Compare commits

..

74 Commits

Author SHA1 Message Date
6d676499b5 Update 2025-01-15 2025-01-15 19:42:54 +01:00
f9ed56664a Enable incus on lift 2025-01-12 18:35:31 +01:00
74b621b335 Tailscale client routing features 2025-01-04 18:19:10 +01:00
42d853e493 Replace prusa-slicer with orca-slicer 2025-01-02 16:55:40 +01:00
cb42c46c5c Veil: fix hardware-configuration 2025-01-02 15:26:12 +01:00
35605ec47c Move gvfs to graphical base 2025-01-02 14:46:29 +01:00
e00a929820 Add host veil 2025-01-02 13:38:31 +01:00
ad7fc6614e Modularize nixos config 2025-01-02 13:38:31 +01:00
2a8e761b6c Replace foot with ghostty terminal 2024-12-28 22:39:36 +01:00
34476e38ed ghostty: change theme to MaterialDarker 2024-12-28 22:39:00 +01:00
c3f5e6be5b nvim: lualine add filename 2024-12-28 21:51:28 +01:00
93717eb5f7 Add ghostty terminal 2024-12-28 21:50:39 +01:00
6de02a4c32 home-manager: add some packages 2024-12-23 18:14:42 +01:00
c735356011
Move printing module 2024-12-22 23:54:16 +01:00
99e9229b09
Move hosts to subfolders 2024-12-22 23:49:58 +01:00
58c41ab7ea
flake: update 2024-12-22 2024-12-22 23:12:37 +01:00
e8e186a6f3
flake: add deploy target for tien 2024-12-22 23:11:45 +01:00
ed573a2b12 nvim: more fugitive keys 2024-12-22 16:18:22 +01:00
ecaab24ad6 nvim: add fugitive keymaps 2024-12-22 16:06:37 +01:00
2ff2ab05f2 nvim: enable fugitive 2024-12-22 15:56:17 +01:00
4bdfa8f7bb nvim: lualine fancy plugin 2024-12-22 15:50:55 +01:00
39e9b52938 nvim: add more language servers 2024-12-22 15:29:09 +01:00
d79368ff44 nvim: replace gitgutter with gitsigns 2024-12-22 14:51:45 +01:00
b6f36c12a0 nvim: highlight trailing whitespaces 2024-12-22 00:23:05 +01:00
9ef7e27f79 nvim: enable spell checker 2024-12-22 00:00:02 +01:00
db1e6d1bad nvim: enable bash language server 2024-12-21 23:31:12 +01:00
29e40d0d32 nvim: set terraform lsp root dir 2024-12-21 23:30:20 +01:00
4f80dfc9b6 nvim: render markdown plugin 2024-12-21 21:49:19 +01:00
928a557707 nvim: enable more language servers 2024-12-21 19:04:51 +01:00
aec0d3b8f3 nvim: LSP format on save 2024-12-21 18:38:18 +01:00
446e93f23f Add telescope nvim plugin 2024-12-21 15:08:54 +01:00
082240c343 Start nixvim config 2024-12-21 01:30:34 +01:00
Johannes Rothe
fa03fd3be9 Keep Roboto mono in some programs 2024-12-20 09:19:48 +01:00
Johannes Rothe
0267612512 DPI aware foot 2024-12-20 09:18:16 +01:00
61f5b5876d Use JetBrains Mono font 2024-12-20 09:06:15 +01:00
Johannes Rothe
72e9bd5b29 Add NIX_PATH variable 2024-12-20 09:05:30 +01:00
57042de338 Update nixpkgs 24-11 2024-12-04 21:55:02 +01:00
6f6a3977b4 Update 2024-12-04 2024-12-04 21:55:02 +01:00
9b47b7ed5f Enable nh helper tool 2024-12-04 21:55:02 +01:00
Johannes Rothe
44a37a9807 Add sops to home manager 2024-12-04 11:36:12 +01:00
Johannes Rothe
f84bb2a25c Add gch alias 2024-11-22 20:26:34 +01:00
58ca4f3d55 Enable searxng on tien 2024-11-16 20:47:59 +01:00
debd796b25 Install package hugo 2024-11-16 19:11:15 +01:00
1d8f8385cd Add user to dialout group 2024-11-16 19:11:04 +01:00
7bf5b65d22 Enable firmware update 2024-11-15 22:56:54 +01:00
d8e18adab9 Set the VPS hostname via cloud-init as well 2024-11-15 22:50:18 +01:00
7673f4bcf8 Update 2024-11-15 2024-11-15 22:23:39 +01:00
Johannes Rothe
d2a9256fa6 Mails 2024-11-15 10:25:33 +01:00
f9de646111 Setup caddy server on VPS 2024-11-14 22:38:24 +01:00
d774997a27 Take over a VPS with nixos-anywhere 2024-11-13 23:07:10 +01:00
088580c967 Use greetd as login manager 2024-11-13 20:00:16 +01:00
9f4b74ab8c Auto-detect network printers 2024-11-02 18:50:41 +01:00
45b617a6cc Add prusa-slicer 2024-11-02 16:29:02 +01:00
4fa8bc25e8 Disable spelling in committia preview 2024-11-02 11:06:40 +01:00
2306d3b3e0 Update 2024-11-02 2024-11-02 10:35:51 +01:00
Johannes Rothe
89cde5db44 Add gitleaks 2024-10-30 09:04:45 +01:00
558f4c557f Add more git aliases 2024-10-22 22:45:18 +02:00
af5abaf28a Highlight vim spelling mistakes 2024-10-22 21:33:49 +02:00
5e323cb810 Add goreleaser 2024-10-22 20:43:50 +02:00
518a1ccb7b Enable podman 2024-10-19 22:52:46 +02:00
20c8d503a7 flake.lock: Update
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/a3f9ad65a0bf298ed5847629a57808b97e6e8077' (2024-10-12)
  → 'github:NixOS/nixpkgs/c0b1da36f7c34a7146501f684e9ebdf15d2bebf8' (2024-10-14)
2024-10-16 20:19:27 +02:00
dbaafb9e29 Update 2024-10-16 2024-10-16 20:13:57 +02:00
Johannes Rothe
38a57bee39 Add git pull alias 2024-10-16 15:14:47 +02:00
Johannes Rothe
077268fe2b Add apt aliases 2024-10-15 08:09:43 +02:00
Johannes Rothe
e884bc79e9 Add cam aliases 2024-10-14 10:41:37 +02:00
Johannes Rothe
a8a1c49c75 direnv via home manager 2024-10-14 09:26:52 +02:00
Johannes Rothe
cf846e1d2c Add devenv, direnv and starship 2024-10-08 08:15:34 +02:00
f7cce9835e Tmux start pane at 1 2024-10-07 22:47:20 +02:00
Johannes Rothe
d026e1d6bd Add alias cdc 2024-10-04 16:18:35 +02:00
Johannes Rothe
82e65e494b Add polyglot vim plugin 2024-10-04 16:15:15 +02:00
Johannes Rothe
d667045151 Add vimPlugins.committia 2024-10-04 08:17:13 +02:00
Johannes Rothe
875c360794 Make mail configurable
Inspired by: https://librephoenix.com/2024-01-28-program-a-modular-control-center-for-your-config-using-special-args-in-nixos-flakes.html
2024-10-03 19:30:10 +02:00
Johannes Rothe
f639fb31b9 Update 2024-10-03 2024-10-03 13:29:13 +02:00
Johannes Rothe
34bd6d4a59 Add ZSA config 2024-09-30 21:23:03 +02:00
26 changed files with 1334 additions and 509 deletions

