mirror of
https://git.lgmrszd.xyz/Lgmrszd/nix-cfg.git
synced 2024-11-12 22:58:04 +01:00
bump
This commit is contained in:
parent
475374c653
commit
fd47f8be1e
6 changed files with 193 additions and 31 deletions
|
@ -20,7 +20,12 @@
|
|||
enable = true;
|
||||
device = "nodev";
|
||||
efiSupport = true;
|
||||
theme = "/home/lgm/minegrub/minegrub-theme/minegrub/";
|
||||
theme = "${pkgs.fetchFromGitHub {
|
||||
owner = "catppuccin";
|
||||
repo = "grub";
|
||||
rev = "803c5df0e83aba61668777bb96d90ab8f6847106";
|
||||
hash = "sha256-/bSolCta8GCZ4lP0u5NVqYQ9Y3ZooYCNdTwORNvR7M0=";
|
||||
}}/src/catppuccin-macchiato-grub-theme/";
|
||||
efiInstallAsRemovable = false;
|
||||
# useOSProber = true;
|
||||
extraEntries =
|
||||
|
@ -64,13 +69,25 @@
|
|||
|
||||
boot.kernel.sysctl."kernel.sysrq" = 244;
|
||||
|
||||
boot.plymouth = {
|
||||
enable = true;
|
||||
themePackages = [ (pkgs.catppuccin-plymouth.override { variant = "macchiato"; }) ];
|
||||
theme = "catppuccin-macchiato";
|
||||
};
|
||||
|
||||
boot.initrd.systemd.enable = true;
|
||||
|
||||
# ==[SECURITY]==
|
||||
# LUKS options
|
||||
# boot.initrd.luks.fido2Support = true;
|
||||
boot.initrd.luks.devices = with secrets.drive-ids.luks; {
|
||||
crypted = {
|
||||
inherit device;
|
||||
inherit header;
|
||||
preLVM = true;
|
||||
crypttabExtraOpts = [ "fido2-device=auto" "token-timeout=10s" ];
|
||||
# fido2.credential = "";
|
||||
# fido2.passwordLess = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -131,9 +148,10 @@
|
|||
programs.gamemode.enable = true;
|
||||
|
||||
# VirtualBox
|
||||
virtualisation.virtualbox.host.enable = true;
|
||||
virtualisation.virtualbox.host.enableExtensionPack = true;
|
||||
users.extraGroups.vboxusers.members = [ "lgm" ];
|
||||
virtualisation.docker.enable = true;
|
||||
virtualisation.virtualbox.host.enable = true;
|
||||
virtualisation.virtualbox.host.enableExtensionPack = true;
|
||||
users.extraGroups.vboxusers.members = [ "lgm" ];
|
||||
|
||||
networking.hostName = "lgm-nixos"; # Define your hostname.
