;
|
||||||
|
|
||||||
|
### Time formatting examples
|
||||||
|
## %H:%M
|
||||||
|
## [ %T %F ]
|
||||||
|
## %X # locally formatted time, because of limited glyph range, missing characters may show as '?' (e.g. Japanese)
|
||||||
|
# time_format = "%T";
|
||||||
|
|
||||||
|
### Display MangoHud version
|
||||||
|
# version = true;
|
||||||
|
|
||||||
|
### Display the current GPU information
|
||||||
|
## Note: gpu_mem_clock and gpu_mem_temp also need "vram" to be enabled
|
||||||
|
gpu_stats = true;
|
||||||
|
gpu_temp = true;
|
||||||
|
# gpu_junction_temp = true;
|
||||||
|
# gpu_core_clock = true;
|
||||||
|
# gpu_mem_temp = true;
|
||||||
|
# gpu_mem_clock = true;
|
||||||
|
# gpu_power = true;
|
||||||
|
# gpu_text = "";
|
||||||
|
gpu_load_change = true;
|
||||||
|
#gpu_load_value = [ "60" "90" ];
|
||||||
|
#gpu_load_color = [ "39F900" "FDFD09" "B22222" ];
|
||||||
|
## GPU fan in rpm (only works on AMD GPUs)
|
||||||
|
# gpu_fan = true;
|
||||||
|
# gpu_voltage = true; # (only works on AMD GPUs)
|
||||||
|
|
||||||
|
### Display the current CPU information
|
||||||
|
cpu_stats = true;
|
||||||
|
cpu_temp = true;
|
||||||
|
# cpu_power = true;
|
||||||
|
# cpu_text = "";
|
||||||
|
# cpu_mhz = true;
|
||||||
|
cpu_load_change = true;
|
||||||
|
#cpu_load_value = [ "60" "90" ];
|
||||||
|
#cpu_load_color = [ "39F900" "FDFD09" "B22222" ];
|
||||||
|
|
||||||
|
### Display the current CPU load & frequency for each core
|
||||||
|
# core_load = true;
|
||||||
|
# core_load_change = true;
|
||||||
|
|
||||||
|
### Display IO read and write for the app (not system)
|
||||||
|
# io_read = true;
|
||||||
|
# io_write = true;
|
||||||
|
|
||||||
|
### Display system vram / ram / swap space usage
|
||||||
|
vram = true;
|
||||||
|
ram = true;
|
||||||
|
# swap = true;
|
||||||
|
|
||||||
|
### Display per process memory usage
|
||||||
|
## Show resident memory and other types, if enabled
|
||||||
|
# procmem = true;
|
||||||
|
# procmem_shared = true;
|
||||||
|
# procmem_virt = true;
|
||||||
|
|
||||||
|
### Display battery information
|
||||||
|
# battery = true;
|
||||||
|
# battery_icon = true;
|
||||||
|
# gamepad_battery = true;
|
||||||
|
# gamepad_battery_icon = true;
|
||||||
|
# battery_watt = true;
|
||||||
|
# battery_time = true;
|
||||||
|
|
||||||
|
### Display FPS and frametime
|
||||||
|
fps = true;
|
||||||
|
# fps_sampling_period = 500;
|
||||||
|
# fps_color_change = true;
|
||||||
|
# fps_value = ["30" "60"];
|
||||||
|
# fps_color=["22222" "FDFD09" "39F900"];
|
||||||
|
frametime = true;
|
||||||
|
# frame_count = true;
|
||||||
|
|
||||||
|
### Display GPU throttling status based on Power, current, temp or "other"
|
||||||
|
## Only shows if throttling is currently happening
|
||||||
|
throttling_status = true;
|
||||||
|
|
||||||
|
### Display miscellaneous information
|
||||||
|
# engine_version = true;
|
||||||
|
# engine_short_names = true;
|
||||||
|
# gpu_name = true;
|
||||||
|
# vulkan_driver = true;
|
||||||
|
# wine = true;
|
||||||
|
# exec_name = true;
|
||||||
|
|
||||||
|
### Display loaded MangoHud architecture
|
||||||
|
# arch = true;
|
||||||
|
|
||||||
|
### Display the frametime line graph
|
||||||
|
frame_timing = true;
|
||||||
|
# histogram = true;
|
||||||
|
|
||||||
|
### Display GameMode / vkBasalt running status
|
||||||
|
# gamemode = true;
|
||||||
|
# vkbasalt = true;
|
||||||
|
|
||||||
|
### Gamescope related options
|
||||||
|
## Display the status of FSR (only works in gamescope)
|
||||||
|
# fsr = true;
|
||||||
|
## Hides the sharpness info for the `fsr` option (only available in gamescope)
|
||||||
|
# hide_fsr_sharpness = true;
|
||||||
|
## Shows the graph of gamescope app frametimes and latency (only on gamescope obviously)
|
||||||
|
# debug = true;
|
||||||
|
|
||||||
|
### graphs displays one or more graphs that you chose
|
||||||
|
## seperated by ",", available graphs are
|
||||||
|
## gpu_load,cpu_load,gpu_core_clock,gpu_mem_clock,vram,ram,cpu_temp,gpu_temp
|
||||||
|
# graphs = [""];
|
||||||
|
|
||||||
|
### mangoapp related options
|
||||||
|
## Enables mangoapp to be displayed above the Steam UI
|
||||||
|
# mangoapp_steam = true;
|
||||||
|
|
||||||
|
### Steam Deck options
|
||||||
|
## Shows the Steam Deck fan rpm
|
||||||
|
# fan = true;
|
||||||
|
|
||||||
|
### Display current FPS limit
|
||||||
|
show_fps_limit = true;
|
||||||
|
|
||||||
|
### Display the current resolution
|
||||||
|
# resolution = true;
|
||||||
|
|
||||||
|
### Display custom text
|
||||||
|
# custom_text = "";
|
||||||
|
### Display output of Bash command in next column
|
||||||
|
# exec = "";
|
||||||
|
|
||||||
|
### Display media player metadata
|
||||||
|
# media_player = true;
|
||||||
|
## for example spotify
|
||||||
|
# media_player_name = "";
|
||||||
|
## Format metadata, lines are delimited by ; (wip)
|
||||||
|
## example: {title};{artist};{album}
|
||||||
|
## example: Track:;{title};By:;{artist};From:;{album}
|
||||||
|
# media_player_format = ["title" "artist" "album"];
|
||||||
|
|
||||||
|
### Change the hud font size
|
||||||
|
# font_size = 24;
|
||||||
|
# font_scale = 1.0;
|
||||||
|
# font_size_text = 24;
|
||||||
|
# font_scale_media_player = 0.55;
|
||||||
|
# no_small_font = true;
|
||||||
|
|
||||||
|
### Change default font (set location to TTF/OTF file)
|
||||||
|
## Set font for the whole hud
|
||||||
|
# font_file = "";
|
||||||
|
|
||||||
|
## Set font only for text like media player metadata
|
||||||
|
# font_file_text = "";
|
||||||
|
|
||||||
|
## Set font glyph ranges. Defaults to Latin-only. Don't forget to set font_file/font_file_text to font that supports these
|
||||||
|
## Probably don't enable all at once because of memory usage and hardware limits concerns
|
||||||
|
## If you experience crashes or text is just squares, reduce glyph range or reduce font size
|
||||||
|
# font_glyph_ranges = ["korean" "chinese" "chinese_simplified" "japanese" "cyrillic" "thai" "vietnamese" "latin_ext_a" "latin_ext_b"];
|
||||||
|
|
||||||
|
### Outline text
|
||||||
|
text_outline = true;
