Major re-write to make things more modularised

Move collection expressions from hosts/ into services/ as importable
modules
Remove service/hostname.nix collections
Remove all imports from host/ expressions and include as modules in
flake.nix
Set sensible defaults that propagate to (I think) everything
This commit is contained in:
Evie Litherland-Smith 2023-09-10 17:07:11 +01:00
parent 872a4a75fd
commit 10a44cbc2d
22 changed files with 388 additions and 449 deletions

246
flake.nix
View file

@ -46,8 +46,7 @@
}; };
}; };
outputs = outputs = { self, nixpkgs, ... }@inputs:
inputs@{ self, nixpkgs, home-manager, hyprland, anyrun, wallpapers, ... }:
let let
catppuccin-themes = with inputs; { catppuccin-themes = with inputs; {
alacritty = "${catppuccin-alacritty}/catppuccin-mocha.yml"; alacritty = "${catppuccin-alacritty}/catppuccin-mocha.yml";
@ -59,8 +58,37 @@
zsh = zsh =
"${catppuccin-zsh}/themes/catppuccin_mocha-zsh-syntax-highlighting.zsh"; "${catppuccin-zsh}/themes/catppuccin_mocha-zsh-syntax-highlighting.zsh";
}; };
systemConfig = default = {
{ hostName, user ? "xenia", system ? "x86_64-linux", shell ? "zsh" }: hostName = "Atlas";
user = "xenia";
system = "x86_64-linux";
group = "users";
shell = "zsh";
systemModules = [ ./system/hyprland.nix ];
serviceModules =
[ ./services/sshd/default.nix ./services/syncthing/default.nix ];
homeModules = [
./home/accounts/service.nix
./home/pass/service.nix
./home/git/default.nix
./home/ssh/default.nix
./home/tui/default.nix
./home/tmux/default.nix
./home/hyprland/default.nix
./home/alacritty/default.nix
./home/firefox/default.nix
./home/zathura/default.nix
./home/emacs/default.nix
./home/neovim/default.nix
];
stateVersion = "23.05";
};
systemConfig = { hostName ? default.hostName, user ? default.user
, system ? default.system, group ? default.group, shell ? default.shell
, systemModules ? default.systemModules
, serviceModules ? default.serviceModules
, homeModules ? default.homeModules, stateVersion ? default.stateVersion
}:
let let
pkgs = import nixpkgs { pkgs = import nixpkgs {
inherit system; inherit system;
@ -73,77 +101,209 @@
}) })
]; ];
}; };
in nixpkgs.lib.nixosSystem { commonModule = {
inherit pkgs; nix = {
specialArgs = { inherit hostName user shell hyprland; }; settings = {
modules = [ experimental-features = [ "nix-command" "flakes" ];
./hosts/${hostName}/configuration.nix auto-optimise-store = true;
./services/${hostName}.nix };
{ gc = {
networking = { inherit hostName; }; automatic = true;
users.users.${user} = { dates = "weekly";
isNormalUser = true; options = "--delete-older-than 30d";
description = "Evie Litherland-Smith"; };
group = "users"; extraOptions = ''
extraGroups = [ "networkmanager" "wheel" "video" ]; keep-outputs = true
shell = pkgs.${shell}; keep-derivations = true
openssh.authorizedKeys.keys = import ./auth/authorized_keys.nix; min-free = ${toString (100 * 1024 * 1024)}
max-free = ${toString (1024 * 1024 * 1024)}