|
||||
# Pick only one of the below networking options.
|
||||
|
@ -175,9 +193,22 @@
|
|||
|
||||
# Enable the Plasma 5 Desktop Environment.
|
||||
services.xserver.displayManager.sddm.enable = true;
|
||||
|
||||
# Didn't like, the theme is a bit buggy
|
||||
# services.xserver.displayManager.sddm.theme = "${pkgs.fetchFromGitHub {
|
||||
# owner = "catppuccin";
|
||||
# repo = "sddm";
|
||||
# rev = "7fc67d1027cdb7f4d833c5d23a8c34a0029b0661";
|
||||
# hash = "sha256-SjYwyUvvx/ageqVH5MmYmHNRKNvvnF3DYMJ/f2/L+Go=";
|
||||
# }}/src/catppuccin-latte/";
|
||||
|
||||
services.xserver.desktopManager.plasma5.enable = true;
|
||||
services.xserver.displayManager.defaultSession = "plasmawayland";
|
||||
|
||||
# programs.command-not-found.enable = false;
|
||||
# programs.nix-index.enable = true;
|
||||
|
||||
|
||||
# fish
|
||||
programs.fish = {
|
||||
enable = true;
|
||||
|
@ -228,13 +259,14 @@
|
|||
users.users.lgm = {
|
||||
isNormalUser = true;
|
||||
description = "lgm";
|
||||
extraGroups = [ "networkmanager" "wheel" "adbusers"];
|
||||
extraGroups = [ "networkmanager" "wheel" "adbusers" "docker"];
|
||||
shell = pkgs.fish;
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
# nix.nixPath = []
|
||||
|
||||
# OnlyKey
|
||||
hardware.onlykey.enable = true;
|
||||
|
@ -248,12 +280,15 @@
|
|||
curl
|
||||
python3
|
||||
# more stuff
|
||||
gnome-network-displays
|
||||
miraclecast
|
||||
parted
|
||||
exfatprogs
|
||||
gparted
|
||||
tmux
|
||||
graalvm17-ce
|
||||
# graalvm17-ce
|
||||
jetbrains.jdk
|
||||
distrobox
|
||||
|
||||
(let base = pkgs.appimageTools.defaultFhsEnvArgs; in
|
||||
pkgs.buildFHSUserEnv (base // {
|
||||
|
@ -277,17 +312,20 @@
|
|||
# programs.mtr.enable = true;
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
# enableSSHSupport = true;
|
||||
};
|
||||
programs.ssh.startAgent = true;
|
||||
|
||||
# List services that you want to enable:
|
||||
# services.peroxide.enable = true;
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
# services.openssh.enable = true;
|
||||
|
||||
# Open ports in the firewall.
|
||||
# networking.firewall.allowedTCPPorts = [ ... ];
|
||||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||||
networking.firewall.trustedInterfaces = [ "p2p-wl+" ];
|
||||
networking.firewall.allowedTCPPorts = [ 5900 5905 7236 7250 ];
|
||||
networking.firewall.allowedUDPPorts = [ 5900 5905 7236 5353 ];
|
||||
# Or disable the firewall altogether.
|
||||
# networking.firewall.enable = false;
|
||||
|
||||
|
|
39
flake.lock
39
flake.lock
|
@ -7,27 +7,27 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1693208669,
|
||||
"narHash": "sha256-hHFaaUsZ860wvppPeiu7nJn/nXZjJfnqAQEu9SPFE9I=",
|
||||
"lastModified": 1698250431,
|
||||
"narHash": "sha256-qs2gTeH4wpnWPO6Oi6sOhp2IhG0i0DzcnrJxIY3/CP8=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "5bac4a1c06cd77cf8fc35a658ccb035a6c50cd2c",
|
||||
"rev": "09587fbbc6a669f7725613e044c2577dc5d43ab5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-23.05",
|
||||
"ref": "master",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1693377291,
|
||||
"narHash": "sha256-vYGY9bnqEeIncNarDZYhm6KdLKgXMS+HA2mTRaWEc80=",
|
||||
"lastModified": 1698134075,
|
||||
"narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e7f38be3775bab9659575f192ece011c033655f0",
|
||||
"rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -39,11 +39,11 @@
|
|||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1693341273,
|
||||
"narHash": "sha256-wrsPjsIx2767909MPGhSIOmkpGELM9eufqLQOPxmZQg=",
|
||||
"lastModified": 1698288402,
|
||||
"narHash": "sha256-jIIjApPdm+4yt8PglX8pUOexAdEiAax/DXW3S/Mb21E=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "2ab91c8d65c00fd22a441c69bbf1bc9b420d5ea1",
|
||||
"rev": "60b9db998f71ea49e1a9c41824d09aa274be1344",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -53,11 +53,28 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-vesktop": {
|
||||
"locked": {
|
||||
"lastModified": 1698418864,
|
||||
"narHash": "sha256-LAWBE8au4ajSPPksF9rr3ddYCMctzx1FA75r2TCGbXc=",
|
||||
"owner": "pluiedev",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a659490545d4825fe27a1d32ec83f30258673731",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "pluiedev",
|
||||
"ref": "patch-1",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"home-manager": "home-manager",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
"nixpkgs-stable": "nixpkgs-stable",
|
||||
"nixpkgs-vesktop": "nixpkgs-vesktop"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
13
flake.nix
13
flake.nix
|
@ -8,10 +8,16 @@
|
|||
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.05";
|
||||
# nix-index-database.url = "github:nix-community/nix-index-database";
|
||||
# nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
|
||||
# nur = {
|
||||
# url = "github:nix-community/NUR";
|
||||
# };
|
||||
nixpkgs-vesktop.url = "github:pluiedev/nixpkgs/patch-1";
|
||||
# nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||
# home-manager, used for managing user configuration
|
||||
home-manager = {
|
||||
url = "github:nix-community/home-manager/release-23.05";
|
||||
url = "github:nix-community/home-manager/master";
