lgmrszd/nix-cfg
1
0
Fork 0
mirror of https://git.lgmrszd.xyz/Lgmrszd/nix-cfg.git synced 2024-11-12 22:58:04 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

bump

Browse source
This commit is contained in:
Lgmrszd 2023-10-30 19:20:54 +03:00
parent 475374c653
commit fd47f8be1e
No known key found for this signature in database
GPG key ID: 9396B8BA6FBB14DE
6 changed files with 193 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
configuration.nix
View file

@ -20,7 +20,12 @@
enable = true;
device = "nodev";
efiSupport = true;
theme = "/home/lgm/minegrub/minegrub-theme/minegrub/";
theme = "${pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "grub";
rev = "803c5df0e83aba61668777bb96d90ab8f6847106";
hash = "sha256-/bSolCta8GCZ4lP0u5NVqYQ9Y3ZooYCNdTwORNvR7M0=";
}}/src/catppuccin-macchiato-grub-theme/";
efiInstallAsRemovable = false;
# useOSProber = true;
extraEntries =
@ -64,13 +69,25 @@
boot.kernel.sysctl."kernel.sysrq" = 244;
boot.plymouth = {
enable = true;
themePackages = [ (pkgs.catppuccin-plymouth.override { variant = "macchiato"; }) ];
theme = "catppuccin-macchiato";
};
boot.initrd.systemd.enable = true;
# ==[SECURITY]==
# LUKS options
# boot.initrd.luks.fido2Support = true;
boot.initrd.luks.devices = with secrets.drive-ids.luks; {
crypted = {
inherit device;
inherit header;
preLVM = true;
crypttabExtraOpts = [ "fido2-device=auto" "token-timeout=10s" ];
# fido2.credential = "";
# fido2.passwordLess = true;
};
};
@ -131,9 +148,10 @@
programs.gamemode.enable = true;
# VirtualBox
virtualisation.virtualbox.host.enable = true;
virtualisation.virtualbox.host.enableExtensionPack = true;
users.extraGroups.vboxusers.members = [ "lgm" ];
virtualisation.docker.enable = true;
virtualisation.virtualbox.host.enable = true;
virtualisation.virtualbox.host.enableExtensionPack = true;
users.extraGroups.vboxusers.members = [ "lgm" ];
networking.hostName = "lgm-nixos"; # Define your hostname.
# Pick only one of the below networking options.
@ -175,9 +193,22 @@
# Enable the Plasma 5 Desktop Environment.
services.xserver.displayManager.sddm.enable = true;
# Didn't like, the theme is a bit buggy
# services.xserver.displayManager.sddm.theme = "${pkgs.fetchFromGitHub {
# owner = "catppuccin";
# repo = "sddm";
# rev = "7fc67d1027cdb7f4d833c5d23a8c34a0029b0661";
# hash = "sha256-SjYwyUvvx/ageqVH5MmYmHNRKNvvnF3DYMJ/f2/L+Go=";
# }}/src/catppuccin-latte/";
services.xserver.desktopManager.plasma5.enable = true;
services.xserver.displayManager.defaultSession = "plasmawayland";
# programs.command-not-found.enable = false;
# programs.nix-index.enable = true;
# fish
programs.fish = {
enable = true;
@ -228,13 +259,14 @@
users.users.lgm = {
isNormalUser = true;
description = "lgm";
extraGroups = [ "networkmanager" "wheel" "adbusers"];
extraGroups = [ "networkmanager" "wheel" "adbusers" "docker"];
shell = pkgs.fish;
};
nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# nix.nixPath = []
# OnlyKey
hardware.onlykey.enable = true;
@ -248,12 +280,15 @@
curl
python3
# more stuff
gnome-network-displays
miraclecast
parted
exfatprogs
gparted
tmux
graalvm17-ce
# graalvm17-ce
jetbrains.jdk
distrobox
(let base = pkgs.appimageTools.defaultFhsEnvArgs; in
pkgs.buildFHSUserEnv (base // {
@ -277,17 +312,20 @@
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
# enableSSHSupport = true;
};
programs.ssh.startAgent = true;
# List services that you want to enable:
# services.peroxide.enable = true;
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
networking.firewall.trustedInterfaces = [ "p2p-wl+" ];
networking.firewall.allowedTCPPorts = [ 5900 5905 7236 7250 ];
networking.firewall.allowedUDPPorts = [ 5900 5905 7236 5353 ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;