|
||||||
|
# text_outline_color = 000000;
|
||||||
|
# text_outline_thickness = 1.5;
|
||||||
|
|
||||||
|
### Change the hud position
|
||||||
|
# position = "top-left";
|
||||||
|
|
||||||
|
### Change the corner roundness
|
||||||
|
# round_corners = 0;
|
||||||
|
|
||||||
|
### Remove margins around MangoHud
|
||||||
|
# hud_no_margin = true;
|
||||||
|
|
||||||
|
### Display compact version of MangoHud
|
||||||
|
# hud_compact = true;
|
||||||
|
|
||||||
|
### Display MangoHud in a horizontal position
|
||||||
|
# horizontal = true;
|
||||||
|
# horizontal_stretch = true;
|
||||||
|
|
||||||
|
### Disable / hide the hud by default
|
||||||
|
# no_display = true;
|
||||||
|
|
||||||
|
### Hud position offset
|
||||||
|
# offset_x = 0;
|
||||||
|
# offset_y = 0;
|
||||||
|
|
||||||
|
### Hud dimensions
|
||||||
|
# width = 0;
|
||||||
|
# height = 140;
|
||||||
|
# table_columns = 3;
|
||||||
|
# cellpadding_y = -0.085;
|
||||||
|
|
||||||
|
### Hud transparency / alpha
|
||||||
|
# background_alpha = 0.5;
|
||||||
|
# alpha = 1.0;
|
||||||
|
|
||||||
|
### FCAT overlay
|
||||||
|
### This enables an FCAT overlay to perform frametime analysis on the final image stream.
|
||||||
|
### Enable the overlay
|
||||||
|
# fcat = true;
|
||||||
|
### Set the width of the FCAT overlay.
|
||||||
|
### 24 is a performance optimization on AMD GPUs that should not have adverse effects on nVidia GPUs.
|
||||||
|
### A minimum of 20 pixels is recommended by nVidia.
|
||||||
|
# fcat_overlay_width = 24;
|
||||||
|
### Set the screen edge, this can be useful for special displays that don't update from top edge to bottom. This goes from 0 (left side) to 3 (top edge), counter-clockwise.
|
||||||
|
# fcat_screen_edge = 0;
|
||||||
|
|
||||||
|
### Color customization
|
||||||
|
# text_color = "FFFFFF";
|
||||||
|
# gpu_color = "2E9762";
|
||||||
|
# cpu_color = "2E97CB";
|
||||||
|
# vram_color = "AD64C1";
|
||||||
|
# ram_color = "C26693";
|
||||||
|
# engine_color = "EB5B5B";
|
||||||
|
# io_color = "A491D3";
|
||||||
|
# frametime_color = "00FF00";
|
||||||
|
# background_color = "020202";
|
||||||
|
# media_player_color = "FFFFFF";
|
||||||
|
# wine_color = "EB5B5B";
|
||||||
|
# battery_color = "FF9078";
|
||||||
|
|
||||||
|
### Specify GPU with PCI bus ID for AMDGPU and NVML stats
|
||||||
|
### Set to 'domain:bus:slot.function'
|
||||||
|
# pci_dev = "0:0a:0.0";
|
||||||
|
|
||||||
|
### Blacklist
|
||||||
|
# blacklist = "";
|
||||||
|
|
||||||
|
### Control over socket
|
||||||
|
### Enable and set socket name, '%p' is replaced with process id
|
||||||
|
## example: mangohud
|
||||||
|
## example: mangohud-%p
|
||||||
|
# control = -1;
|
||||||
|
|
||||||
|
################ WORKAROUNDS #################
|
||||||
|
### Options starting with "gl_*" are for OpenGL
|
||||||
|
### Specify what to use for getting display size. Options are "viewport", "scissorbox" or disabled. Defaults to using glXQueryDrawable
|
||||||
|
# gl_size_query = "viewport";
|
||||||
|
|
||||||
|
### (Re)bind given framebuffer before MangoHud gets drawn. Helps with Crusader Kings III
|
||||||
|
# gl_bind_framebuffer = 0;
|
||||||
|
|
||||||
|
### Don't swap origin if using GL_UPPER_LEFT. Helps with Ryujinx
|
||||||
|
# gl_dont_flip = 1;
|
||||||
|
|
||||||
|
################ INTERACTION #################
|
||||||
|
|
||||||
|
### Change toggle keybinds for the hud & logging
|
||||||
|
toggle_hud = "Shift_R+F12";
|
||||||
|
# toggle_hud_position = "Shift_R+F11";
|
||||||
|
# toggle_fps_limit = "Shift_L+F1";
|
||||||
|
toggle_logging = "Shift_L+F2";
|
||||||
|
# reload_cfg = "Shift_L+F4";
|
||||||
|
# upload_log = "Shift_L+F3";
|
||||||
|
|
||||||
|
#################### LOG #####################
|
||||||
|
### Automatically start the log after X seconds
|
||||||
|
# autostart_log = "";
|
||||||
|
### Set amount of time in seconds that the logging will run for
|
||||||
|
# log_duration = "";
|
||||||
|
### Change the default log interval, 0 is default
|
||||||
|
# log_interval = 0;
|
||||||
|
### Set location of the output files (required for logging)
|
||||||
|
output_folder = "${hm-config.xdg.stateHome}/mangologs";
|
||||||
|
### Permit uploading logs directly to FlightlessMango.com
|
||||||
|
## set to 1 to enable
|
||||||
|
# permit_upload = 0;
|
||||||
|
### Define a '+'-separated list of percentiles shown in the benchmark results
|
||||||
|
### Use "AVG" to get a mean average. Default percentiles are 97+AVG+1+0.1
|
||||||
|
## example: ['97', 'AVG', '1', '0.1']
|
||||||
|
# benchmark_percentiles = ["97" "AVG"];
|
||||||
|
## Adds more headers and information such as versioning to the log. This format is not supported on flightlessmango.com (yet)
|
||||||
|
# log_versioning = true;
|
||||||
|
## Enable automatic uploads of logs to flightlessmango.com
|
||||||
|
# upload_logs = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
])
|
16
modules/home/media/obs-studio.nix
Normal file
16
modules/home/media/obs-studio.nix
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "obs-studio" {
|
||||||
|
# Makes OBS Virtual Camera feature function
|
||||||
|
boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback];
|
||||||
|
|
||||||
|
hm.programs.obs-studio.enable = true;
|
||||||
|
hm.programs.obs-studio.plugins = with pkgs.obs-studio-plugins; [
|
||||||
|
obs-vkcapture
|
||||||
|
obs-pipewire-audio-capture
|
||||||
|
];
|
||||||
|
}
|
136
modules/home/terminal/kitty.nix
Normal file
136
modules/home/terminal/kitty.nix
Normal file
@ -0,0 +1,136 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "kitty" {
|
||||||
|
#modules.fonts.enable = true;
|
||||||
|
|
||||||
|
xdg.mimeApps = let
|
||||||
|
defaultApplications = {
|
||||||
|
"mimetype" = "kitty.desktop";
|
||||||
|
"application/x-terminal-emulator" = "kitty.desktop";
|
||||||
|
"x-terminal-emulator" = "kitty.desktop";
|
||||||
|
};
|
||||||
|
in
|
||||||
|
lib.mkIf (config.variables.defaultTerminal == "kitty") {
|
||||||
|
enable = true;
|
||||||
|