|
||||
# The `follows` keyword in inputs is used for inheritance.
|
||||
# Here, `inputs.nixpkgs` of home-manager is kept consistent with
|
||||
# the `inputs.nixpkgs` of the current flake,
|
||||
|
@ -23,6 +29,8 @@
|
|||
outputs = inputs@{
|
||||
nixpkgs,
|
||||
nixpkgs-stable,
|
||||
# nix-index-database,
|
||||
# nur,
|
||||
home-manager,
|
||||
...
|
||||
}: {
|
||||
|
@ -36,7 +44,9 @@
|
|||
secrets = import ./secrets {};
|
||||
};
|
||||
modules = [
|
||||
# nur.nixosModules.nur
|
||||
./configuration.nix
|
||||
# nix-index-database.nixosModules.nix-index
|
||||
./mounts.nix
|
||||
|
||||
# make home-manager as a module of nixos
|
||||
|
@ -50,6 +60,7 @@
|
|||
|
||||
home-manager.extraSpecialArgs = with specialArgs; {
|
||||
inherit pkgs-stable;
|
||||
inherit secrets;
|
||||
};
|
||||
}
|
||||
];
|
||||
|
|
57
home.nix
57
home.nix
|
@ -1,4 +1,4 @@
|
|||
{ config, pkgs, pkgs-stable, ... }:
|
||||
{ config, osConfig, secrets, pkgs, pkgs-stable, ... }:
|
||||
|
||||
{
|
||||
home.username = "lgm";
|
||||
|
@ -8,9 +8,38 @@
|
|||
|
||||
# Packages that should be installed to the user profile.
|
||||
home.packages = with pkgs; [
|
||||
wineWowPackages.waylandFull
|
||||
# my scripts
|
||||
((import ./scripts/rebuild.nix) {inherit pkgs;})
|
||||
wineWowPackages.waylandFull
|
||||
openconnect
|
||||
ani-cli
|
||||
# file editing
|
||||
onlyoffice-bin
|
||||
# theming
|
||||
libsForQt5.qtstyleplugin-kvantum
|
||||
# osConfig.nur.repos.baduhai.koi
|
||||
(catppuccin-gtk.override {
|
||||
variant = "latte";
|
||||
accents = [ "yellow" ];
|
||||
})
|
||||
(catppuccin-kde.override {
|
||||
flavour = [ "macchiato" "latte" ];
|
||||
accents = [ "yellow" ];
|
||||
})
|
||||
(catppuccin-kvantum.override {
|
||||
variant = "Latte";
|
||||
accent = "Yellow";
|
||||
})
|
||||
(catppuccin-kvantum.override {
|
||||
variant = "Macchiato";
|
||||
accent = "Yellow";
|
||||
})
|
||||
|
||||
|
||||
# web
|
||||
firefox
|
||||
protonvpn-gui
|
||||
protonvpn-cli
|
||||
# security
|
||||
keepassxc
|
||||
onlykey
|
||||
|
@ -40,6 +69,8 @@
|
|||
# games
|
||||
prismlauncher
|
||||
xonotic
|
||||
superTux
|
||||
superTuxKart
|
||||
lutris
|
||||
# dev
|
||||
jetbrains.idea-community
|
||||
|
@ -54,6 +85,7 @@
|
|||
# p7zip
|
||||
|
||||
# utils
|
||||
git-crypt
|
||||
appimage-run
|
||||
kate
|
||||
ncdu
|
||||
|
@ -63,7 +95,7 @@
|
|||
|
||||
ripgrep # recursively searches directories for a regex pattern
|
||||
jq # A lightweight and flexible command-line JSON processor