'';
};
networking = {
inherit hostName;
networkmanager.enable = true;
};
environment = {
localBinInPath = true;
shellAliases.nou =
''sudo nixos-rebuild switch --flake "${self}"'';
};
services = {
power-profiles-daemon.enable = true;
passSecretService.enable = true;
};
virtualisation.podman.enable = true;
time.timeZone = "Europe/London";
i18n = let locale = "en_GB.UTF-8";
in {
# Select internationalisation properties.
defaultLocale = locale;
extraLocaleSettings = {
LC_ADDRESS = locale;
LC_IDENTIFICATION = locale;
LC_MEASUREMENT = locale;
LC_MONETARY = locale;
LC_NAME = locale;
LC_NUMERIC = locale;
LC_PAPER = locale;
LC_TELEPHONE = locale;
LC_TIME = locale;
};
}; };
programs.${shell}.enable = true; programs.${shell}.enable = true;
} system = {
home-manager.nixosModules.home-manager inherit stateVersion;
{ autoUpgrade.flake = self;
};
users.users.${user} = {
inherit group;
isNormalUser = true;
description = "Evie Litherland-Smith";
extraGroups = [ "networkmanager" "wheel" "video" ];
shell = pkgs.${shell};
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANfkqd5lPTsSPU3SRYnAa1UjCYDmDeBTyzq5McmWlm6 xenia@Vanguard"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINI1dWlS16Keil0MGPWmMsBzx8F9ylfz+fRwxUr8/tZ/ ion"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII1tJFdbiyJApuVZFvo9E9kjlBwvXZeySqVuS2qGdxha tux@monarch"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDI44C35I2x9tqzeZDmIpbzmGJWXfATn/Wp5KzVRdlCi root@debian"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKMVEXJTqWkrpmvinPJGsSvome9bCd0CM4iu13aVG6UZ elitherl@Ronin"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/ZSSCN5sqrA+tdoIZr5EUm5DRuBV4dQ7J+QBEtUwUU xenia@Northstar"
];
};
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = { extraSpecialArgs = {
inherit hostName user shell hyprland anyrun wallpapers inherit hostName user shell inputs catppuccin-themes;
catppuccin-themes; hyprland = inputs.hyprland;
shellConfig = ./home/shell/${shell}.nix; anyrun = inputs.anyrun;
wallpapers = inputs.wallpapers;
}; };
users.${user} = import ./hosts/${hostName}/home.nix; users.${user} = {
imports =
[ ./home/shell/${shell}.nix ./hosts/${hostName}/home.nix ]
++ homeModules;
home = {
inherit stateVersion;
username = user;
homeDirectory = nixpkgs.lib.mkDefault "/home/${user}";
}; };
} programs.home-manager.enable = true;
];
}; };
homeConfig = { hostName, user, system ? "x86_64-linux", shell ? "zsh" }: };
home-manager.lib.homeManagerConfiguration { };
in nixpkgs.lib.nixosSystem {
inherit pkgs;
specialArgs = { inherit hostName user group shell inputs; };
modules = [
./hosts/${hostName}/configuration.nix
./hosts/${hostName}/hardware-configuration.nix
inputs.home-manager.nixosModules.home-manager
commonModule
] ++ systemModules ++ serviceModules;
};
homeConfig = { hostName ? default.hostName, user ? default.user
, system ? default.system, shell ? default.shell
, homeModules ? default.homeModules, stateVersion ? default.stateVersion