inherit defaultApplications;
|
||||||
|
associations.added = defaultApplications;
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.kitty.enable = true;
|
||||||
|
|
||||||
|
programs.kitty.environment = {
|
||||||
|
COLORTERM = "truecolor";
|
||||||
|
WINIT_X11_SCALE_FACTOR = "1";
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.kitty.settings = {
|
||||||
|
# Advanced {{{
|
||||||
|
term = "xterm-256color";
|
||||||
|
#shell = "${pkgs.zsh}/bin/zsh --login --interactive";
|
||||||
|
#kitty_mod = "ctrl+shift";
|
||||||
|
#startup_session = "default.conf";
|
||||||
|
repaint_delay = 0;
|
||||||
|
# }}}
|
||||||
|
|
||||||
|
# Terminal Bell {{{
|
||||||
|
enable_audio_bell = "yes";
|
||||||
|
visual_bell_duration = "0.0";
|
||||||
|
bell_on_tab = "🔔 ";
|
||||||
|
linux_bell_theme = "__ocean";
|
||||||
|
bell_path = "${pkgs.kdePackages.ocean-sound-theme}/share/sounds/ocean/stereo/bell-window-system.oga";
|
||||||
|
# }}}
|
||||||
|
|
||||||
|
# Cursor {{{
|
||||||
|
cursor_shape = "block";
|
||||||
|
cursor_blink_interval = "0.5";
|
||||||
|
# }}}
|
||||||
|
|
||||||
|
# Scrollback {{{
|
||||||
|
scrollback_lines = 5000;
|
||||||
|
# }}}
|
||||||
|
|
||||||
|
# Mouse {{{
|
||||||
|
show_hyperlink_targets = "yes";
|
||||||
|
copy_on_select = "yes";
|
||||||
|
paste_actions = "quote-urls-at-prompt,confirm-if-large";
|
||||||
|
focus_follows_mouse = "yes";
|
||||||
|
mouse_hide_wait = 0;
|
||||||
|
# }}}
|
||||||
|
|
||||||
|
# Window Layout {{{
|
||||||
|
remember_window_size = "yes";
|
||||||
|
# FIXME: Add fonts for machine types
|
||||||
|
/*
|
||||||
|
initial_window_width =
|
||||||
|
if (config.variables.machine.buildType == "laptop")
|
||||||
|
then 1000
|
||||||
|
else 1920;
|
||||||
|
initial_window_height =
|
||||||
|
if (config.variables.machine.buildType == "laptop")
|
||||||
|
then 700
|
||||||
|
else 1080;
|
||||||
|
*/
|
||||||
|
|
||||||
|
enabled_layouts = "tall:bias=65;full_size=1;mirrored=false";
|
||||||
|
# }}}
|
||||||
|
|
||||||
|
# Color Scheme {{{
|
||||||
|
dynamic_background_opacity = "yes";
|
||||||
|
# }}}
|
||||||
|
};
|
||||||
|
programs.kitty.keybindings = {
|
||||||
|
#: Window management {{{
|
||||||
|
#: New window
|
||||||
|
#"kitty_mod+enter" = "new_window";
|
||||||
|
#"f7" = "focus_visible_window";
|
||||||
|
#"f8" = "swap_with_window";
|
||||||
|
|
||||||
|
#"ctrl+left" = "resize_window narrower";
|
||||||
|
#"ctrl+right" = "resize_window wider";
|
||||||
|
#"ctrl+up" = "resize_window taller";
|
||||||
|
#"ctrl+down" = "resize_window shorter";
|
||||||
|
|
||||||
|
# reset all windows in the tab to default sizes
|
||||||
|
#"kitty_mod+z" = "resize_window reset";
|
||||||
|
|
||||||
|
# }}}
|
||||||
|
|
||||||
|
#: Tab Management {{{
|
||||||
|
#"ctrl+t" = "new_tab";
|
||||||
|
# }}}
|
||||||
|
|
||||||
|
# Font Sizes {{{
|
||||||
|
#: Increase font size
|
||||||
|
"ctrl+equal" = "change_font_size all +1.0";
|
||||||
|
|
||||||
|
#: Decrease font size
|
||||||
|
"ctrl+minus" = "change_font_size all -1.0";
|
||||||
|
|
||||||
|
"ctrl+0" = "change_font_size all 0";
|
||||||
|
# }}}
|
||||||
|
|
||||||
|
#: Miscellaneous {{{
|
||||||
|
#: Show documentation
|
||||||
|
"f9" = "show_kitty_doc overview";
|
||||||
|
|
||||||
|
#: Toggle fullscreen
|
||||||
|
"f11" = "toggle_fullscreen";
|
||||||
|
|
||||||
|
#: Toggle maximized
|
||||||
|
"f10" = "toggle_maximized";
|
||||||
|
|
||||||
|
#: Edit config file
|
||||||
|
#"f2" = "launch --type=tab emacsclient -nw ~/.config/kitty/kitty.conf";
|
||||||
|
|
||||||
|
#: Reload kitty.conf
|
||||||
|
"f5" = "combine : load_config_file : launch --type=overlay --hold --allow-remote-control kitty @ send-text 'kitty config reloaded'";
|
||||||
|
#"ctrl+r" = "combine : load_config_file : launch --type=overlay --hold --allow-remote-control kitty @ send-text 'kitty config reloaded'";
|
||||||
|
#: Debug kitty configuration
|
||||||
|
"f6" = "debug_config";
|
||||||
|
# }}}
|
||||||
|
};
|
||||||
|
}
|
23
modules/home/terminal/konsole.nix
Normal file
23
modules/home/terminal/konsole.nix
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "konsole" {
|
||||||
|
xdg.mimeApps = let
|
||||||
|
defaultApplications = {
|
||||||
|
"mimetype" = "konsole.desktop";
|
||||||
|
"application/x-terminal-emulator" = "konsole.desktop";
|
||||||
|
"x-terminal-emulator" = "konsole.desktop";
|
||||||
|
};
|
||||||
|
in
|
||||||
|
lib.mkIf (config.variables.defaultTerminal == "konsole") {
|
||||||
|
enable = true;
|
||||||
|
inherit defaultApplications;
|
||||||
|
associations.added = defaultApplications;
|
||||||
|
};
|
||||||
|
|
||||||
|
# DefaultThemed profile is considered the Stylix module
|
||||||
|
programs.konsole.enable = true;
|
||||||
|
}
|
115
modules/home/theme/common.nix
Normal file
115
modules/home/theme/common.nix
Normal file
@ -0,0 +1,115 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
inherit (lib) types mkOption literalExpression mkIf mkMerge mkBefore;
|
||||||
|
cfg = config.theme;
|
||||||
|
cfgapp = cfg.app;
|
||||||
|
|
||||||
|
iconThemeModule = types.submodule {
|
||||||
|
options = {
|
||||||
|
package = mkOption {
|
||||||
|
type = types.nullOr types.package;
|
||||||
|
default = null;
|
||||||
|
example = literalExpression "pkgs.papirus-icon-theme";
|
||||||
|
description = ''
|
||||||
|
Package providing the theme. This package will be installed to your profile. If 'null', then the theme is assumed to be already available in your profile.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
name = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "";
|
||||||
|
example = "Papirus-Dark";
|
||||||
|
description = "The symbolic name of the theme within the package without any spaces.";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
appModule = types.submodule {
|
||||||
|
options = {
|
||||||
|
rio.name = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "";
|
||||||
|
example = "3024 Night";
|
||||||
|
description = ''
|
||||||
|
The name of the theme within the package to use for Rio.
