This commit is contained in:
Lgmrszd 2023-10-30 19:20:54 +03:00
parent 475374c653
commit fd47f8be1e
No known key found for this signature in database
GPG key ID: 9396B8BA6FBB14DE
6 changed files with 193 additions and 31 deletions

View file

@ -20,7 +20,12 @@
enable = true; enable = true;
device = "nodev"; device = "nodev";
efiSupport = true; efiSupport = true;
theme = "/home/lgm/minegrub/minegrub-theme/minegrub/"; theme = "${pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "grub";
rev = "803c5df0e83aba61668777bb96d90ab8f6847106";
hash = "sha256-/bSolCta8GCZ4lP0u5NVqYQ9Y3ZooYCNdTwORNvR7M0=";
}}/src/catppuccin-macchiato-grub-theme/";
efiInstallAsRemovable = false; efiInstallAsRemovable = false;
# useOSProber = true; # useOSProber = true;
extraEntries = extraEntries =
@ -64,13 +69,25 @@
boot.kernel.sysctl."kernel.sysrq" = 244; boot.kernel.sysctl."kernel.sysrq" = 244;
boot.plymouth = {
enable = true;
themePackages = [ (pkgs.catppuccin-plymouth.override { variant = "macchiato"; }) ];
theme = "catppuccin-macchiato";
};
boot.initrd.systemd.enable = true;
# ==[SECURITY]== # ==[SECURITY]==
# LUKS options # LUKS options
# boot.initrd.luks.fido2Support = true;
boot.initrd.luks.devices = with secrets.drive-ids.luks; { boot.initrd.luks.devices = with secrets.drive-ids.luks; {
crypted = { crypted = {
inherit device; inherit device;
inherit header; inherit header;
preLVM = true; preLVM = true;
crypttabExtraOpts = [ "fido2-device=auto" "token-timeout=10s" ];
# fido2.credential = "";
# fido2.passwordLess = true;
}; };
}; };
@ -131,6 +148,7 @@
programs.gamemode.enable = true; programs.gamemode.enable = true;
# VirtualBox # VirtualBox
virtualisation.docker.enable = true;
virtualisation.virtualbox.host.enable = true; virtualisation.virtualbox.host.enable = true;
virtualisation.virtualbox.host.enableExtensionPack = true; virtualisation.virtualbox.host.enableExtensionPack = true;
users.extraGroups.vboxusers.members = [ "lgm" ]; users.extraGroups.vboxusers.members = [ "lgm" ];
@ -175,9 +193,22 @@
# Enable the Plasma 5 Desktop Environment. # Enable the Plasma 5 Desktop Environment.
services.xserver.displayManager.sddm.enable = true; services.xserver.displayManager.sddm.enable = true;
# Didn't like, the theme is a bit buggy
# services.xserver.displayManager.sddm.theme = "${pkgs.fetchFromGitHub {
# owner = "catppuccin";
# repo = "sddm";
# rev = "7fc67d1027cdb7f4d833c5d23a8c34a0029b0661";
# hash = "sha256-SjYwyUvvx/ageqVH5MmYmHNRKNvvnF3DYMJ/f2/L+Go=";
# }}/src/catppuccin-latte/";
services.xserver.desktopManager.plasma5.enable = true; services.xserver.desktopManager.plasma5.enable = true;
services.xserver.displayManager.defaultSession = "plasmawayland"; services.xserver.displayManager.defaultSession = "plasmawayland";
# programs.command-not-found.enable = false;
# programs.nix-index.enable = true;
# fish # fish
programs.fish = { programs.fish = {
enable = true; enable = true;
@ -228,13 +259,14 @@
users.users.lgm = { users.users.lgm = {
isNormalUser = true; isNormalUser = true;
description = "lgm"; description = "lgm";
extraGroups = [ "networkmanager" "wheel" "adbusers"]; extraGroups = [ "networkmanager" "wheel" "adbusers" "docker"];
shell = pkgs.fish; shell = pkgs.fish;
}; };
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
# nix.nixPath = []
# OnlyKey # OnlyKey
hardware.onlykey.enable = true; hardware.onlykey.enable = true;
@ -248,12 +280,15 @@
curl curl
python3 python3
# more stuff # more stuff
gnome-network-displays
miraclecast
parted parted
exfatprogs exfatprogs
gparted gparted
tmux tmux
graalvm17-ce # graalvm17-ce
jetbrains.jdk jetbrains.jdk
distrobox
(let base = pkgs.appimageTools.defaultFhsEnvArgs; in (let base = pkgs.appimageTools.defaultFhsEnvArgs; in
pkgs.buildFHSUserEnv (base // { pkgs.buildFHSUserEnv (base // {
@ -277,17 +312,20 @@
# programs.mtr.enable = true; # programs.mtr.enable = true;
programs.gnupg.agent = { programs.gnupg.agent = {
enable = true; enable = true;
enableSSHSupport = true; # enableSSHSupport = true;
}; };
programs.ssh.startAgent = true;
# List services that you want to enable: # List services that you want to enable:
# services.peroxide.enable = true;
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
# services.openssh.enable = true; # services.openssh.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; networking.firewall.trustedInterfaces = [ "p2p-wl+" ];
# networking.firewall.allowedUDPPorts = [ ... ]; networking.firewall.allowedTCPPorts = [ 5900 5905 7236 7250 ];
networking.firewall.allowedUDPPorts = [ 5900 5905 7236 5353 ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# networking.firewall.enable = false; # networking.firewall.enable = false;