}:
inputs.home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.${system}; pkgs = nixpkgs.legacyPackages.${system};
extraSpecialArgs = { extraSpecialArgs = {
inherit hostName user shell hyprland anyrun wallpapers inherit hostName user shell inputs catppuccin-themes;
catppuccin-themes; hyprland = inputs.hyprland;
shellConfig = ./home/shell/${shell}.nix; anyrun = inputs.anyrun;
wallpapers = inputs.wallpapers;
}; };
modules = [ ./hosts/${hostName}/home.nix ]; modules = [
./home/shell/${shell}.nix
./hosts/${hostName}/home.nix
{
home = {
inherit stateVersion;
username = user;
homeDirectory = nixpkgs.lib.mkDefault "/home/${user}";
};
}
] ++ homeModules;
}; };
in { in {
nixosConfigurations = { nixosConfigurations = {
Legion = systemConfig {
Legion = let
hostName = "Legion"; hostName = "Legion";
user = "xenia"; user = "xenia";
system = "x86_64-linux"; system = "x86_64-linux";
shell = "zsh"; in systemConfig {
inherit hostName user system;
systemModules = [ ];
serviceModules = [
./services/adguardhome/default.nix
./services/gitea/default.nix
./services/nextcloud/default.nix
./services/sshd/default.nix
./services/syncthing/default.nix
./services/terraria/windy_limbo_of_melancholy.nix
./services/traefik/adguardhome.nix
./services/traefik/gitea.nix
./services/traefik/nextcloud.nix
./services/traefik/qbittorrent.nix
];
homeModules = [
./home/git/default.nix
./home/ssh/default.nix
./home/tui/default.nix
];
}; };
Northstar = systemConfig {hostName = "Northstar"; user = "xenia"; system = "x86_64-linux"; shell = "zsh";};
Ronin = systemConfig { Northstar = let
hostName = "Northstar";
user = "xenia";
system = "x86_64-linux";
in systemConfig {
inherit hostName user system;
systemModules = default.systemModules ++ [ ];
};
Ronin = let
hostName = "Ronin"; hostName = "Ronin";
user = "elitherl"; user = "elitherl";
system = "x86_64-linux"; system = "x86_64-linux";
shell = "zsh"; in systemConfig { inherit hostName user systemConfig; };
};
Vanguard = systemConfig { Vanguard = let
hostName = "Vanguard"; hostName = "Vanguard";
user = "xenia"; user = "xenia";
system = "x86_64-linux"; system = "x86_64-linux";
shell = "zsh"; in systemConfig {
inherit hostName user system;
systemModules = [ ./system/gamepass.nix ];
serviceModules = [ ./services/sshd/default.nix ];
homeModules = [
./home/git/default.nix
./home/ssh/default.nix
./home/tui/default.nix
];
}; };
}; };
homeConfigurations = { homeConfigurations = {
"tux@Monarch" = homeConfig { "tux@Monarch" = let
hostName = "Monarch"; hostName = "Monarch";
user = "tux"; user = "tux";
system = "aarch64-darwin"; system = "aarch64-darwin";
shell = "zsh"; shell = "zsh";
in homeConfig {
inherit hostName user system shell;
homeModules = [
./home/accounts/default.nix
./home/pass/default.nix
./home/git/default.nix
./home/ssh/default.nix
./home/tui/default.nix
./home/tmux/default.nix
./home/alacritty/default.nix
./home/emacs/default.nix
];
}; };
}; };
}; };