|
||||||
|
|
||||||
|
See theme names: https://github.com/raphamorim/rio-terminal-themes/tree/main/themes
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
options.theme = {
|
||||||
|
packages = mkOption {
|
||||||
|
type = types.listOf types.package;
|
||||||
|
default = [];
|
||||||
|
example = literalExpression "with pkgs; [ dracula-theme ]";
|
||||||
|
description = ''
|
||||||
|
Packages providing the theme. The list of packages will be installed to your profile. If empty, then the theme is assumed to be already available in your profile.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
name = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "";
|
||||||
|
example = "Dracula";
|
||||||
|
description = "The name of the theme within the package.";
|
||||||
|
};
|
||||||
|
nameSymbolic = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
default = "";
|
||||||
|
example = "dracula";
|
||||||
|
description = "The symbolic name of the theme within the package without any spaces.";
|
||||||
|
};
|
||||||
|
iconTheme = mkOption {
|
||||||
|
type = types.nullOr iconThemeModule;
|
||||||
|
default = {};
|
||||||
|
description = "Icon configuration options.";
|
||||||
|
};
|
||||||
|
app = mkOption {
|
||||||
|
type = types.nullOr appModule;
|
||||||
|
default = {};
|
||||||
|
description = "App theme configuration options.";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = mkIf (cfg != null) (mkMerge [
|
||||||
|
# Configure rio
|
||||||
|
(mkIf (cfgapp != null && config.programs.rio.enable) {
|
||||||
|
xdg.configFile."rio/themes/${cfgapp.rio.name}.toml".source =
|
||||||
|
fetchGit {
|
||||||
|
url = "https://github.com/raphamorim/rio-terminal-themes";
|
||||||
|
rev = "9d76eb416c1cc46f959f236fdfa5479a19c0a070";
|
||||||
|
}
|
||||||
|
+ "/themes/${cfgapp.rio.name}.toml";
|
||||||
|
programs.rio.settings = mkBefore {
|
||||||
|
# It makes Rio look for the specified theme in the themes folder
|
||||||
|
# (macos and linux: ~/.config/rio/themes/dracula.toml)
|
||||||
|
# (windows: C:\Users\USER\AppData\Local\rio\themes\dracula.toml)
|
||||||
|
theme = "${cfgapp.rio.name}";
|
||||||
|
};
|
||||||
|
})
|
||||||
|
# Configure gtk theme
|
||||||
|
(mkIf config.gtk.enable {
|
||||||
|
gtk = {
|
||||||
|
iconTheme = mkIf (cfg.iconTheme != null) {
|
||||||
|
inherit (cfg.iconTheme) name;
|
||||||
|
inherit (cfg.iconTheme) package;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
||||||
|
|
||||||
|
{
|
||||||
|
nukeFiles = ["${config.home.homeDirectory}/.config/gtk-2.0/gtkrc" "${config.home.homeDirectory}/.config/gtk-3.0/gtk.css" "${config.home.homeDirectory}/.config/gtk-4.0/gtk.css" "${config.home.homeDirectory}/.gtkrc-2.0"];
|
||||||
|
programs.plasma.workspace.iconTheme = "${cfg.iconTheme.name}";
|
||||||
|
# Install the packages
|
||||||
|
home.packages = with pkgs; (mkMerge
|
||||||
|
[
|
||||||
|
(mkIf (cfg.packages != []) cfg.packages)
|
||||||
|
(mkIf (cfg.iconTheme.package != null) [cfg.iconTheme.package])
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
]);
|
||||||
|
}
|
64
modules/home/theme/konsole.mustache
Normal file
64
modules/home/theme/konsole.mustache
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
[Background]
|
||||||
|
Color={{base00-rgb-r}},{{base00-rgb-g}},{{base00-rgb-b}}
|
||||||
|
|
||||||
|
[BackgroundIntense]
|
||||||
|
Color={{base03-rgb-r}},{{base03-rgb-g}},{{base03-rgb-b}}
|
||||||
|
|
||||||
|
[Color0]
|
||||||
|
Color={{base00-rgb-r}},{{base00-rgb-g}},{{base00-rgb-b}}
|
||||||
|
|
||||||
|
[Color0Intense]
|
||||||
|
Color={{base03-rgb-r}},{{base03-rgb-g}},{{base03-rgb-b}}
|
||||||
|
|
||||||
|
[Color1]
|
||||||
|
Color={{base08-rgb-r}},{{base08-rgb-g}},{{base08-rgb-b}}
|
||||||
|
|
||||||
|
[Color1Intense]
|
||||||
|
Color={{base08-rgb-r}},{{base08-rgb-g}},{{base08-rgb-b}}
|
||||||
|
|
||||||
|
[Color2]
|
||||||
|
Color={{base0B-rgb-r}},{{base0B-rgb-g}},{{base0B-rgb-b}}
|
||||||
|
|
||||||
|
[Color2Intense]
|
||||||
|
Color={{base0B-rgb-r}},{{base0B-rgb-g}},{{base0B-rgb-b}}
|
||||||
|
|
||||||
|
[Color3]
|
||||||
|
Color={{base0A-rgb-r}},{{base0A-rgb-g}},{{base0A-rgb-b}}
|
||||||
|
|
||||||
|
[Color3Intense]
|
||||||
|
Color={{base0A-rgb-r}},{{base0A-rgb-g}},{{base0A-rgb-b}}
|
||||||
|
|
||||||
|
[Color4]
|
||||||
|
Color={{base0D-rgb-r}},{{base0D-rgb-g}},{{base0D-rgb-b}}
|
||||||
|
|
||||||
|
[Color4Intense]
|
||||||
|
Color={{base0D-rgb-r}},{{base0D-rgb-g}},{{base0D-rgb-b}}
|
||||||
|
|
||||||
|
[Color5]
|
||||||
|
Color={{base0E-rgb-r}},{{base0E-rgb-g}},{{base0E-rgb-b}}
|
||||||
|
|
||||||
|
[Color5Intense]
|
||||||
|
Color={{base0E-rgb-r}},{{base0E-rgb-g}},{{base0E-rgb-b}}
|
||||||
|
|
||||||
|
[Color6]
|
||||||
|
Color={{base0C-rgb-r}},{{base0C-rgb-g}},{{base0C-rgb-b}}
|
||||||
|
|
||||||
|
[Color6Intense]
|
||||||
|
Color={{base0C-rgb-r}},{{base0C-rgb-g}},{{base0C-rgb-b}}
|
||||||
|
|
||||||
|
[Color7]
|
||||||
|
Color={{base05-rgb-r}},{{base05-rgb-g}},{{base05-rgb-b}}
|
||||||
|
|
||||||
|
[Color7Intense]
|
||||||
|
Color={{base07-rgb-r}},{{base07-rgb-g}},{{base07-rgb-b}}
|
||||||
|
|
||||||
|
[Foreground]
|
||||||
|
Color={{base05-rgb-r}},{{base05-rgb-g}},{{base05-rgb-b}}
|
||||||
|
|
||||||
|
[ForegroundIntense]
|
||||||
|
Color={{base07-rgb-r}},{{base07-rgb-g}},{{base07-rgb-b}}
|
||||||
|
|
||||||
|
[General]
|
||||||
|
Description=Base16 {{scheme-name}}
|
||||||
|
Opacity=1
|
||||||
|
Wallpaper=
|
165
modules/home/theme/stylix.nix
Normal file
165
modules/home/theme/stylix.nix
Normal file
@ -0,0 +1,165 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
osConfig,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
|
cfg = config.theme.stylix;
|
||||||
|
c = config.lib.stylix.colors.withHashtag;
|
||||||
|
f = config.stylix.fonts;
|
||||||
|
in {
|
||||||
|
options.theme.stylix = {
|
||||||
|
enable = lib.mkEnableOption "Enable Stylix" // {default = osConfig.stylix.enable;};
|
||||||
|
};
|
||||||
|
|
||||||
|
config =
|
||||||
|
lib.mkIf cfg.enable
|
||||||
|
(lib.mkMerge [
|
||||||
|
(lib.mkIf (config.variables.defaultTerminal == "konsole") {
|
||||||
|
programs.konsole = {
|
||||||
|
defaultProfile = "DefaultThemed";
|
||||||
|
profiles.DefaultThemed = {
|
||||||
|
name = "DefaultThemed";
|
||||||
|
colorScheme = "Stylix";
|
||||||
|
font = {
|
||||||
|
name = "${config.stylix.fonts.monospace.name}";
|
||||||
|
size = config.stylix.fonts.sizes.terminal;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
xdg = {
|
||||||
|
dataFile = {
|
||||||
|
"konsole/Stylix.colorscheme".source = config.lib.stylix.colors {
|
||||||
|
template = builtins.readFile ./konsole.mustache;
|
||||||
|
extension = ".colorscheme";
|
||||||
|
};
|
||||||
|
/*
|
||||||
|
"yakuake/skins/Dracula".source = fetchGit {
|
||||||
|
url = "https://github.com/dracula/yakuake";
|
||||||
|
rev = "591a705898763167dd5aca2289d170f91a85aa56";
|
||||||
|
};
|
||||||
|
*/
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
||||||
|
{
|
||||||
|
nukeFiles = ["${config.home.homeDirectory}/.config/gtk-2.0/gtkrc" "${config.home.homeDirectory}/.config/gtk-3.0/gtk.css" "${config.home.homeDirectory}/.config/gtk-4.0/gtk.css" "${config.home.homeDirectory}/.gtkrc-2.0"];
|
||||||
|
|
||||||