View file

@ -7,27 +7,27 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1693208669, "lastModified": 1698250431,
"narHash": "sha256-hHFaaUsZ860wvppPeiu7nJn/nXZjJfnqAQEu9SPFE9I=", "narHash": "sha256-qs2gTeH4wpnWPO6Oi6sOhp2IhG0i0DzcnrJxIY3/CP8=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "5bac4a1c06cd77cf8fc35a658ccb035a6c50cd2c", "rev": "09587fbbc6a669f7725613e044c2577dc5d43ab5",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-23.05", "ref": "master",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1693377291, "lastModified": 1698134075,
"narHash": "sha256-vYGY9bnqEeIncNarDZYhm6KdLKgXMS+HA2mTRaWEc80=", "narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e7f38be3775bab9659575f192ece011c033655f0", "rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -39,11 +39,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1693341273, "lastModified": 1698288402,
"narHash": "sha256-wrsPjsIx2767909MPGhSIOmkpGELM9eufqLQOPxmZQg=", "narHash": "sha256-jIIjApPdm+4yt8PglX8pUOexAdEiAax/DXW3S/Mb21E=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "2ab91c8d65c00fd22a441c69bbf1bc9b420d5ea1", "rev": "60b9db998f71ea49e1a9c41824d09aa274be1344",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -53,11 +53,28 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-vesktop": {
"locked": {
"lastModified": 1698418864,
"narHash": "sha256-LAWBE8au4ajSPPksF9rr3ddYCMctzx1FA75r2TCGbXc=",
"owner": "pluiedev",
"repo": "nixpkgs",
"rev": "a659490545d4825fe27a1d32ec83f30258673731",
"type": "github"
},
"original": {
"owner": "pluiedev",
"ref": "patch-1",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"home-manager": "home-manager", "home-manager": "home-manager",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-vesktop": "nixpkgs-vesktop"
} }
} }
}, },

View file

@ -8,10 +8,16 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.05"; nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.05";
# nix-index-database.url = "github:nix-community/nix-index-database";
# nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
# nur = {
# url = "github:nix-community/NUR";
# };
nixpkgs-vesktop.url = "github:pluiedev/nixpkgs/patch-1";
# nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; # nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
# home-manager, used for managing user configuration # home-manager, used for managing user configuration
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-23.05"; url = "github:nix-community/home-manager/master";
# The `follows` keyword in inputs is used for inheritance. # The `follows` keyword in inputs is used for inheritance.
# Here, `inputs.nixpkgs` of home-manager is kept consistent with # Here, `inputs.nixpkgs` of home-manager is kept consistent with
# the `inputs.nixpkgs` of the current flake, # the `inputs.nixpkgs` of the current flake,
@ -23,6 +29,8 @@
outputs = inputs@{ outputs = inputs@{
nixpkgs, nixpkgs,
nixpkgs-stable, nixpkgs-stable,
# nix-index-database,
# nur,
home-manager, home-manager,
... ...
}: { }: {
@ -36,7 +44,9 @@
secrets = import ./secrets {}; secrets = import ./secrets {};
}; };
modules = [ modules = [
# nur.nixosModules.nur
./configuration.nix ./configuration.nix
# nix-index-database.nixosModules.nix-index
./mounts.nix ./mounts.nix
# make home-manager as a module of nixos # make home-manager as a module of nixos
@ -50,6 +60,7 @@
home-manager.extraSpecialArgs = with specialArgs; { home-manager.extraSpecialArgs = with specialArgs; {
inherit pkgs-stable; inherit pkgs-stable;
inherit secrets;
}; };
} }
]; ];