View file

@ -4,6 +4,6 @@
imports = [ ./default.nix ]; imports = [ ./default.nix ];
services.mbsync = { services.mbsync = {
enable = true; enable = true;
frequency = "*:00:00"; frequency = "*-*-* *:*/15:00";
}; };
} }

View file

@ -11,7 +11,12 @@
./swaylock.nix ./swaylock.nix
./gtk.nix ./gtk.nix
]; ];
home.packages = [ pkgs.libsForQt5.polkit-kde-agent ]; home.packages = with pkgs; [
libsForQt5.polkit-kde-agent
signal-desktop
libreoffice
zotero
];
programs = { programs = {
emacs.package = pkgs.emacs29-pgtk; emacs.package = pkgs.emacs29-pgtk;
firefox.package = pkgs.firefox-wayland; firefox.package = pkgs.firefox-wayland;

View file

@ -1,13 +1,14 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`). # and in the NixOS manual (accessible by running `nixos-help`).
{ ... }: { { ... }:
imports = [ let
# Include the results of the hardware scan. # generate via openvpn --genkey --secret openvpn-laptop.key
./hardware-configuration.nix client-key = "/root/openvpn.key";
../common.nix domain = "vpn.xenia.me.uk";
]; vpn-dev = "tun0";
port = 1194;
in {
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -21,12 +22,83 @@
upper = "05:00"; upper = "05:00";
}; };
}; };
networking = {
nat = {
enable = true;
externalInterface = "enp42s0";
internalInterfaces = [ vpn-dev ];
};
firewall = {
trustedInterfaces = [ vpn-dev ];
allowedUDPPorts = [ port ];
};
};
services = {
syncthing = let dataDir = "/var/lib/syncthing";
in {
inherit dataDir;
settings.folders = {
"Archive".path = dataDir + "/Archive";
"Books".path = dataDir + "/Books";
"Comics".path = dataDir + "/Comics";
"Documents".path = dataDir + "/Documents";
"Exports".path = dataDir + "/Exports";
"Notes".path = dataDir + "/Notes";
"Pictures".path = dataDir + "/Pictures";
"Tasks".path = dataDir + "/Tasks";
"Zotero".path = dataDir + "/Zotero";
};
};
openvpn = {
restartAfterSleep = true;
servers.xenia.config = ''
dev ${vpn-dev}
proto udp
ifconfig 10.8.0.1 10.8.0.2
secret ${client-key}
port ${toString port}
# This value determines the NixOS release from which the default cipher AES-256-CBC
# settings for stateful data, like file locations and database versions auth-nocache
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system. comp-lzo
# Before changing this value read the documentation for this option keepalive 10 60
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). ping-timer-rem
system.stateVersion = "23.05"; # Did you read the comment? persist-tun
persist-key
'';
};
};
environment.etc."openvpn/client.ovpn" = {
text = ''
dev tun
remote "${domain}"
ifconfig 10.8.0.2 10.8.0.1
port ${toString port}
redirect-gateway def1
cipher AES-256-CBC
auth-nocache
comp-lzo
keepalive 10 60
resolv-retry infinite
nobind
persist-key
persist-tun
secret [inline]
'';
mode = "600";
};
system.activationScripts.openvpn-addkey = ''
f="/etc/openvpn/client.ovpn"
if ! grep -q '<secret>' $f; then
echo "appending secret key"
echo "<secret>" >> $f
cat ${client-key} >> $f
echo "</secret>" >> $f
fi
'';
} }

View file

@ -1,20 +1 @@
{ pkgs, user, shellConfig, ... }: { }
let homeDirectory = "/home/${user}";
in {
imports = [
shellConfig
../../home/emacs
../../home/git
../../home/ssh
../../home/tui
];
home = {
inherit homeDirectory;
username = user;
stateVersion = "22.11";
};
programs = {
home-manager.enable = true;
emacs.package = pkgs.emacs29;
};
}

View file

@ -1,25 +1,11 @@
{ pkgs, user, shell ? "zsh", ... }: { config, pkgs, ... }:
let homeDirectory = "/Users/${user}";
in { {
imports = [
../../home/shell/${shell}.nix
../../home/accounts/default.nix
../../home/pass/default.nix
../../home/git/default.nix
../../home/ssh/default.nix
../../home/tui/default.nix
../../home/tmux/default.nix
../../home/alacritty/default.nix
../../home/emacs/default.nix
];
home = { home = {
inherit homeDirectory; homeDirectory = "/Users/${config.home.username}";
username = user;
stateVersion = "23.05";
packages = with pkgs; [ coreutils-prefixed ]; packages = with pkgs; [ coreutils-prefixed ];
}; };
programs = { programs = {
home-manager.enable = true;
zsh = { zsh = {
sessionVariables.CC = "${pkgs.gcc}/bin/gcc"; sessionVariables.CC = "${pkgs.gcc}/bin/gcc";
envExtra = '' envExtra = ''

View file

@ -1,27 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
../hyprland.nix
];
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
} }

View file

@ -1,10 +1 @@
{ pkgs, lib, user, shellConfig, ... }: { }
let homeDirectory = "/home/${user}";
in {
imports = [ shellConfig ../../home/default.nix ];
home = {
inherit homeDirectory;
username = user;
stateVersion = "23.05";
};
}