View File

@ -6,10 +6,10 @@ update:
@nix flake update
switch:
@sudo nixos-rebuild switch --flake .
@nh os switch . --ask
home:
@home-manager switch --flake .
@nh home switch --ask .
clean:
# remove all generations older than 30 days

View File

@ -1,225 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, ... }:
{
imports = [
nixos/desktop/printing
];
# Bootloader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.loader.grub.useOSProber = false;
# Setup keyfile
boot.initrd.secrets = {
"/crypto_keyfile.bin" = null;
};
# Enable grub cryptodisk
boot.loader.grub.enableCryptodisk = true;
boot.initrd.luks.devices."luks-efc0285c-812e-4946-936b-37e737fb72eb".keyFile = "/crypto_keyfile.bin";
# allow crosscompiling for raspberrypi
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
networking.hostName = "lift";
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true;
systemd.network.wait-online.enable = false;
boot.initrd.systemd.network.wait-online.enable = false;
nix.settings.experimental-features = ["nix-command" "flakes"];
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
# Configure console keymap
console.keyMap = "de-latin1-nodeadkeys";
# Enable scanning
hardware.sane.enable = true;
# Workaround for https://github.com/NixOS/nixpkgs/issues/273280
hardware.sane.backends-package = pkgs.sane-backends.overrideAttrs (old: {
configureFlags = (old.configureFlags or []) ++ [
"--disable-locking"
];
});
hardware.opengl.enable = true;
# bluetooth
hardware.bluetooth.enable = true;
# Enable sound with pipewire.
sound.enable = true;
# hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.rothe = {
isNormalUser = true;
description = "rothe";
extraGroups = [ "networkmanager" "wheel" "video" "scanner" "lp" "incus-admin"];
shell = pkgs.fish;
packages = with pkgs; [
chromium
firefox
logseq
thunderbird
];
};
# TODO remove with the next major release, workaround for logseq not working
nixpkgs.config.permittedInsecurePackages = [
"electron-27.3.11"
];
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
ack
avrdude
bind
calibre
cmake
cryptsetup
curl
dracula-theme
evince
ffmpeg
fish
foot
fzf
gammastep
gcc
gimp
git
glib
gnome.eog
gnome.nautilus
gnome.simple-scan
gnucash
gnumake
gnupg
google-cloud-sdk
inkscape
ispell
keychain
libreoffice
mosquitto
mypy
nmap
pass-secret-service
pavucontrol
portfolio
pulseaudio
signal-desktop
spotify
sqlite
syncthing
tailscale
tmux
tree
unzip
vim-full
vlc
wayland
wayshot
wdisplays
wget
wl-clipboard
xdg-utils
yt-dlp
];
xdg.portal = {
enable = true;
wlr.enable = true;
# gtk portal needed to make gtk apps happy
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
config.common.default = "*";
};
programs = {
fish.enable = true;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
light.enable = true;
};
# List services that you want to enable:
services.resolved = {
enable = true;
};
services.pcscd.enable = true;
# xdg-desktop-portal works by exposing a series of D-Bus interfaces
# known as portals under a well-known name
# (org.freedesktop.portal.Desktop) and object path
# (/org/freedesktop/portal/desktop).
# The portal interfaces include APIs for file access, opening URIs,
# printing and others.
services.dbus.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
};
services.passSecretService.enable = true;
services.tailscale.enable = true;
services.gvfs.enable = true;
services.xserver.displayManager.gdm.enable = true;
services.blueman.enable = true;
services.syncthing = {
enable = true;
user = "rothe";
group = "users";
dataDir = "/home/rothe";
overrideFolders = false;
overrideDevices = false;
};
networking.nftables = {
enable = true;
};
networking.firewall.trustedInterfaces = [ "incusbr0" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
virtualisation = {
incus.enable = false;
};
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
localNetworkGameTransfers.openFirewall = true;
};
}