|
||||
exa # A modern replacement for ‘ls’
|
||||
eza
|
||||
|
||||
# networking tools
|
||||
dnsutils # `dig` + `nslookup`
|
||||
|
@ -75,7 +107,6 @@
|
|||
# etc
|
||||
vlc
|
||||
qbittorrent
|
||||
libsForQt5.qtstyleplugin-kvantum
|
||||
# misc
|
||||
cowsay
|
||||
# file
|
||||
|
@ -112,6 +143,18 @@
|
|||
monero-gui
|
||||
];
|
||||
|
||||
# Email stuff
|
||||
|
||||
programs.thunderbird = {
|
||||
enable = true;
|
||||
package = pkgs.thunderbird;
|
||||
profiles = secrets.email-stuff.thunderbirdProfiles;
|
||||
};
|
||||
|
||||
accounts.email.accounts = secrets.email-stuff.emailAccounts;
|
||||
|
||||
# ---------
|
||||
|
||||
services.nextcloud-client = {
|
||||
enable = true;
|
||||
};
|
||||
|
@ -132,12 +175,6 @@
|
|||
};
|
||||
};
|
||||
|
||||
programs.thunderbird = {
|
||||
enable = true;
|
||||
package = pkgs.thunderbird;
|
||||
profiles.lgmrszd.isDefault = true;
|
||||
};
|
||||
|
||||
programs.pazi = {
|
||||
enable = true;
|
||||
enableFishIntegration = true;
|
||||
|
|
58
scripts/rebuild.nix
Normal file
58
scripts/rebuild.nix
Normal file
|
@ -0,0 +1,58 @@
|
|||
{ pkgs }:
|
||||
|
||||
pkgs.writeShellScriptBin "my-rebuild" ''
|
||||
BOOT=/boot
|
||||
ATTEMPTS=5
|
||||
is_mounted(){
|
||||
${pkgs.util-linux}/bin/findmnt --mountpoint $BOOT
|
||||
return $?
|
||||
}
|
||||
|
||||
mount_boot(){
|
||||
echo "mounting $BOOT..."
|
||||
mount $BOOT 2> /dev/null
|
||||
return $?
|
||||
}
|
||||
|
||||
umount_boot(){
|
||||
echo "umounting $BOOT..."
|
||||
umount $BOOT
|
||||
return $?
|
||||
}
|
||||
|
||||
try_mount(){
|
||||
attempt=0
|
||||
|
||||
while [[ attempt -ne 5 ]]
|
||||
do
|
||||
mount_boot
|
||||
res1=$?
|
||||
is_mounted
|
||||
res2=$?
|
||||
if [[ $res1 -eq 0 && $res2 -eq 0 ]]; then
|
||||
echo "Mounted $BOOT!"
|
||||
return 0
|
||||
fi
|
||||
echo "Failed to mount $BOOT, waiting..."
|
||||
attempt=$(($attempt+1))
|
||||
sleep 2
|
||||
done
|
||||
return 1
|
||||
}
|
||||
|
||||
if [[ $EUID -ne 0 ]]; then
|
||||
echo "Must be a superuser!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
try_mount
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo "Failed to mount $BOOT!"
|
||||
exit 1
|
||||
fi
|
||||
echo "Rebuilding..."
|
||||
nixos-rebuild $@
|
||||
sleep 2
|
||||
echo "Done rebuild!"
|
||||
umount_boot
|
||||
''
|
|
@ -1,4 +1,5 @@
|
|||
{ ... }:
|
||||
{
|
||||
drive-ids = import ./drive-ids.nix;
|
||||
email-stuff = import ./email-stuff.nix;
|
||||
}
|
Loading…
Reference in a new issue