View file

@ -2,11 +2,6 @@
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ ... }: { { ... }: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
../hyprland.nix
];
# Bootloader. # Bootloader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -20,21 +15,19 @@
boot.initrd.luks.devices."luks-761eeb11-3091-4142-9232-4fb33165eccd".keyFile = boot.initrd.luks.devices."luks-761eeb11-3091-4142-9232-4fb33165eccd".keyFile =
"/crypto_keyfile.bin"; "/crypto_keyfile.bin";
hardware.bluetooth.enable = true;
environment.etc."ppp/options".text = '' environment.etc."ppp/options".text = ''
ipcp-accept-remote ipcp-accept-remote
''; '';
programs.light.enable = true;
system.autoUpgrade = { system.autoUpgrade = {
enable = true; enable = true;
allowReboot = false; allowReboot = false;
}; };
services.syncthing.settings.folders = {
# This value determines the NixOS release from which the default "Archive".enable = false;
# settings for stateful data, like file locations and database versions "Books".enable = false;
# on your system were taken. Its perfectly fine and recommended to leave "Comics".enable = false;
# this value at the release version of the first install of this system. "Documents".enable = false;
# Before changing this value read the documentation for this option "Exports".enable = false;
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). "Pictures".enable = false;
system.stateVersion = "23.05"; # Did you read the comment? };
} }

View file

@ -1,18 +1,12 @@
{ pkgs, lib, user, shellConfig, ... }: { pkgs, lib, user, shellConfig, ... }:
let homeDirectory = "/home/${user}";
in { {
imports = [ shellConfig ../../home ]; home.packages = with pkgs; [
home = {
inherit homeDirectory;
username = user;
stateVersion = "22.11";
packages = with pkgs; [
openfortivpn openfortivpn
nomachine-client nomachine-client
teams-for-linux teams-for-linux
zoom-us zoom-us
]; ];
};
programs = { programs = {
git.userEmail = "evie.litherland-smith@ukaea.uk"; git.userEmail = "evie.litherland-smith@ukaea.uk";
ssh.matchBlocks = { ssh.matchBlocks = {

View file

@ -1,38 +1,21 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ pkgs, ... }: { { ... }: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
../gamescope.nix
];
# Bootloader. # Bootloader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
networking.nameservers = [ "192.168.1.230" "9.9.9.9" ]; networking.nameservers = [ "192.168.1.230" "9.9.9.9" ];
environment.systemPackages = with pkgs; [ mesa ];
hardware = {
bluetooth.enable = true;
opengl.driSupport32Bit = true;
steam-hardware.enable = true;
};
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
};
system.autoUpgrade = { system.autoUpgrade = {
enable = false; enable = false;
allowReboot = false; allowReboot = false;
}; };
services.syncthing.settings.folders = {
# This value determines the NixOS release from which the default "Archive".enable = false;
# settings for stateful data, like file locations and database versions "Books".enable = false;
# on your system were taken. Its perfectly fine and recommended to leave "Comics".enable = false;
# this value at the release version of the first install of this system. "Exports".enable = false;
# Before changing this value read the documentation for this option "Pictures".enable = false;
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). };
system.stateVersion = "23.05"; # Did you read the comment?
} }

View file

@ -1,16 +1 @@
{ user, shellConfig, ... }: { }
let homeDirectory = "/home/${user}";
in {
imports = [
shellConfig
../../home/git
../../home/ssh
../../home/tui
];
home = {
inherit homeDirectory;
username = user;
stateVersion = "22.11";
};
programs.home-manager.enable = true;
}