39
flake.lock
View file

@ -7,27 +7,27 @@
]
},
"locked": {
"lastModified": 1693208669,
"narHash": "sha256-hHFaaUsZ860wvppPeiu7nJn/nXZjJfnqAQEu9SPFE9I=",
"lastModified": 1698250431,
"narHash": "sha256-qs2gTeH4wpnWPO6Oi6sOhp2IhG0i0DzcnrJxIY3/CP8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "5bac4a1c06cd77cf8fc35a658ccb035a6c50cd2c",
"rev": "09587fbbc6a669f7725613e044c2577dc5d43ab5",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.05",
"ref": "master",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1693377291,
"narHash": "sha256-vYGY9bnqEeIncNarDZYhm6KdLKgXMS+HA2mTRaWEc80=",
"lastModified": 1698134075,
"narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e7f38be3775bab9659575f192ece011c033655f0",
"rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4",
"type": "github"
},
"original": {
@ -39,11 +39,11 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1693341273,
"narHash": "sha256-wrsPjsIx2767909MPGhSIOmkpGELM9eufqLQOPxmZQg=",
"lastModified": 1698288402,
"narHash": "sha256-jIIjApPdm+4yt8PglX8pUOexAdEiAax/DXW3S/Mb21E=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2ab91c8d65c00fd22a441c69bbf1bc9b420d5ea1",
"rev": "60b9db998f71ea49e1a9c41824d09aa274be1344",
"type": "github"
},
"original": {
@ -53,11 +53,28 @@
"type": "github"
}
},
"nixpkgs-vesktop": {
"locked": {
"lastModified": 1698418864,
"narHash": "sha256-LAWBE8au4ajSPPksF9rr3ddYCMctzx1FA75r2TCGbXc=",
"owner": "pluiedev",
"repo": "nixpkgs",
"rev": "a659490545d4825fe27a1d32ec83f30258673731",
"type": "github"
},
"original": {
"owner": "pluiedev",
"ref": "patch-1",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable"
"nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-vesktop": "nixpkgs-vesktop"
}
}
},

13
flake.nix
View file

@ -8,10 +8,16 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.05";
# nix-index-database.url = "github:nix-community/nix-index-database";
# nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
# nur = {
# url = "github:nix-community/NUR";
# };
nixpkgs-vesktop.url = "github:pluiedev/nixpkgs/patch-1";
# nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
# home-manager, used for managing user configuration
home-manager = {
url = "github:nix-community/home-manager/release-23.05";
url = "github:nix-community/home-manager/master";
# The `follows` keyword in inputs is used for inheritance.
# Here, `inputs.nixpkgs` of home-manager is kept consistent with
# the `inputs.nixpkgs` of the current flake,
@ -23,6 +29,8 @@
outputs = inputs@{
nixpkgs,
nixpkgs-stable,
# nix-index-database,
# nur,
home-manager,
...
}: {
@ -36,7 +44,9 @@
secrets = import ./secrets {};
};
modules = [
# nur.nixosModules.nur
./configuration.nix
# nix-index-database.nixosModules.nix-index
./mounts.nix
# make home-manager as a module of nixos
@ -50,6 +60,7 @@
home-manager.extraSpecialArgs = with specialArgs; {
inherit pkgs-stable;
inherit secrets;
};
}
];