|
gtk = lib.mkIf (config.stylix.polarity == "dark") {
|
||||||
|
enable = true;
|
||||||
|
theme.name = lib.mkForce "adw-gtk3-dark";
|
||||||
|
gtk3.extraConfig = {gtk-application-prefer-dark-theme = true;};
|
||||||
|
gtk4.extraConfig = {gtk-application-prefer-dark-theme = true;};
|
||||||
|
};
|
||||||
|
|
||||||
|
programs = {
|
||||||
|
rio.settings = {
|
||||||
|
window.opacity = config.stylix.opacity.terminal;
|
||||||
|
fonts = {
|
||||||
|
size = f.sizes.terminal + 3; # Make it larger because fonts are really tiny using default stylix font size
|
||||||
|
family = "${f.monospace.name}";
|
||||||
|
emoji = {
|
||||||
|
family = "${f.emoji.name}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
plasma = {
|
||||||
|
overrideConfig = true;
|
||||||
|
workspace.cursor = {
|
||||||
|
theme = "${config.stylix.cursor.name}";
|
||||||
|
inherit (config.stylix.cursor) size;
|
||||||
|
};
|
||||||
|
fonts = let
|
||||||
|
general = {
|
||||||
|
family = "${f.sansSerif.name}";
|
||||||
|
pointSize = f.sizes.applications;
|
||||||
|
};
|
||||||
|
small = {
|
||||||
|
inherit (general) family;
|
||||||
|
pointSize = f.sizes.desktop;
|
||||||
|
};
|
||||||
|
in {
|
||||||
|
inherit general small;
|
||||||
|
fixedWidth = {
|
||||||
|
family = "${f.monospace.name}";
|
||||||
|
pointSize = f.sizes.terminal;
|
||||||
|
};
|
||||||
|
toolbar = small;
|
||||||
|
menu = small;
|
||||||
|
windowTitle = small;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
zsh.syntaxHighlighting.styles = {
|
||||||
|
## General
|
||||||
|
### Diffs
|
||||||
|
### Markup
|
||||||
|
## Classes
|
||||||
|
# Comments
|
||||||
|
comment = "fg=${c.base04}";
|
||||||
|
## Constants
|
||||||
|
## Entitites
|
||||||
|
## Functions/methods
|
||||||
|
alias = "fg=${c.base0B}";
|
||||||
|
suffix-alias = "fg=${c.base0B}";
|
||||||
|
global-alias = "fg=${c.base0B}";
|
||||||
|
function = "fg=${c.base0B}";
|
||||||
|
command = "fg=${c.base0B}";
|
||||||
|
precommand = "fg=${c.base0B},italic";
|
||||||
|
autodirectory = "fg=${c.base09},italic";
|
||||||
|
single-hyphen-option = "fg=${c.base09}";
|
||||||
|
double-hyphen-option = "fg=${c.base09}";
|
||||||
|
back-quoted-argument = "fg=${c.base0E}";
|
||||||
|
## Keywords
|
||||||
|
## Built ins
|
||||||
|
builtin = "fg=${c.base0B}";
|
||||||
|
reserved-word = "fg=${c.base0B}";
|
||||||
|
hashed-command = "fg=${c.base0B}";
|
||||||
|
## Punctuation
|
||||||
|
commandseparator = "fg=${c.base08}";
|
||||||
|
command-substitution-delimiter = "fg=${c.base05}";
|
||||||
|
command-substitution-delimiter-unquoted = "fg=${c.base05}";
|
||||||
|
process-substitution-delimiter = "fg=${c.base05}";
|
||||||
|
back-quoted-argument-delimiter = "fg=${c.base08}";
|
||||||
|
back-double-quoted-argument = "fg=${c.base08}";
|
||||||
|
back-dollar-quoted-argument = "fg=${c.base08}";
|
||||||
|
## Serializable / Configuration Languages
|
||||||
|
## Storage
|
||||||
|
## Strings
|
||||||
|
command-substitution-quoted = "fg=${c.base0A}";
|
||||||
|
command-substitution-delimiter-quoted = "fg=${c.base0A}";
|
||||||
|
single-quoted-argument = "fg=${c.base0A}";
|
||||||
|
single-quoted-argument-unclosed = "fg=${c.base08},bold";
|
||||||
|
double-quoted-argument = "fg=${c.base0A}";
|
||||||
|
double-quoted-argument-unclosed = "fg=${c.base08},bold";
|
||||||
|
rc-quote = "fg=${c.base0A}";
|
||||||
|
## Variables
|
||||||
|
dollar-quoted-argument = "fg=${c.base05}";
|
||||||
|
dollar-quoted-argument-unclosed = "fg=${c.base08},bold";
|
||||||
|
dollar-double-quoted-argument = "fg=${c.base05}";
|
||||||
|
assign = "fg=${c.base05}";
|
||||||
|
named-fd = "fg=${c.base05}";
|
||||||
|
numeric-fd = "fg=${c.base05}";
|
||||||
|
## No category relevant in spec
|
||||||
|
unknown-token = "fg=${c.base08},bold";
|
||||||
|
path = "fg=${c.base05}";
|
||||||
|
path_pathseparator = "fg=${c.base08}";
|
||||||
|
path_prefix = "fg=${c.base05}";
|
||||||
|
path_prefix_pathseparator = "fg=${c.base08}";
|
||||||
|
globbing = "fg=${c.base05}";
|
||||||
|
history-expansion = "fg=${c.base0E}";
|
||||||
|
#command-substitution ="fg=?";
|
||||||
|
#command-substitution-unquoted ="fg=?";
|
||||||
|
#process-substitution ="fg=?";
|
||||||
|
#arithmetic-expansion ="fg=?";
|
||||||
|
back-quoted-argument-unclosed = "fg=${c.base08},bold";
|
||||||
|
redirection = "fg=${c.base05}";
|
||||||
|
arg0 = "fg=${c.base05}";
|
||||||
|
default = "fg=${c.base05}";
|
||||||
|
cursor = "fg=${c.base05}";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
]);
|
||||||
|
}
|
36
modules/home/virtualization/virtualization.nix
Executable file
36
modules/home/virtualization/virtualization.nix
Executable file
@ -0,0 +1,36 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "virtualization" {
|
||||||
|
# Enable dconf (System Management Tool)
|
||||||
|
#programs.dconf.enable = true;
|
||||||
|
|
||||||
|
# Install necessary packages
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
virt-manager
|
||||||
|
virt-viewer
|
||||||
|
#spice
|
||||||
|
#spice-gtk
|
||||||
|
#spice-protocol
|
||||||
|
win-virtio
|
||||||
|
win-spice
|
||||||
|
guestfs-tools
|
||||||
|
libguestfs
|
||||||
|
];
|
||||||
|
|
||||||
|
# Manage the virutalisation services
|
||||||
|
virtualisation.spiceUSBRedirection.enable = true;
|
||||||
|
virtualisation.libvirtd = {
|
||||||
|
enable = true;
|
||||||
|
qemu.swtpm.enable = true;
|
||||||
|
qemu.ovmf = {
|
||||||
|
enable = true;
|
||||||
|
packages = with pkgs; [OVMFFull.fd];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.spice-vdagentd.enable = true;
|
||||||
|
}
|
10
modules/home/virtualization/waydroid.nix
Normal file
10
modules/home/virtualization/waydroid.nix
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
lib.utilMods.mkModule config "waydroid" {
|
||||||
|
virtualisation.waydroid.enable = true;
|
||||||
|
environment.systemPackages = with pkgs; [nur.repos.ataraxiasjel.waydroid-script];
|
||||||
|
}
|
22
profiles/home/default.nix
Normal file
22
profiles/home/default.nix
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./comms
|
||||||
|
./development
|
||||||
|
./firefox
|
||||||
|
./media
|
||||||
|
./terminal
|
||||||
|
./theme
|
||||||
|
./virtualization
|
||||||
|
./defaults.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
options.modules.home = {
|
||||||
|
profile = lib.mkOption {
|
||||||
|
type = lib.types.enum [ "minimal" "desktop" "gaming" "development" ];
|
||||||
|
default = "minimal";
|
||||||
|
description = "The home configuration profile to use";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
22
profiles/home/desktop.nix
Normal file
22
profiles/home/desktop.nix
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./minimal.nix
|
||||||
|
../../modules/home/firefox
|
||||||
|
../../modules/home/theme
|
||||||
|
../../modules/home/terminal
|
||||||
|
];
|
||||||
|
|
||||||
|
modules = {
|
||||||
|
firefox.enable = true;
|
||||||
|
theme = {
|
||||||
|
enable = true;
|
||||||
|
stylix.enable = config.stylix.enable;
|
||||||
|
};
|
||||||
|
terminal = {
|
||||||
|
kitty.enable = config.variables.defaultTerminal == "kitty";
|
||||||
|
konsole.enable = config.variables.defaultTerminal == "konsole";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