View file

@ -1,51 +0,0 @@
{ pkgs, shell, ... }:
let flakeURL = "git+https://git.xenia.me.uk/xenia/nixos.git?ref=main";
in {
nix = {
settings = {
experimental-features = [ "nix-command" "flakes" ];
auto-optimise-store = true;
};
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
extraOptions = ''
keep-outputs = true
keep-derivations = true
min-free = ${toString (100 * 1024 * 1024)}
max-free = ${toString (1024 * 1024 * 1024)}
'';
};
system.autoUpgrade.flake = flakeURL;
environment = {
localBinInPath = true;
systemPackages = with pkgs; [ distrobox ];
shellAliases.nou = ''sudo nixos-rebuild switch --flake "${flakeURL}"'';
};
networking.networkmanager.enable = true;
services = {
power-profiles-daemon.enable = true;
passSecretService.enable = true;
};
virtualisation.podman.enable = true;
programs = { ${shell}.enable = true; };
# Set your time zone.
time.timeZone = "Europe/London";
i18n = {
# Select internationalisation properties.
defaultLocale = "en_GB.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_GB.UTF-8";
LC_IDENTIFICATION = "en_GB.UTF-8";
LC_MEASUREMENT = "en_GB.UTF-8";
LC_MONETARY = "en_GB.UTF-8";
LC_NAME = "en_GB.UTF-8";
LC_NUMERIC = "en_GB.UTF-8";
LC_PAPER = "en_GB.UTF-8";
LC_TELEPHONE = "en_GB.UTF-8";
LC_TIME = "en_GB.UTF-8";
};
};
}

View file

@ -1,103 +0,0 @@
{ ... }:
let
# generate via openvpn --genkey --secret openvpn-laptop.key
client-key = "/root/openvpn.key";
domain = "vpn.xenia.me.uk";
vpn-dev = "tun0";
port = 1194;
in {
imports = [
./adguardhome/default.nix
./gitea/default.nix
./nextcloud/default.nix
./sshd/default.nix
./syncthing/default.nix
./terraria/windy_limbo_of_melancholy.nix
./traefik/adguardhome.nix
./traefik/gitea.nix
./traefik/nextcloud.nix
./traefik/qbittorrent.nix
];
services.syncthing = let
user = "xenia";
group = "users";
dataDir = "/var/lib/syncthing";
in {
inherit user group dataDir;
settings.folders = {
"Archive".path = dataDir + "/Archive";
"Books".path = dataDir + "/Books";
"Comics".path = dataDir + "/Comics";
"Documents".path = dataDir + "/Documents";
"Exports".path = dataDir + "/Exports";
"Notes".path = dataDir + "/Notes";
"Pictures".path = dataDir + "/Pictures";
"Tasks".path = dataDir + "/Tasks";
"Zotero".path = dataDir + "/Zotero";
};
};
networking = {
nat = {
enable = true;
externalInterface = "enp42s0";
internalInterfaces = [ vpn-dev ];
};
firewall = {
trustedInterfaces = [ vpn-dev ];
allowedUDPPorts = [ port ];
};
};
services.openvpn = {
restartAfterSleep = true;
servers.xenia.config = ''
dev ${vpn-dev}
proto udp
ifconfig 10.8.0.1 10.8.0.2
secret ${client-key}
port ${toString port}
cipher AES-256-CBC
auth-nocache
comp-lzo
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
'';
};
environment.etc."openvpn/client.ovpn" = {
text = ''
dev tun
remote "${domain}"
ifconfig 10.8.0.2 10.8.0.1
port ${toString port}
redirect-gateway def1
cipher AES-256-CBC
auth-nocache
comp-lzo
keepalive 10 60
resolv-retry infinite
nobind
persist-key
persist-tun
secret [inline]
'';
mode = "600";
};
system.activationScripts.openvpn-addkey = ''
f="/etc/openvpn/client.ovpn"
if ! grep -q '<secret>' $f; then
echo "appending secret key"
echo "<secret>" >> $f
cat ${client-key} >> $f
echo "</secret>" >> $f
fi
'';
}

View file

@ -1,18 +0,0 @@
{ ... }:
let
user = "xenia";
group = "users";
dataDir = "/home/${user}";
in {
imports = [ ./sshd ./syncthing ];
services.syncthing = {
inherit user group dataDir;
settings.folders = {
"Archive".enable = false;
"Books".enable = false;
"Comics".enable = false;
"Exports".enable = false;
"Pictures".enable = false;
};
};
}