View file

@ -1,4 +1,4 @@
{ config, pkgs, pkgs-stable, ... }: { config, osConfig, secrets, pkgs, pkgs-stable, ... }:
{ {
home.username = "lgm"; home.username = "lgm";
@ -8,9 +8,38 @@
# Packages that should be installed to the user profile. # Packages that should be installed to the user profile.
home.packages = with pkgs; [ home.packages = with pkgs; [
# my scripts
((import ./scripts/rebuild.nix) {inherit pkgs;})
wineWowPackages.waylandFull wineWowPackages.waylandFull
openconnect
ani-cli
# file editing
onlyoffice-bin
# theming
libsForQt5.qtstyleplugin-kvantum
# osConfig.nur.repos.baduhai.koi
(catppuccin-gtk.override {
variant = "latte";
accents = [ "yellow" ];
})
(catppuccin-kde.override {
flavour = [ "macchiato" "latte" ];
accents = [ "yellow" ];
})
(catppuccin-kvantum.override {
variant = "Latte";
accent = "Yellow";
})
(catppuccin-kvantum.override {
variant = "Macchiato";
accent = "Yellow";
})
# web # web
firefox firefox
protonvpn-gui
protonvpn-cli
# security # security
keepassxc keepassxc
onlykey onlykey
@ -40,6 +69,8 @@
# games # games
prismlauncher prismlauncher
xonotic xonotic
superTux
superTuxKart
lutris lutris
# dev # dev
jetbrains.idea-community jetbrains.idea-community
@ -54,6 +85,7 @@
# p7zip # p7zip
# utils # utils
git-crypt
appimage-run appimage-run
kate kate
ncdu ncdu
@ -63,7 +95,7 @@
ripgrep # recursively searches directories for a regex pattern ripgrep # recursively searches directories for a regex pattern
jq # A lightweight and flexible command-line JSON processor jq # A lightweight and flexible command-line JSON processor
exa # A modern replacement for ‘ls’ eza
# networking tools # networking tools
dnsutils # `dig` + `nslookup` dnsutils # `dig` + `nslookup`
@ -75,7 +107,6 @@
# etc # etc
vlc vlc
qbittorrent qbittorrent
libsForQt5.qtstyleplugin-kvantum
# misc # misc
cowsay cowsay
# file # file
@ -112,6 +143,18 @@
monero-gui monero-gui
]; ];
# Email stuff
programs.thunderbird = {
enable = true;
package = pkgs.thunderbird;
profiles = secrets.email-stuff.thunderbirdProfiles;
};
accounts.email.accounts = secrets.email-stuff.emailAccounts;
# ---------
services.nextcloud-client = { services.nextcloud-client = {
enable = true; enable = true;
}; };
@ -132,12 +175,6 @@
}; };
}; };
programs.thunderbird = {
enable = true;
package = pkgs.thunderbird;
profiles.lgmrszd.isDefault = true;
};
programs.pazi = { programs.pazi = {
enable = true; enable = true;
enableFishIntegration = true; enableFishIntegration = true;

58
scripts/rebuild.nix Normal file
View file

@ -0,0 +1,58 @@
{ pkgs }:
pkgs.writeShellScriptBin "my-rebuild" ''
BOOT=/boot
ATTEMPTS=5
is_mounted(){
${pkgs.util-linux}/bin/findmnt --mountpoint $BOOT
return $?
}
mount_boot(){
echo "mounting $BOOT..."
mount $BOOT 2> /dev/null
return $?
}
umount_boot(){
echo "umounting $BOOT..."
umount $BOOT
return $?
}
try_mount(){
attempt=0
while [[ attempt -ne 5 ]]
do
mount_boot
res1=$?
is_mounted
res2=$?
if [[ $res1 -eq 0 && $res2 -eq 0 ]]; then
echo "Mounted $BOOT!"
return 0
fi
echo "Failed to mount $BOOT, waiting..."
attempt=$(($attempt+1))
sleep 2
done
return 1
}
if [[ $EUID -ne 0 ]]; then
echo "Must be a superuser!"
exit 1
fi
try_mount
if [[ $? -ne 0 ]]; then
echo "Failed to mount $BOOT!"
exit 1
fi
echo "Rebuilding..."
nixos-rebuild $@
sleep 2
echo "Done rebuild!"
umount_boot
''

View file

@ -1,4 +1,5 @@
{ ... }: { ... }:
{ {
drive-ids = import ./drive-ids.nix; drive-ids = import ./drive-ids.nix;
email-stuff = import ./email-stuff.nix;
} }