57
home.nix
View file

@ -1,4 +1,4 @@
{ config, pkgs, pkgs-stable, ... }:
{ config, osConfig, secrets, pkgs, pkgs-stable, ... }:
{
home.username = "lgm";
@ -8,9 +8,38 @@
# Packages that should be installed to the user profile.
home.packages = with pkgs; [
wineWowPackages.waylandFull
# my scripts
((import ./scripts/rebuild.nix) {inherit pkgs;})
wineWowPackages.waylandFull
openconnect
ani-cli
# file editing
onlyoffice-bin
# theming
libsForQt5.qtstyleplugin-kvantum
# osConfig.nur.repos.baduhai.koi
(catppuccin-gtk.override {
variant = "latte";
accents = [ "yellow" ];
})
(catppuccin-kde.override {
flavour = [ "macchiato" "latte" ];
accents = [ "yellow" ];
})
(catppuccin-kvantum.override {
variant = "Latte";
accent = "Yellow";
})
(catppuccin-kvantum.override {
variant = "Macchiato";
accent = "Yellow";
})
# web
firefox
protonvpn-gui
protonvpn-cli
# security
keepassxc
onlykey
@ -40,6 +69,8 @@
# games
prismlauncher
xonotic
superTux
superTuxKart
lutris
# dev
jetbrains.idea-community
@ -54,6 +85,7 @@
# p7zip
# utils
git-crypt
appimage-run
kate
ncdu
@ -63,7 +95,7 @@
ripgrep # recursively searches directories for a regex pattern
jq # A lightweight and flexible command-line JSON processor
exa # A modern replacement for ‘ls’
eza
# networking tools
dnsutils # `dig` + `nslookup`
@ -75,7 +107,6 @@
# etc
vlc
qbittorrent
libsForQt5.qtstyleplugin-kvantum
# misc
cowsay
# file
@ -112,6 +143,18 @@
monero-gui
];
# Email stuff
programs.thunderbird = {
enable = true;
package = pkgs.thunderbird;
profiles = secrets.email-stuff.thunderbirdProfiles;
};
accounts.email.accounts = secrets.email-stuff.emailAccounts;
# ---------
services.nextcloud-client = {
enable = true;
};
@ -132,12 +175,6 @@
};
};
programs.thunderbird = {
enable = true;
package = pkgs.thunderbird;
profiles.lgmrszd.isDefault = true;
};
programs.pazi = {
enable = true;
enableFishIntegration = true;

58
scripts/rebuild.nix Normal file
View file

@ -0,0 +1,58 @@
{ pkgs }:
pkgs.writeShellScriptBin "my-rebuild" ''
BOOT=/boot
ATTEMPTS=5
is_mounted(){
${pkgs.util-linux}/bin/findmnt --mountpoint $BOOT
return $?
}
mount_boot(){
echo "mounting $BOOT..."
mount $BOOT 2> /dev/null
return $?
}
umount_boot(){
echo "umounting $BOOT..."
umount $BOOT
return $?
}
try_mount(){
attempt=0
while [[ attempt -ne 5 ]]
do
mount_boot
res1=$?
is_mounted
res2=$?
if [[ $res1 -eq 0 && $res2 -eq 0 ]]; then
echo "Mounted $BOOT!"
return 0
fi
echo "Failed to mount $BOOT, waiting..."
attempt=$(($attempt+1))
sleep 2
done
return 1
}
if [[ $EUID -ne 0 ]]; then
echo "Must be a superuser!"
exit 1
fi
try_mount
if [[ $? -ne 0 ]]; then
echo "Failed to mount $BOOT!"
exit 1
fi
echo "Rebuilding..."
nixos-rebuild $@
sleep 2
echo "Done rebuild!"
umount_boot
''

1
secrets/default.nix
View file

@ -1,4 +1,5 @@
{ ... }:
{
drive-ids = import ./drive-ids.nix;
email-stuff = import ./email-stuff.nix;
}