374
flake.lock generated
View File

@ -1,5 +1,157 @@
{
"nodes": {
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1727447169,
"narHash": "sha256-3KyjMPUKHkiWhwR91J1YchF6zb6gvckCAY1jOE+ne0U=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "aa07eb05537d4cd025e2310397a6adcedfe72c76",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1736711425,
"narHash": "sha256-8hKhPQuMtXfJi+4lPvw3FBk/zSJVHeb726Zo0uF1PP8=",
"owner": "nix-community",
"repo": "disko",
"rev": "f720e64ec37fa16ebba6354eadf310f81555cc07",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1736143030,
"narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1705309234,
"narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"ghostty": {
"inputs": {
"flake-compat": "flake-compat_2",
"nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-unstable": "nixpkgs-unstable",
"zig": "zig"
},
"locked": {
"lastModified": 1736911212,
"narHash": "sha256-OLly4X2kN1tDb2gMYcWeim6uJECPoc52ltJsz1iD5Ug=",
"owner": "ghostty-org",
"repo": "ghostty",
"rev": "ff9414d9ea7b16a375d41cde8f6f193de7e5db72",
"type": "github"
},
"original": {
"owner": "ghostty-org",
"repo": "ghostty",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -7,40 +159,244 @@
]
},
"locked": {
"lastModified": 1726989464,
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
"lastModified": 1736373539,
"narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
"rev": "bd65bc3cde04c16755955630b344bc9e35272c56",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.05",
"ref": "release-24.11",
"repo": "home-manager",
"type": "github"
}
},
"ixx": {
"inputs": {
"flake-utils": [
"nixvim",
"nuschtosSearch",
"flake-utils"
],
"nixpkgs": [
"nixvim",
"nuschtosSearch",
"nixpkgs"
]
},
"locked": {
"lastModified": 1729958008,
"narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.0.6",
"repo": "ixx",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1726969270,
"narHash": "sha256-8fnFlXBgM/uSvBlLWjZ0Z0sOdRBesyNdH0+esxqizGc=",
"lastModified": 1736867362,
"narHash": "sha256-i/UJ5I7HoqmFMwZEH6vAvBxOrjjOJNU739lnZnhUln8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "23cbb250f3bf4f516a2d0bf03c51a30900848075",
"rev": "9c6b49aeac36e2ed73a8c472f1546f6d9cf1addc",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1733423277,
"narHash": "sha256-TxabjxEgkNbCGFRHgM/b9yZWlBj60gUOUnRT/wbVQR8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e36963a147267afc055f7cf65225958633e536bf",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "release-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1733229606,
"narHash": "sha256-FLYY5M0rpa5C2QAE3CKLYAM6TwbKicdRK6qNrSHlNrE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "566e53c2ad750c84f6d31f9ccb9d00f823165550",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"devshell": [],
"flake-compat": [],
"flake-parts": "flake-parts",
"git-hooks": [],
"home-manager": [],
"nix-darwin": [],
"nixpkgs": [
"nixpkgs"
],
"nuschtosSearch": "nuschtosSearch",
"treefmt-nix": []
},
"locked": {
"lastModified": 1736598792,
"narHash": "sha256-G6/9vT12RAxkNWQPEX9p8tTx/i8jJcmISpbVDGbEPGc=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "2004ff4547f11d25da78f393fe797dde2b831ce7",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "nixos-24.11",
"repo": "nixvim",
"type": "github"
}
},
"nuschtosSearch": {
"inputs": {
"flake-utils": "flake-utils_2",
"ixx": "ixx",
"nixpkgs": [
"nixvim",
"nixpkgs"
]
},
"locked": {
"lastModified": 1735854821,
"narHash": "sha256-Iv59gMDZajNfezTO0Fw6LHE7uKAShxbvMidmZREit7c=",
"owner": "NuschtOS",
"repo": "search",
"rev": "836908e3bddd837ae0f13e215dd48767aee355f0",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"repo": "search",
"type": "github"
}
},
"root": {
"inputs": {
"deploy-rs": "deploy-rs",
"disko": "disko",
"ghostty": "ghostty",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs"
"nixpkgs": "nixpkgs",
"nixvim": "nixvim"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1701680307,
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"zig": {
"inputs": {
"flake-compat": [
"ghostty"
],
"flake-utils": "flake-utils",
"nixpkgs": [
"ghostty",
"nixpkgs-stable"
]
},
"locked": {
"lastModified": 1717848532,
"narHash": "sha256-d+xIUvSTreHl8pAmU1fnmkfDTGQYCn2Rb/zOwByxS2M=",
"owner": "mitchellh",
"repo": "zig-overlay",
"rev": "02fc5cc555fc14fda40c42d7c3250efa43812b43",
"type": "github"
},
"original": {
"owner": "mitchellh",
"repo": "zig-overlay",
"type": "github"
}
}
},

View File

@ -2,12 +2,29 @@
description = "NixOS configuration flake";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
home-manager.url = "github:nix-community/home-manager/release-24.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
deploy-rs.url = "github:serokell/deploy-rs";
deploy-rs.inputs.nixpkgs.follows = "nixpkgs";
disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs";
home-manager.url = "github:nix-community/home-manager/release-24.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
ghostty.url = "github:ghostty-org/ghostty";
nixvim = {
url = "github:nix-community/nixvim/nixos-24.11";
inputs = {
nixpkgs.follows = "nixpkgs";
devshell.follows = "";
flake-compat.follows = "";
git-hooks.follows = "";
home-manager.follows = "";
nix-darwin.follows = "";
treefmt-nix.follows = "";
};
};
};
outputs = { self, nixpkgs, home-manager, ...}:
outputs = { self, nixpkgs, home-manager, deploy-rs, disko, nixvim, ghostty, ...}:
let
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
@ -16,9 +33,21 @@
lift = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
./configuration.nix
./sway.nix
./hardware-configuration.nix
./hosts/lift
];
};
veil = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
./hosts/veil
];
};
tien = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
disko.nixosModules.disko
./hosts/tien/configuration.nix
./hosts/tien/hardware-configuration.nix
];
};
};
@ -26,22 +55,48 @@
"rothe@lift" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = [
./home/rothe.nix
./home/terminal
./home/wayland
nixvim.homeManagerModules.nixvim
];
extraSpecialArgs = {
mail = nixpkgs.lib.strings.concatStrings ["mail" "@" "johannes-rothe.de"];
inherit ghostty;
};
};
"rothe@johannes-powermachine" = home-manager.lib.homeManagerConfiguration {
"rothe@veil" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = [
./home/rothe.nix
./home/terminal
./home/wayland
nixvim.homeManagerModules.nixvim
];
extraSpecialArgs = {
mail = nixpkgs.lib.strings.concatStrings ["mail" "@" "johannes-rothe.de"];
inherit ghostty;
};
};
"rothe@pdemu1cml000301" = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = [
./home/rothe.nix
./home/terminal
nixvim.homeManagerModules.nixvim
];
extraSpecialArgs = {
mail = nixpkgs.lib.strings.concatStrings ["rothe" "@" "magazino.eu"];
};
};
};
deploy.nodes.tien = let
hostname = "tien";
in {
hostname = hostname;
profiles.system = {
sshUser = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.${hostname};
};
};
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
};
}