23
profiles/home/development.nix
Normal file
23
profiles/home/development.nix
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./desktop.nix
|
||||||
|
../../modules/home/development
|
||||||
|
];
|
||||||
|
|
||||||
|
modules = {
|
||||||
|
development = {
|
||||||
|
enable = true;
|
||||||
|
languages = {
|
||||||
|
python.enable = true;
|
||||||
|
rust.enable = true;
|
||||||
|
nix.enable = true;
|
||||||
|
};
|
||||||
|
tools = {
|
||||||
|
git.enable = true;
|
||||||
|
direnv.enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
17
profiles/home/gaming.nix
Normal file
17
profiles/home/gaming.nix
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./desktop.nix
|
||||||
|
../../modules/home/media/gaming.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
modules = {
|
||||||
|
gaming = {
|
||||||
|
enable = true;
|
||||||
|
steam.enable = true;
|
||||||
|
minecraft.enable = false; # Enable as needed
|
||||||
|
vr.enable = false; # Enable as needed
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
11
profiles/home/minimal.nix
Normal file
11
profiles/home/minimal.nix
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
../../modules/home/terminal/shell-basics.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
modules = {
|
||||||
|
terminal.basics.enable = true;
|
||||||
|
};
|
||||||
|
}
|
9
profiles/minimal.nix
Normal file
9
profiles/minimal.nix
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
../../modules/core/nix.nix
|
||||||
|
../../modules/core/user.nix
|
||||||
|
../../modules/core/security/hardening.nix
|
||||||
|
];
|
||||||
|
}
|
18
profiles/server.nix
Normal file
18
profiles/server.nix
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./minimal.nix
|
||||||
|
../../modules/core/security/ssh.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
modules = {
|
||||||
|
security = {
|
||||||
|
ssh.enable = true;
|
||||||
|
hardening = {
|
||||||
|
enable = true;
|
||||||
|
server = true; # Enable additional server hardening
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
18
profiles/workstation.nix
Normal file
18
profiles/workstation.nix
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./minimal.nix
|
||||||
|
../../modules/core/desktop.nix
|
||||||
|
../../modules/core/security/gpg.nix
|
||||||
|
../../modules/core/security/ssh.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
modules = {
|
||||||
|
desktop.enable = true;
|
||||||
|
security = {
|
||||||
|
gpg.enable = true;
|
||||||
|
ssh.enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
@ -1,67 +0,0 @@
|
|||||||
{ config, pkgs, lib, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
programs.ssh = {
|
|
||||||
enable = true;
|
|
||||||
|
|
||||||
extraConfig = ''
|
|
||||||
AddKeysToAgent yes
|
|
||||||
UseKeychain yes
|
|
||||||
IdentitiesOnly yes
|
|
||||||
HashKnownHosts yes
|
|
||||||
# Set default identity file for all hosts
|
|
||||||
IdentityFile ~/.ssh/jeirmeister
|
|
||||||
'';
|
|
||||||
|
|
||||||
# For better security
|
|
||||||
serverAliveInterval = 60;
|
|
||||||
serverAliveCountMax = 2;
|
|
||||||
|
|
||||||
# Manage known hosts
|
|
||||||
userKnownHostsFile = "~/.ssh/known_hosts";
|
|
||||||
|
|
||||||
# Common configuration for all jeir.lan hosts
|
|
||||||
matchBlocks = {
|
|
||||||
# Default for all hosts
|
|
||||||
"*" = {
|
|
||||||
identityFile = "~/.ssh/jeirmeister";
|
|
||||||
compression = true;
|
|
||||||
serverAliveInterval = 60;
|
|
||||||
};
|
|
||||||
|
|
||||||
# Shared configuration for all machines in jeir.lan
|
|
||||||
"*.jeir.lan" = {
|
|
||||||
user = "root";
|
|
||||||
identityFile = "~/.ssh/jeirmeister";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Individual machine configurations
|
|
||||||
"openwrt.jeir.lan" = {
|
|
||||||
hostname = "openwrt.jeir.lan";
|
|
||||||
};
|
|
||||||
"probabe.jeir.lan" = {
|
|
||||||
hostname = "probabe.jeir.lan";
|
|
||||||
};
|
|
||||||
"lenovobabe.jeir.lan" = {
|
|
||||||
hostname = "lenovobabe.jeir.lan";
|
|
||||||
};
|
|
||||||
"minibabe.jeir.lan" = {
|
|
||||||
hostname = "minibabe.jeir.lan";
|
|
||||||
};
|
|
||||||
"littlebabe.jeir.lan" = {
|
|
||||||
hostname = "littlebabe.jeir.lan";
|
|
||||||
};
|
|
||||||
"monsterbabe.jeir.lan" = {
|
|
||||||
hostname = "monsterbabe.jeir.lan";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# Ensure SSH directory exists with correct permissions
|
|
||||||
home.file.".ssh/.keep".text = "";
|
|
||||||
home.activation.sshPermissions = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
|
|
||||||
chmod 700 ~/.ssh
|
|
||||||
chmod 600 ~/.ssh/jeirmeister
|
|
||||||
chmod 644 ~/.ssh/jeirmeister.pub
|
|
||||||
'';
|
|
||||||
}
|
|
@ -1,33 +0,0 @@
|
|||||||
{ config, lib, pkgs, sharedAliases, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
programs.zsh = {
|
|
||||||
enable = true;
|
|
||||||
autosuggestion.enable = true;
|
|
||||||
enableCompletion = true;
|
|
||||||
syntaxHighlighting.enable = true;
|
|
||||||
shellAliases = sharedAliases;
|
|
||||||
|
|
||||||
oh-my-zsh = {
|
|
||||||
enable = true;
|
|
||||||
theme = "robbyrussell";
|
|
||||||
plugins = [
|
|
||||||
"git" # Adds many git aliases and functions
|
|
||||||
"docker" # Docker aliases and completion
|
|
||||||
"kubectl" # Kubernetes aliases and completion
|
|
||||||
"tmux" # Tmux integration and aliases
|
|
||||||
"fzf" # Fuzzy finder integration
|
|
||||||
"dirhistory" # Keyboard shortcuts for directory navigation
|
|
||||||
"history" # Command history searching
|
|
||||||
"copypath" # Copy current directory path
|
|
||||||
"copyfile" # Copy file contents
|
|
||||||
"extract" # Extract any archive format
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
initExtra = ''
|
|
||||||
# Add nix profile to PATH
|
|
||||||
export PATH=$HOME/.nix-profile/bin:$PATH
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,9 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./editors
|
|
||||||
./terminals
|
|
||||||
./apps.nix
|
|
||||||
];
|
|
||||||
}
|
|
@ -1,7 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./vr
|
|
||||||
];
|
|
||||||
}
|
|
@ -1,45 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
home.packages = with pkgs; [
|
|
||||||
immersed
|
|
||||||
];
|
|
||||||
|
|
||||||
systemd.user.services.immersed = {
|
|
||||||
Unit = {
|
|
||||||
Description = "Immersed VR Client";
|
|
||||||
After = [
|
|
||||||
"graphical-session.target"
|
|
||||||
"network.target"
|
|
||||||
];
|
|
||||||
PartOf = [ "graphical-session.target" ];
|
|
||||||
Requires = [ "network.target" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
Service = {
|
|
||||||
Type = "simple";
|
|
||||||
ExecStartPre = "${pkgs.coreutils}/bin/sleep 2"; # Give the video device time to initialize
|
|
||||||
ExecStart = "${pkgs.immersed}/bin/immersed";
|
|
||||||
Environment = [
|
|
||||||
"DISPLAY=:0"
|
|
||||||
"XDG_CURRENT_DESKTOP=KDE" # Since you're using Plasma
|
|
||||||
"QT_QPA_PLATFORM=xcb" # Force X11 mode for better compatibility
|
|
||||||
"XDG_RUNTIME_DIR=/run/user/1000"
|
|
||||||
"XDG_SESSION_TYPE=x11" # Force X11 mode
|
|
||||||
];
|
|
||||||
Restart = "on-failure";
|
|
||||||