View file

@ -1,18 +0,0 @@
{...}: let
user = "elitherl";
group = "users";
dataDir = "/home/${user}";
in {
imports = [./syncthing];
services.syncthing = {
inherit user group dataDir;
settings.folders = {
"Archive".enable = false;
"Books".enable = false;
"Comics".enable = false;
"Documents".enable = false;
"Exports".enable = false;
"Pictures".enable = false;
};
};
}

View file

@ -1,18 +0,0 @@
{ ... }:
let
user = "xenia";
group = "users";
dataDir = "/home/${user}";
in {
imports = [ ./sshd ./syncthing ];
services.syncthing = {
inherit user group dataDir;
settings.folders = {
"Archive".enable = false;
"Books".enable = false;
"Comics".enable = false;
"Exports".enable = false;
"Pictures".enable = false;
};
};
}

View file

@ -1,20 +1,26 @@
{ lib, ... }: { lib, user, group, ... }:
let let devices = [ "Ion" "Legion" "Monarch" "Northstar" "Ronin" "Vanguard" ];
defaultDataDir = "/var/lib/syncthing";
devices = [ "Ion" "Legion" "Monarch" "Ronin" "Vanguard" ];
in { in {
services.syncthing = { services.syncthing = {
inherit user group;
enable = true; enable = true;
dataDir = lib.mkDefault defaultDataDir; dataDir = lib.mkDefault "/home/${user}";
systemService = true; systemService = true;
openDefaultPorts = true; openDefaultPorts = true;
settings = { settings = {
devices = { devices = {
"Ion".id = "7DD4NPH-6T2ET5A-4FCLFWW-CS6UR2W-IO5XQXC-DM5B2Q4-6X7DGU2-UKKVEAB"; "Ion".id =
"Legion".id = "6OX54CG-EAQMXKA-K7TXB5P-G5A27HB-52JE2FA-XNAYZU6-YMIDBXP-RKPBJQV"; "7DD4NPH-6T2ET5A-4FCLFWW-CS6UR2W-IO5XQXC-DM5B2Q4-6X7DGU2-UKKVEAB";
"Monarch".id = "CJSUZQY-67XBLEZ-VKVHQHI-BLEUZNF-G4237AV-AW44CGH-F3JDKXU-CWT3RQZ"; "Legion".id =
"Ronin".id = "ZOL5YHK-ZZZULIE-UHGVKHW-H5E4BP7-S4CZBOX-OIZVUCV-RZUXOKA-QVBUBAJ"; "6OX54CG-EAQMXKA-K7TXB5P-G5A27HB-52JE2FA-XNAYZU6-YMIDBXP-RKPBJQV";
"Vanguard".id = "I366QNQ-D3FTDRX-RNOTXMW-YITZXOF-DSCDMQD-63Q72LI-ME2Y4HZ-T34RMQK"; "Monarch".id =
"CJSUZQY-67XBLEZ-VKVHQHI-BLEUZNF-G4237AV-AW44CGH-F3JDKXU-CWT3RQZ";
"Northstar".id =
"HNK5Z72-757G3BP-I4PBWXY-FM5FWCM-ES4XP56-E5ULWB5-RGRCBUI-RHWRXQV";
"Ronin".id =
"ZOL5YHK-ZZZULIE-UHGVKHW-H5E4BP7-S4CZBOX-OIZVUCV-RZUXOKA-QVBUBAJ";
"Vanguard".id =
"I366QNQ-D3FTDRX-RNOTXMW-YITZXOF-DSCDMQD-63Q72LI-ME2Y4HZ-T34RMQK";
}; };
folders = { folders = {
"Archive" = { "Archive" = {

View file

@ -1,15 +1,18 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
imports = [ ./common.nix ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
mesa
libnotify libnotify
glib glib
gsettings-desktop-schemas gsettings-desktop-schemas
]; ];
security.rtkit.enable = true; security.rtkit.enable = true;
sound.enable = true; sound.enable = true;
hardware.pulseaudio.enable = false; hardware = {
pulseaudio.enable = false;
bluetooth.enable = true;
};
services = { services = {
pipewire = { pipewire = {
enable = true; enable = true;
@ -23,8 +26,11 @@
}; };
}; };
console.keyMap = "uk"; console.keyMap = "uk";
programs.ssh.startAgent = true; programs = {
programs.dconf.enable = true; ssh.startAgent = true;
dconf.enable = true;
light.enable = true;
};
gtk.iconCache.enable = true; gtk.iconCache.enable = true;
qt = { qt = {
enable = true; enable = true;