View File

@ -1,26 +0,0 @@
{ config, pkgs, lib, ... }:
{
home.username = "rothe";
home.homeDirectory = "/home/rothe";
imports = [
./terminal
];
# Add extra variables like $EDITOR
home.sessionVariables = {
};
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
home.stateVersion = "23.05"; # Please read the comment before changing.
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}

View File

@ -1,223 +1,276 @@
{ config, pkgs, lib, ... }:
{ config, pkgs, mail, ... }:
{
home.packages = with pkgs; [
black
go
gopls
gotools
htop
jq
pylint
python311
python311Packages.flake8
python311Packages.ipython
rusti-cal
roboto-mono
silver-searcher
shellcheck
(nerdfonts.override { fonts = [ "RobotoMono" ]; })
];
fonts.fontconfig.enable = true;
imports = [ ./nixvim ];
programs.fish = {
enable = true;
# start sway on login
loginShellInit = ''
if test -z "$DISPLAY" -a $XDG_VTNR = 1
exec sway
end
'';
# TODO make mails configurable
# disable greeting
shellInit = ''
set fish_greeting
fish_add_path ~/bin/
fish_add_path ~/go/bin/
export DEBFULLNAME="Johannes Rothe"
export DEBEMAIL="mail@johannes-rothe.de"
export GIT_AUTHOR_NAME="Johannes Rothe"
export GIT_AUTHOR_EMAIL="rothe@magazino.eu"
export GIT_COMMITTER_NAME="Johannes Rothe"
export GIT_COMMITTER_EMAIL="rothe@magazino.eu"
export VAULT_ADDR="https://passwords.magazino.eu:8201"
'';
shellAliases = {
"..." = "cd ../..";
"cds" = "cd ~/src/";
"ll" = "ls -lh";
"cal" = "rusti-cal --color -w";
"ip" = "ip -c";
};
};
config = {
home.username = "rothe";
home.homeDirectory = "/home/rothe";
programs.git = {
enable = true;
userEmail = "mail@johannes-rothe.de";
userName = "Johannes Rothe";
aliases = {
a = "add";
ci = "commit";
ca = "commit --amend --no-edit";
st = "status";
co = "checkout";
br = "branch";
# Add extra variables like $EDITOR
home.sessionVariables = {
};
lfs = {
home.packages = with pkgs; [
black
devenv
fzf
gitleaks
go
gopls
gotools
goreleaser
htop
jq
pylint
python311
python311Packages.flake8
python311Packages.ipython
ripgrep
rusti-cal
roboto-mono
silver-searcher
shellcheck
sops
(nerdfonts.override { fonts = [
"JetBrainsMono"
"RobotoMono"
]; })
];
fonts.fontconfig.enable = true;
programs.fish = {
enable = true;
};
difftastic = {
enable = true;
background = "dark";
};
extraConfig = {
core = {
editor = "vim";
# disable greeting
shellInit = ''
set fish_greeting
fish_add_path ~/bin/
fish_add_path ~/go/bin/
export DEBFULLNAME="Johannes Rothe"
export DEBEMAIL="${mail}"
export GIT_EDITOR="nvim"
export GIT_AUTHOR_NAME="Johannes Rothe"
export GIT_AUTHOR_EMAIL="${mail}"
export GIT_COMMITTER_NAME="Johannes Rothe"
export GIT_COMMITTER_EMAIL="${mail}"
export VAULT_ADDR="https://passwords.magazino.eu:8201"
export NIX_PATH=$HOME/.nix-defexpr/channels
'';
shellAliases = {
"..." = "cd ../..";
"cds" = "cd ~/src/";
"cdc" = "cd ~/catkin_ws/src/";
"ll" = "ls -lh";
"cal" = "rusti-cal --color -w";
"ip" = "ip -c";
"preview" = "mpv av://v4l2:/dev/video0 --profile=low-latency";
"cam" = "gphoto2 --stdout --capture-movie | ffmpeg -i - -vcodec rawvideo -pix_fmt yuv420p -threads 0 -f v4l2 /dev/video0";
"upd" = "sudo apt update";
"upg" = "sudo apt upgrade";
"gch" = "git checkout $(git branch --all | fzf | tr -d [:space:])";
};
};
};
programs.tmux = {
enable = true;
prefix = "C-a";
historyLimit = 150000;
keyMode = "vi";
customPaneNavigationAndResize = true;
extraConfig = ''
bind-key Space next-window
programs.git = {
enable = true;
userEmail = "${mail}";
userName = "Johannes Rothe";
aliases = {
a = "add";
ci = "commit";
ca = "commit --amend --no-edit";
ds = "diff --staged";
df = "diff";
st = "status";
co = "checkout";
br = "branch";
p = "pull -r";
};
lfs = {
enable = true;
};
difftastic = {
enable = true;
background = "dark";
};
extraConfig = {
core = {
editor = "vim";
};
};
};
set -g status-right '#[fg=colour242]#S'
set -g status-left ' '
set -g window-status-format '#I:#W'
set -g window-status-current-format '#I:#W'
set -g allow-rename off
programs.tmux = {
enable = true;
prefix = "C-a";
historyLimit = 150000;
keyMode = "vi";
customPaneNavigationAndResize = true;
extraConfig = ''
bind-key Space next-window
# default statusbar colors
set-option -g status-style bg=colour232,fg=colour239,default
set -g status-right '#[fg=colour242]#S'
set -g status-left ' '
set -g window-status-format '#I:#W'
set -g window-status-current-format '#I:#W'
set -g allow-rename off
# border
set -g pane-border-style fg=colour234,bg=default
set -g pane-active-border-style fg=colour236,bg=default
# Start windows and panes at 1, not 0
set -g base-index 1
setw -g pane-base-index 1
# active window title colors
set-window-option -g window-status-current-style fg=colour231,bg=default
set-window-option -g window-status-style fg=colour239,bg=default
# default statusbar colors
set-option -g status-style bg=colour232,fg=colour239,default
# bell
set-window-option -g window-status-bell-style fg=colour232,bg=colour253
# border
set -g pane-border-style fg=colour234,bg=default
set -g pane-active-border-style fg=colour236,bg=default
# Correct colors
set -g default-terminal "tmux-256color"
set -ga terminal-overrides ",*256col*:Tc"
'';
};
# active window title colors
set-window-option -g window-status-current-style fg=colour231,bg=default
set-window-option -g window-status-style fg=colour239,bg=default
programs.vim = {
enable = true;
defaultEditor = true;
# List of supported plugins: nix-env -f '<nixpkgs>' -qaP -A vimPlugins
# TODO Black plugin missing
plugins = [
pkgs.vimPlugins.ale
pkgs.vimPlugins.gitgutter
pkgs.vimPlugins.indentLine
pkgs.vimPlugins.nerdtree
pkgs.vimPlugins.python-syntax
pkgs.vimPlugins.rainbow
pkgs.vimPlugins.sonokai
pkgs.vimPlugins.vim-airline
pkgs.vimPlugins.vim-devicons