RestartSec = 5;
|
|
||||||
StandardOutput = "journal";
|
|
||||||
StandardError = "journal";
|
|
||||||
DevicePolicy = "auto";
|
|
||||||
};
|
|
||||||
|
|
||||||
Install = {
|
|
||||||
WantedBy = [ "graphical-session.target" ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# Create required directories
|
|
||||||
home.file.".local/share/immersed/.keep".text = "";
|
|
||||||
home.file.".config/immersed/.keep".text = "";
|
|
||||||
}
|
|
@ -1,7 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./kitty.nix
|
|
||||||
];
|
|
||||||
}
|
|
@ -1,61 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
programs.kitty = {
|
|
||||||
enable = true;
|
|
||||||
settings = {
|
|
||||||
font_family = "JetBrains Mono";
|
|
||||||
font_size = 12;
|
|
||||||
window_padding_width = 4;
|
|
||||||
background_opacity = "0.95";
|
|
||||||
hide_window_decorations = "yes";
|
|
||||||
tab_bar_style = "powerline";
|
|
||||||
|
|
||||||
# Dracula theme colors
|
|
||||||
foreground = "#F8F8F2";
|
|
||||||
background = "#282A36";
|
|
||||||
selection_foreground = "#ffffff";
|
|
||||||
selection_background = "#44475a";
|
|
||||||
url_color = "#8be9fd";
|
|
||||||
cursor = "#f8f8f2";
|
|
||||||
|
|
||||||
# black
|
|
||||||
color0 = "#21222c";
|
|
||||||
color8 = "#6272a4";
|
|
||||||
|
|
||||||
# red
|
|
||||||
color1 = "#ff5555";
|
|
||||||
color9 = "#ff6e6e";
|
|
||||||
|
|
||||||
# green
|
|
||||||
color2 = "#50fa7b";
|
|
||||||
color10 = "#69ff94";
|
|
||||||
|
|
||||||
# yellow
|
|
||||||
color3 = "#f1fa8c";
|
|
||||||
color11 = "#ffffa5";
|
|
||||||
|
|
||||||
# blue
|
|
||||||
color4 = "#bd93f9";
|
|
||||||
color12 = "#d6acff";
|
|
||||||
|
|
||||||
# magenta
|
|
||||||
color5 = "#ff79c6";
|
|
||||||
color13 = "#ff92df";
|
|
||||||
|
|
||||||
# cyan
|
|
||||||
color6 = "#8be9fd";
|
|
||||||
color14 = "#a4ffff";
|
|
||||||
|
|
||||||
# white
|
|
||||||
color7 = "#f8f8f2";
|
|
||||||
color15 = "#ffffff";
|
|
||||||
|
|
||||||
# tab bar
|
|
||||||
active_tab_foreground = "#282a36";
|
|
||||||
active_tab_background = "#f8f8f2";
|
|
||||||
inactive_tab_foreground = "#282a36";
|
|
||||||
inactive_tab_background = "#6272a4";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,135 +0,0 @@
|
|||||||
{ config, pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
programs.tmux = {
|
|
||||||
enable = true;
|
|
||||||
clock24 = true;
|
|
||||||
baseIndex = 1;
|
|
||||||
escapeTime = 0;
|
|
||||||
terminal = "screen-256color";
|
|
||||||
historyLimit = 50000;
|
|
||||||
keyMode = "vi";
|
|
||||||
customPaneNavigationAndResize = true;
|
|
||||||
|
|
||||||
plugins = with pkgs.tmuxPlugins; [
|
|
||||||
{
|
|
||||||
plugin = sensible;
|
|
||||||
extraConfig = ''
|
|
||||||
# Set default shell to zsh
|
|
||||||
set -g default-command "${pkgs.zsh}/bin/zsh"
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = resurrect;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @resurrect-strategy-nvim 'session'
|
|
||||||
set -g @resurrect-capture-pane-contents 'on'
|
|
||||||
set -g @resurrect-dir '${config.xdg.dataHome}/tmux/resurrect'
|
|
||||||
bind C-s run-shell ${pkgs.tmuxPlugins.resurrect}/share/tmux-plugins/resurrect/scripts/save.sh
|
|
||||||
bind C-r run-shell ${pkgs.tmuxPlugins.resurrect}/share/tmux-plugins/resurrect/scripts/restore.sh
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = continuum;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @continuum-restore 'on'
|
|
||||||
set -g @continuum-save-interval '15'
|
|
||||||
set -g @continuum-boot 'on'
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = better-mouse-mode;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @scroll-speed-num-lines-per-scroll 1
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = yank;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @yank_selection 'clipboard'
|
|
||||||
set -g @yank_selection_mouse 'clipboard'
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = pain-control;
|
|
||||||
extraConfig = ''
|
|
||||||
bind C-h select-pane -L
|
|
||||||
bind C-j select-pane -D
|
|
||||||
bind C-k select-pane -U
|
|
||||||
bind C-l select-pane -R
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = sidebar;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @sidebar-tree-command 'tree -C'
|
|
||||||
bind Tab run-shell ${pkgs.tmuxPlugins.sidebar}/share/tmux-plugins/sidebar/scripts/toggle.sh
|
|
||||||
bind BSpace run-shell ${pkgs.tmuxPlugins.sidebar}/share/tmux-plugins/sidebar/scripts/toggle.sh
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = online-status;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @online_icon "✓"
|
|
||||||
set -g @offline_icon "✗"
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = cpu;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @cpu_percentage_format "%3.0f%%"
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = battery;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @battery_percentage_format "%3.0f%%"
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = fzf-url;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @fzf-url-bind 'u'
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = logging;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @logging-path "${config.xdg.dataHome}/tmux/logging"
|
|
||||||
bind P pipe-pane -o "cat >>#{@logging-path}/tmux-#W.log" \; display "Toggled logging to #{@logging-path}/tmux-#W.log"
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
{
|
|
||||||
plugin = fingers;
|
|
||||||
extraConfig = ''
|
|
||||||
set -g @fingers-key f
|
|
||||||
set -g @fingers-pattern-0 '[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}'
|
|
||||||
'';
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
extraConfig = ''
|
|
||||||
# Set prefix
|
|
||||||
unbind C-b
|
|
||||||
set -g prefix C-a
|
|
||||||
bind C-a send-prefix
|
|
||||||
|
|
||||||
# Mouse support
|
|
||||||
set -g mouse on
|
|
||||||
|
|
||||||
# Status bar configuration
|
|
||||||
set -g status-interval 1
|
|
||||||
set -g status-position top
|
|
||||||
set -g status-justify left
|
|
||||||
set -g status-left "#{online_status} #[fg=green]#S #[fg=yellow]#I #[fg=cyan]#P"
|
|
||||||
set -g status-right "#{cpu_fg_color}#{cpu_percentage} #[fg=colour136]#{battery_percentage} %H:%M:%S"
|
|
||||||
|
|
||||||
# Natural language command bindings
|
|
||||||
bind : command-prompt -p "Command:" {
|
|
||||||
if -F "#{m:save-session,%%}" "run-shell ${pkgs.tmuxPlugins.resurrect}/share/tmux-plugins/resurrect/scripts/save.sh" \
|
|
||||||
if -F "#{m:restore-session,%%}" "run-shell ${pkgs.tmuxPlugins.resurrect}/share/tmux-plugins/resurrect/scripts/restore.sh" \
|
|
||||||
if -F "#{m:yank-text,%%}" "run-shell 'tmux show-buffer | ${pkgs.xclip}/bin/xclip -selection clipboard'"
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
}
|
|
@ -1,56 +0,0 @@
|
|||||||
% TMUX-PLUGINS(1) Custom Tmux Plugins Help | November 2024
|
|
||||||
|
|
||||||
# NAME
|
|
||||||
tmux-plugins - Overview of custom Tmux plugins, keybindings, and natural language commands
|
|
||||||
|
|
||||||
# SYNOPSIS
|
|
||||||
This man page provides an overview of custom Tmux plugins, their purpose, example usage, and natural language commands.