View file

@ -2,8 +2,7 @@
let let
sessionCommand = '' sessionCommand = ''
gamescope\ gamescope\
--output-width 3840 --output-height 2160 --framerate-limit 60\ --nested-refresh 60\
--nested-width 1920 --nested-height 1080 --nested-refresh 60\
--scaler auto --filter fsr --fsr-sharpness 10\ --scaler auto --filter fsr --fsr-sharpness 10\
--hide-cursor-delay 5 --steam -- steam -gamepadui --hide-cursor-delay 5 --steam -- steam -gamepadui
''; '';
@ -11,8 +10,9 @@ in {
imports = [ ./desktop.nix ]; imports = [ ./desktop.nix ];
services = { services = {
blueman.enable = true; blueman.enable = true;
greetd.enable = true; greetd = {
greetd.settings = { enable = true;
settings = {
default_session = { default_session = {
inherit user; inherit user;
command = sessionCommand; command = sessionCommand;
@ -23,6 +23,11 @@ in {
}; };
}; };
}; };
};
hardware = {
opengl.driSupport32Bit = true;
steam-hardware.enable = true;
};
programs = { programs = {
xwayland.enable = true; xwayland.enable = true;
gamescope = { gamescope = {

View file

@ -1,9 +1,8 @@
{ pkgs, hyprland, user ? "xenia", ... }: { { pkgs, user ? "xenia", inputs, ... }: {
imports = [ ./desktop.nix hyprland.nixosModules.default ]; imports = [ ./desktop.nix inputs.hyprland.nixosModules.default ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
xdg-utils xdg-utils
wlr-randr wlr-randr
gsettings-desktop-schemas
hyprpaper hyprpaper
pipewire pipewire
wireplumber wireplumber
@ -38,22 +37,19 @@
}; };
fonts = { fonts = {
packages = with pkgs; [ packages = with pkgs; [
# normal fonts
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
font-awesome
# nerdfonts
(nerdfonts.override { fonts = [ "FiraCode" ]; })
# icon fonts # icon fonts
material-symbols material-symbols
emacs-all-the-icons-fonts emacs-all-the-icons-fonts
material-design-icons material-design-icons
weather-icons weather-icons
vscode-extensions.file-icons.file-icons vscode-extensions.file-icons.file-icons
# normal fonts
jost
lexend
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
roboto
font-awesome
# nerdfonts
(nerdfonts.override { fonts = [ "FiraCode" ]; })
]; ];
fontconfig = { fontconfig = {
enable = true; enable = true;
@ -63,7 +59,7 @@
defaultFonts = { defaultFonts = {
serif = [ "Noto Serif" "Noto Color Emoji" ]; serif = [ "Noto Serif" "Noto Color Emoji" ];
sansSerif = [ "Noto Sans" "Noto Color Emoji" ]; sansSerif = [ "Noto Sans" "Noto Color Emoji" ];
monospace = [ "FiraCode Nerd Font" "Noto Color Emoji" ]; monospace = [ "FiraCode Nerd Font" "Noto Sans" "Noto Color Emoji" ];
emoji = [ "Noto Color Emoji" ]; emoji = [ "Noto Color Emoji" ];
}; };
}; };
@ -75,7 +71,11 @@
programs = { programs = {
hyprland = { hyprland = {
enable = true; enable = true;
package = hyprland.packages.${pkgs.system}.hyprland; package = inputs.hyprland.packages.${pkgs.system}.hyprland;
xwayland = {
enable = true;
hidpi = true;
};
}; };
thunar = { thunar = {
enable = true; enable = true;