pkgs.vimPlugins.vim-go
pkgs.vimPlugins.vim-hcl
pkgs.vimPlugins.vim-isort
pkgs.vimPlugins.vim-terraform
pkgs.vimPlugins.YouCompleteMe
];
extraConfig = ''
set number
set colorcolumn=88
set background=dark
set cursorline
set encoding=utf-8
# bell
set-window-option -g window-status-bell-style fg=colour232,bg=colour253
" Theme
if has('termguicolors')
set termguicolors
endif
let g:sonokai_style = "atlantis"
let g:sonokai_disable_italic_comment = 1
colorscheme sonokai
let g:airline_theme = "sonokai"
# Correct colors
set -g default-terminal "tmux-256color"
set -ga terminal-overrides ",*256col*:Tc"
'';
};
" Filetypes
au BufNewFile,BufRead *.launch set filetype=xml
programs.vim = {
enable = true;
defaultEditor = true;
# List of supported plugins: nix-env -f '<nixpkgs>' -qaP -A vimPlugins
# TODO Black plugin missing
plugins = [
pkgs.vimPlugins.ale
pkgs.vimPlugins.committia
pkgs.vimPlugins.gitgutter
pkgs.vimPlugins.indentLine
pkgs.vimPlugins.polyglot
pkgs.vimPlugins.nerdtree
pkgs.vimPlugins.rainbow
pkgs.vimPlugins.sonokai
pkgs.vimPlugins.vim-airline
pkgs.vimPlugins.vim-devicons
pkgs.vimPlugins.vim-go
pkgs.vimPlugins.vim-hcl
pkgs.vimPlugins.vim-isort
pkgs.vimPlugins.vim-terraform
pkgs.vimPlugins.YouCompleteMe
];
extraConfig = ''
set number
set nocompatible
set colorcolumn=88
set background=dark
set cursorline
set encoding=utf-8
augroup indent
autocmd FileType python,go,dockerfile,js,toml :set tabstop=4 softtabstop=4 shiftwidth=4 expandtab autoindent fileformat=unix
autocmd FileType terraform,sh,json,yaml,html,css :set tabstop=2 softtabstop=2 shiftwidth=2 expandtab autoindent fileformat=unix
augroup end
" Theme
if has('termguicolors')
set termguicolors
endif
let g:sonokai_style = "atlantis"
let g:sonokai_disable_italic_comment = 1
colorscheme sonokai
let g:airline_theme = "sonokai"
augroup spell
autocmd FileType gitcommit :set spell
autocmd FileType markdown :set spell
augroup end
" Filetypes
au BufNewFile,BufRead *.launch set filetype=xml
augroup shortcuts
autocmd FileType terraform nnoremap <F9> :! terraform fmt<CR>
autocmd FileType python nnoremap <F9> :Black<CR> :Isort <CR>
autocmd FileType go nnoremap <F9> <Plug>(go-fmt)<Plug>(go-lint)
autocmd FileType go nnoremap <F7> <Plug>(go-build)
autocmd FileType go nnoremap <F8> <Plug>(go-run)
autocmd FileType go nnoremap gd <Plug>(go-def)
augroup end
augroup indent
autocmd FileType python,go,dockerfile,js,toml :set tabstop=4 softtabstop=4 shiftwidth=4 expandtab autoindent fileformat=unix
autocmd FileType terraform,sh,json,yaml,html,css :set tabstop=2 softtabstop=2 shiftwidth=2 expandtab autoindent fileformat=unix
augroup end
" Ale
let g:ale_linters = {'python': ['flake8', 'mypy'],'javascript': ['eslint']}
let g:ale_fixers = {'python': ['black', 'isort']}
let g:ale_python_pylint_options = '--disable=C0111,C0114'
augroup spell
autocmd FileType gitcommit :set spell
autocmd FileType git :set nospell
autocmd FileType markdown :set spell
augroup end
" YouCompleteMe
let g:ycm_gopls_binary_path = "${pkgs.gopls}/bin/gopls"
augroup shortcuts
autocmd FileType terraform nnoremap <F9> :! terraform fmt<CR>
autocmd FileType python nnoremap <F9> :Black<CR> :Isort <CR>
autocmd FileType go nnoremap <F9> <Plug>(go-fmt)<Plug>(go-lint)
autocmd FileType go nnoremap <F7> <Plug>(go-build)
autocmd FileType go nnoremap <F8> <Plug>(go-run)
autocmd FileType go nnoremap gd <Plug>(go-def)
augroup end
" Black
let g:black_linelength = 88
" Ale
let g:ale_linters = {'python': ['flake8', 'mypy'],'javascript': ['eslint']}
let g:ale_fixers = {'python': ['black', 'isort']}
let g:ale_python_pylint_options = '--disable=C0111,C0114'
" NERDTREE
" open nerdtree when no file is specified on startup
autocmd StdinReadPre * let s:std_in=1
autocmd VimEnter * if argc() == 0 && !exists("s:std_in") | NERDTree | endif
" toggle nerdtree keyboard shortcut
map <C-t> :NERDTreeToggle<CR>
" YouCompleteMe
let g:ycm_gopls_binary_path = "${pkgs.gopls}/bin/gopls"
" Devicons
let g:webdevicons_conceal_nerdtree_brackets = 1
syntax enable
if exists("g:loaded_webdevicons")
call webdevicons#refresh()
endif
" Black
let g:black_linelength = 88
" terraform
let g:terraform_fmt_on_save = 1
let g:terraform_align = 1
'';
};
" NERDTREE
" open nerdtree when no file is specified on startup
autocmd StdinReadPre * let s:std_in=1
autocmd VimEnter * if argc() == 0 && !exists("s:std_in") | NERDTree | endif
" toggle nerdtree keyboard shortcut
map <C-t> :NERDTreeToggle<CR>
programs.ssh = {
enable = true;
extraConfig = ''
AddKeysToAgent yes
SendEnv GIT_COMMITTER_EMAIL GIT_COMMITTER_NAME
'';
};
" Devicons
let g:webdevicons_conceal_nerdtree_brackets = 1
syntax enable
if exists("g:loaded_webdevicons")
call webdevicons#refresh()
endif
programs.newsboat = {
enable = true;
extraConfig = "
urls-source \"miniflux\"\n
miniflux-url \"https://feeds.johannes-rothe.de/\"\n
miniflux-login \"johannes\"\n
miniflux-passwordfile ~/.minifluxpw\n
";
" terraform
let g:terraform_fmt_on_save = 1
let g:terraform_align = 1
hi clear SpellBad
hi SpellBad cterm=underline ctermfg=red
'';
};
programs.ssh = {
enable = true;
extraConfig = ''
AddKeysToAgent yes
SendEnv GIT_COMMITTER_EMAIL GIT_COMMITTER_NAME
'';
};
programs.newsboat = {
enable = true;
extraConfig = "
urls-source \"miniflux\"\n
miniflux-url \"https://feeds.johannes-rothe.de/\"\n
miniflux-login \"johannes\"\n
miniflux-passwordfile ~/.minifluxpw\n
";
};
programs.direnv = {
enable = true;
};
home.file = {
"${config.xdg.configHome}/ghostty/config".source = ./ghostty/config;
};
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
home.stateVersion = "23.05"; # Please read the comment before changing.
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
};
}