|
|
||||||
|
|
||||||
# PREFIX KEY
|
|
||||||
The prefix key for all tmux commands is `Ctrl-a` (C-a). This means whenever you see `Prefix + key`, you should:
|
|
||||||
1. Press and hold `Ctrl`, then press `a`
|
|
||||||
2. Release both keys
|
|
||||||
3. Press the specified key
|
|
||||||
|
|
||||||
# DESCRIPTION
|
|
||||||
The following is a list of Tmux plugins installed through Home Manager in your environment, along with their purpose, example usage, and custom commands.
|
|
||||||
|
|
||||||
# PLUGINS
|
|
||||||
|
|
||||||
## 1. Sensible
|
|
||||||
- **Purpose**: Provides a set of sensible default configurations for tmux.
|
|
||||||
- **Example Usage**:
|
|
||||||
- Automatically enabled with better key bindings and options
|
|
||||||
- Uses zsh as the default shell
|
|
||||||
|
|
||||||
## 2. Resurrect
|
|
||||||
- **Purpose**: Saves and restores your Tmux sessions, including windows, panes, and running processes.
|
|
||||||
- **Example Usage**:
|
|
||||||
- Save session: `Prefix + Ctrl-s`
|
|
||||||
- Restore session: `Prefix + Ctrl-r`
|
|
||||||
- **Natural Language Command**:
|
|
||||||
- `save-session`: Saves the current session.
|
|
||||||
- `restore-session`: Restores the last saved session.
|
|
||||||
|
|
||||||
[rest of plugins remain the same until NATURAL LANGUAGE COMMANDS section]
|
|
||||||
|
|
||||||
# NATURAL LANGUAGE COMMANDS
|
|
||||||
|
|
||||||
In addition to keybindings, you can use these natural language commands from within tmux:
|
|
||||||
|
|
||||||
1. `save-session`: Saves the current tmux session using Resurrect.
|
|
||||||
2. `restore-session`: Restores the last saved tmux session using Resurrect.
|
|
||||||
3. `yank-text`: Copies selected text to the system clipboard using Yank.
|
|
||||||
|
|
||||||
These commands can be typed directly into tmux's command prompt (`Prefix + :`) or used as shell aliases.
|
|
||||||
|
|
||||||
Note: Plugin management is handled through Home Manager, so there's no need for manual plugin installation or updates.
|
|
||||||
|
|
||||||
# QUICK REFERENCE
|
|
||||||
You can access this manual at any time by typing `tmux-help` in your terminal.
|
|
||||||
|
|
||||||
# SEE ALSO
|
|
||||||
tmux(1), man(1)
|
|
||||||
|
|
||||||
# AUTHOR
|
|
||||||
Custom man page created for user-defined Tmux configuration with natural language commands.
|
|
38
proposal.md
38
proposal.md
@ -1,38 +0,0 @@
|
|||||||
.
|
|
||||||
├── flake.nix
|
|
||||||
├── lib # Helper functions
|
|
||||||
│ ├── default.nix
|
|
||||||
│ ├── mkHome.nix # Home configuration builder
|
|
||||||
│ └── mkHost.nix # Host configuration builder
|
|
||||||
├── hosts
|
|
||||||
│ └── steamnix # Your Steam Deck configuration
|
|
||||||
│ ├── configuration.nix
|
|
||||||
│ ├── hardware-configuration.nix
|
|
||||||
│ └── default.nix
|
|
||||||
├── modules
|
|
||||||
│ ├── core # Essential system modules
|
|
||||||
│ │ ├── default.nix
|
|
||||||
│ │ ├── nix.nix # Nix configuration
|
|
||||||
│ │ └── security.nix # Security settings
|
|
||||||
│ ├── home # Home-manager modules
|
|
||||||
│ │ ├── development
|
|
||||||
│ │ ├── desktop
|
|
||||||
│ │ └── terminal
|
|
||||||
│ └── system # System-level modules
|
|
||||||
│ ├── hardware
|
|
||||||
│ └── services
|
|
||||||
├── overlays # Custom package modifications
|
|
||||||
│ └── default.nix
|
|
||||||
├── profiles # Reusable configuration profiles
|
|
||||||
│ ├── desktop
|
|
||||||
│ │ └── plasma
|
|
||||||
│ ├── development
|
|
||||||
│ └── gaming
|
|
||||||
├── scripts # Maintenance scripts
|
|
||||||
│ └── rebuild.sh
|
|
||||||
├── secrets # Encrypted secrets management
|
|
||||||
│ └── default.nix
|
|
||||||
└── users
|
|
||||||
└── jeirmeister
|
|
||||||
├── home.nix
|
|
||||||
└── config # User-specific configurations
|
|
7519
repo_overview.txt
Normal file
7519
repo_overview.txt
Normal file
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,34 @@
|
|||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./users
|
||||||
|
];
|
||||||
|
|
||||||
|
options = {
|
||||||
|
variables.secrets = {
|
||||||
|
identityPaths = lib.mkOption {
|
||||||
|
type = lib.types.listOf lib.types.path;
|
||||||
|
default = [ ];
|
||||||
|
description = "List of paths to age identities for secret decryption";
|
||||||
|
};
|
||||||
|
|
||||||
|
userKeys = lib.mkOption {
|
||||||
|
type = lib.types.attrsOf (lib.types.listOf lib.types.str);
|
||||||
|
default = {
|
||||||
|
jeirmeister = [
|
||||||
|
"0x33A40DF62D35C4A7" # Your GPG key ID
|
||||||
|
];
|
||||||
|
};
|
||||||
|
description = "User GPG keys for secret encryption";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = {
|
||||||
|
age = {
|
||||||
|
identityPaths = config.variables.secrets.identityPaths;
|
||||||
|
secrets = import ./secrets.nix { inherit config pkgs lib; };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Binary file not shown.
Binary file not shown.
@ -1,30 +1,36 @@
|
|||||||
{ pkgs, lib, ... }:
|
{ config, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
inherit (lib) filterAttrs mapAttrs;
|
||||||
|
|
||||||
|
# Reusable keys definitions
|
||||||
users = {
|
users = {
|
||||||
jeirmeister = [
|
jeirmeister = [
|
||||||
"0x33A40DF62D35C4A7" # Your GPG key ID
|
"0x33A40DF62D35C4A7" # GPG key
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
systems = {
|
systems = {
|
||||||
steamnix = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJuZYkDQGN6k+uxu3npJ/PN5hwVU9c4HPU5kJCVVitGt root@nixos";
|
steamnix = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJuZYkDQGN6k+uxu3npJ/PN5hwVU9c4HPU5kJCVVitGt root@steamnix";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Helper functions
|
||||||
allUsers = lib.flatten (builtins.attrValues users);
|
allUsers = lib.flatten (builtins.attrValues users);
|
||||||
allSystems = builtins.attrValues systems;
|
allSystems = builtins.attrValues systems;
|
||||||
|
|
||||||
|
# Common recipient sets
|
||||||
|
commonRecipients = allUsers ++ allSystems;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
# Custom SSH key
|
# User passwords
|
||||||
"jeirmeister/ssh/jeirmeister.age".publicKeys =
|
"jeirmeister/passwd".publicKeys = users.jeirmeister ++ allSystems;
|
||||||
users.jeirmeister ++ (builtins.attrValues systems);
|
|
||||||
|
|
||||||
# GPG key
|
# SSH keys
|
||||||
"jeirmeister/gpg/private.age".publicKeys =
|
"jeirmeister/ssh/id_ed25519".publicKeys = users.jeirmeister ++ [ systems.steamnix ];
|
||||||
users.jeirmeister ++ (builtins.attrValues systems);
|
|
||||||
|
|
||||||
home.packages = with pkgs; [
|
# GPG keys
|
||||||
git-crypt # For transparent file encryption in git repositories
|
"jeirmeister/gpg/private".publicKeys = users.jeirmeister ++ [ systems.steamnix ];
|
||||||
sops # Preparing for future sops integration
|
|
||||||
];
|
# Application secrets
|
||||||
|
"jeirmeister/borg".publicKeys = users.jeirmeister;
|
||||||
}
|
}
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user