View File

@ -0,0 +1,4 @@
title = " "
window-decoration = false
theme = "MaterialDarker"
confirm-close-surface = false

View File

@ -0,0 +1,131 @@
{ pkgs, ... }:
{
imports = [
./telescope.nix
];
programs.nixvim = {
colorscheme = "sonokai";
enable = true;
extraPlugins = [
pkgs.vimPlugins.indentLine
pkgs.vimPlugins.nvim-lspconfig
pkgs.vimPlugins.polyglot
pkgs.vimPlugins.sonokai
pkgs.vimPlugins.vim-better-whitespace
(pkgs.vimUtils.buildVimPlugin {
pname = "lualine-so-fancy.nvim";
version = "HEAD";
src = pkgs.fetchFromGitHub {
owner = "meuter";
repo = "lualine-so-fancy.nvim";
rev = "45197358e5274d301d98638bf079f3437d6eacf8";
sha256 = "sha256-j6XI4cw1ouYEvSiKdam8RAqxefDqeLwe37Qir/UO+8g=";
};
})
];
globals = {
mapleader = ",";
sonokai_style = "atlantis";
sonokai_disable_italic_comment = 1;
};
keymaps = [
{
key = "<leader>rm";
action = "<cmd>RenderMarkdown toggle<CR>";
}
{
key = "<leader>g";
action = "<cmd>Git<CR>";
}
{
key = "<leader>gp";
action = "<cmd>Git push<CR>";
}
{
key = "<leader>gl";
action = "<cmd>Git log<CR>";
}
{
key = "<leader>gbl";
action = "<cmd>Git blame<CR>";
}
{
key = "<leader>gbr";
action = "<cmd>Git branch<CR>";
}
];
opts = {
colorcolumn = "88";
cursorline = true;
number = true;
spell = true;
termguicolors = true;
textwidth = 80;
};
plugins = {
cmp = {
enable = true; # Completion
autoEnableSources = true;
settings.sources = [
{ name = "nvim_lsp"; }
{ name = "path"; }
{ name = "buffer"; }
];
settings.mapping = {
"<C-d>" = "cmp.mapping.scroll_docs(-2)";
"<C-f>" = "cmp.mapping.scroll_docs(2)";
"<C-Space>" = "cmp.mapping.complete()";
"<C-e>" = "cmp.mapping.close()";
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item({behavior = cmp.SelectBehavior.Select}), {'i', 's'})";
"<S-Tab>" = "cmp.mapping(cmp.mapping.select_prev_item({behavior = cmp.SelectBehavior.Select}), {'i', 's'})";
"<CR>" = "cmp.mapping.confirm({ select = false, behavior = cmp.ConfirmBehavior.Replace })";
};
};
committia.enable = true; # Enhanced git commits
fugitive.enable = true;
gitsigns.enable = true; # Show git change in first line
guess-indent.enable = true; # Guess indent of the file
lsp.enable = true;
lsp.servers = {
bashls.enable = true;
dockerls.enable = true;
gitlab_ci_ls.enable = true;
gitlab_ci_ls.package = pkgs.gitlab-ci-ls;
gopls.enable = true;
helm_ls.enable = true;
jsonls.enable = true;
nixd.enable = true;
pylsp = {
enable = true;
settings.plugins = {
black.enabled = true;
isort.enabled = true;
ruff.enabled = true;
ruff.formatEnabled = false;
};
};
terraformls = {
enable = true;
rootDir = "require('lspconfig.util').root_pattern('.git', '.terraform')";
};
tflint.enable = true;
yamlls.enable = true;
};
lsp-format.enable = true; # Automatically format on save
lsp-lines.enable = true; # Display LSP hints in lines
lsp-signature.enable = true; # Show function signature when typing
lualine.enable = true; # Status line
lualine.settings.sections = {
lualine_a = [ "fancy_mode" ];
lualine_b = [ "fancy_branch" "fancy_diff" ];
lualine_c = [ "fancy_cwd" "filename" ];
lualine_x = [ "fancy_diagnostics" "fancy_searchcount" ];
lualine_y = [ "fancy_filetype" ];
lualine_z = [ "fancy_lsp_servers" ];
};
render-markdown.enable = true;
treesitter.enable = true;
web-devicons.enable = true;
};
};
}

View File

@ -0,0 +1,29 @@
{ ... }:
{
programs.nixvim = {
plugins.telescope = {
enable = true;
extensions = {
file-browser.enable = true;
frecency.enable = true;
fzf-native.enable = true;
};
keymaps = {
# https://github.com/nvim-telescope/telescope.nvim?tab=readme-ov-file#pickers
# File pickers
"<leader>t" = "file_browser";
"<leader>ff" = "find_files";
"<leader>fg" = "live_grep";
# Vim pickers
"<leader>r" = "command_history";
"<leader>fo" = "oldfiles";
"<leader>fs" = "spell_suggest";
# Treesitter pickers
"<leader>ft" = "treesitter";
# Git pickers
"<leader>fgs" = "git_status";
# LSP
};
};
};
}

View File

@ -1,42 +1,15 @@
{ config, pkgs, lib, ... }:
{ config, pkgs, lib, ghostty, ... }:
{
home.packages = with pkgs; [
brightnessctl
flameshot
ghostty.packages.x86_64-linux.default
pulseaudio
swaybg
swaylock
];
programs.foot = {
enable = true;
settings = {
main = {
font = "Roboto Mono Nerd Font:size=10";
dpi-aware = "no";
};
# nordiq from https://codeberg.org/dnkl/foot/src/branch/master/themes/
colors = {
background = "2E3440";
foreground = "D8DEE9";
regular0 = "5b6272";
regular1 = "bf616a";
regular2 = "a3be8c";
regular3 = "ebcb8b";
regular4 = "81a1c1";
regular5 = "b48ead";
regular6 = "88c0d0";
regular7 = "e5e9f0";
bright0 = "5E5C64";
bright1 = "F66151";
bright2 = "33DA7A";
bright3 = "E9AD0C";
bright4 = "2A7BDE";
bright5 = "C061CB";
bright6 = "33C7DE";
bright7 = "FFFFFF";
};
};
};
programs.rofi = {
enable = true;
font = "Roboto Mono Nerd Font 10";
@ -92,7 +65,6 @@
style = ./waybar.css;
};
# Automatic display output management
services.kanshi = {
enable = true;
@ -203,6 +175,7 @@
"--release Print" = "exec flameshot gui";
"Mod1+l" = "exec swaylock -f -i ${wallpaper} -s fill";
"${modifier}+m" = "scratchpad show";
"${modifier}+Return" = "exec ghostty";
"XF86MonBrightnessDown" = "exec light -U 10";
"XF86MonBrightnessUp" = "exec light -A 10";
"XF86AudioRaiseVolume" = "exec 'pactl set-sink-volume @DEFAULT_SINK@ +1%'";

View File

@ -0,0 +1,66 @@
{ pkgs, ... }:
{
# Bootloader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.loader.grub.useOSProber = false;
# Setup keyfile
boot.initrd.secrets = {
"/crypto_keyfile.bin" = null;
};
# Enable grub cryptodisk
boot.loader.grub.enableCryptodisk = true;
boot.initrd.luks.devices."luks-efc0285c-812e-4946-936b-37e737fb72eb".keyFile = "/crypto_keyfile.bin";
networking.hostName = "lift";
networking.networkmanager.enable = true;
systemd.network.wait-online.enable = false;
boot.initrd.systemd.network.wait-online.enable = false;
# bluetooth
hardware.bluetooth.enable = true;
environment.systemPackages = with pkgs; [
avrdude
cryptsetup
ffmpeg
fzf
gammastep
glib
gnupg
ispell
keychain
hugo
mosquitto
mypy
sqlite
];
services.pcscd.enable = true;
services.passSecretService.enable = true;
services.blueman.enable = true;
networking.nftables = {
enable = true;
};
networking.firewall.trustedInterfaces = [ "incusbr0" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
virtualisation = {
incus.enable = true;
podman.enable = true;
};
}

12
hosts/lift/default.nix Normal file
View File

@ -0,0 +1,12 @@
{...}:
{
imports = [
./configuration.nix
./hardware-configuration.nix
../../modules/terminal/base.nix
../../modules/terminal/user.nix
../../modules/graphical/base.nix
../../modules/graphical/printing.nix
../../modules/graphical/steam.nix
];
}

View File

@ -0,0 +1,75 @@
{ modulesPath, lib, pkgs, ... }:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
./disk-config.nix
];
boot.loader.grub = {
# no need to set devices, disko will add all devices that have a EF02 partition to the list already
# devices = [ ];
efiSupport = true;
efiInstallAsRemovable = true;
};
environment.systemPackages = with pkgs; [
curl
];
networking.hostName = "tien";
# do not use DHCP, as dashserv provisions IPs using cloud-init (see service below)
networking.useDHCP = pkgs.lib.mkForce false;
networking.firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
trustedInterfaces = [ "tailscale0" ];
};
services.caddy = {
enable = true;
email = lib.strings.concatStrings ["mail" "@" "johannes-rothe.de"];
virtualHosts = {
"johannes-rothe.de".extraConfig = ''
reverse_proxy base:11112
'';
"www.johannes-rothe.de".extraConfig = ''
reverse_proxy base:11112
'';
"cloud.johannes-rothe.de".extraConfig = ''
reverse_proxy base:5002
'';
"feeds.johannes-rothe.de".extraConfig = ''
reverse_proxy base:1990
'';
"git.johannes-rothe.de".extraConfig = ''
reverse_proxy base:3001
'';
"radicale.johannes-rothe.de".extraConfig = ''
reverse_proxy base:5232
'';
};
};
services.cloud-init = {
enable = true;
network.enable = true;
settings = {
hostname = "tien";
};
};
services.searx = {
enable = true;
redisCreateLocally = true;
settings.server = {
bind_address = "0.0.0.0";
port = 8888;
secret_key = "localonly";
};
};
services.tailscale.enable = true;
system.stateVersion = "24.05";
}

View File

@ -0,0 +1,55 @@
{ lib, ... }:
{
disko.devices = {
disk.disk1 = {
device = lib.mkDefault "/dev/sda";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
esp = {
name = "ESP";
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
name = "root";
size = "100%";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";
lvs = {
root = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [
"defaults"
];
};
};
};
};
};
};
}

View File

@ -0,0 +1,24 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp6s18.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

View File

@ -0,0 +1,19 @@
{ ... }:
{
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "veil";
networking.networkmanager.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.11"; # Did you read the comment?
}

13
hosts/veil/default.nix Normal file
View File

@ -0,0 +1,13 @@
{...}:
{
imports = [
./configuration.nix
./hardware-configuration.nix
../../modules/terminal/base.nix
../../modules/terminal/user.nix
../../modules/graphical/amdgpu.nix
../../modules/graphical/base.nix
../../modules/graphical/printing.nix
../../modules/graphical/steam.nix
];
}

View File

@ -0,0 +1,39 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/4dda19d7-0520-424e-87e6-771fbfed6ec4";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/AB15-6303";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp7s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp6s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View File

@ -0,0 +1,6 @@
{...}:
{
boot.initrd.kernelModules = [ "amdgpu" ];
# for Southern Islands (SI i.e. GCN 1) cards
boot.kernelParams = [ "radeon.si_support=0" "amdgpu.si_support=1" ];
}

View File

@ -0,0 +1,91 @@
{pkgs, ...}:
{
hardware.sane.enable = true;
hardware.graphics.enable = true;
environment.systemPackages = with pkgs; [
calibre
chromium
dracula-theme
eog
evince
firefox
gimp
inkscape
libreoffice
logseq
nautilus
orca-slicer
pavucontrol
portfolio
pulseaudio
signal-desktop
simple-scan
spotify
syncthing
thunderbird
vlc
wayshot
wdisplays
wl-clipboard
xdg-utils
yt-dlp
];
# Workaround for logseq
nixpkgs.config.permittedInsecurePackages = [
"electron-27.3.11"
];
programs = {
light.enable = true;
sway.enable = true;
};
security.rtkit.enable = true;
services = {
dbus.enable = true;
gvfs.enable = true;
greetd = {
enable = true;
settings = {
default_session = {
command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --asterisks --cmd sway";
user = "rothe";
};
};
};
pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
};
syncthing = {
enable = true;
user = "rothe";
group = "users";
dataDir = "/home/rothe";
overrideFolders = false;
overrideDevices = false;
};
};
programs = {
# Helper for nixos output
nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = "/home/rothe/src/nixos-config";
};
};
xdg.portal = {
enable = true;
wlr.enable = true;
# gtk portal needed to make gtk apps happy
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
config.common.default = "*";
};
}

View File

@ -1,8 +1,17 @@
{ inputs, lib, config, pkgs, ... }: {
{ pkgs, ... }: {
# Enable CUPS to print documents.
services.printing.enable = true;
# Auto-detect network printers
services.avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
services.printing.drivers = [
(pkgs.writeTextDir "share/cups/model/kyocera_fs-1300d.ppd" (builtins.readFile ../../../files/kyocera_fs-1300d.ppd))
(pkgs.writeTextDir "share/cups/model/kyocera_fs-1300d.ppd"
(builtins.readFile ../../files/kyocera_fs-1300d.ppd))
];
hardware.printers = {
ensurePrinters = [

View File

@ -0,0 +1,9 @@
{...}:
{
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
localNetworkGameTransfers.openFirewall = true;
};
}

54
modules/terminal/base.nix Normal file
View File

@ -0,0 +1,54 @@
{pkgs, ...}:
{
nix.settings.experimental-features = ["nix-command" "flakes"];
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
console.keyMap = "de-latin1-nodeadkeys";
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
bind
cmake
curl
gcc
git
gnumake
nmap
tmux
tree
unzip
wget
];
hardware.keyboard.zsa.enable = true;
programs = {
fish.enable = true;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
services = {
fwupd.enable = true;
resolved.enable = true;
tailscale.enable = true;
tailscale.useRoutingFeatures = "client";
};
}

10
modules/terminal/user.nix Normal file
View File

@ -0,0 +1,10 @@
{pkgs, ...}:
{
users.users.rothe = {
isNormalUser = true;
description = "rothe";
extraGroups = [ "networkmanager" "wheel" "video" "scanner" "lp" "incus-admin" "dialout" ];
shell = pkgs.fish;
};
}

View File

@ -1,7 +0,0 @@
{ config, pkgs, lib, ... }:
{
programs.sway = {
enable = true;
};
}