dave/nix-config
1
0
Fork 0
mirror of https://github.com/davegallant/nix-config synced 2025-10-05 15:46:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: dave:2be6340eaf8312b2c83373dcba0daa128691bec3
Branches Tags
dave:main
..
compare: dave:4555aeb8bc54854d13e75cccfb89f73a36535a3b
Branches Tags
dave:main

6 Commits
2be6340eaf ... 4555aeb8bc

Author SHA1 Message Date
Dave Gallant
4555aeb8bc Remove darwin.nix 2024-03-10 12:51:29 -04:00
Dave Gallant
5376f71551 Add nerdfonts 2024-03-10 12:30:49 -04:00
Dave Gallant
64010efb3a Remove lib' 2024-03-10 12:26:23 -04:00
Dave Gallant
5bd52383ae Remove outputs.nix 2024-03-10 12:19:26 -04:00
Dave Gallant
1e78420397 Merge hardware.nix into configuration.nix 2024-03-10 12:02:47 -04:00
Dave Gallant
de80f54c55 Modify permittedInsecurePackages 2024-03-10 11:18:57 -04:00
8 changed files with 318 additions and 341 deletions
Expand all files Collapse all files

110
darwin.nix
View File

@@ -1,110 +0,0 @@
{ config
, lib
, pkgs
, ...
}:
let
checkBrew = "command -v brew > /dev/null";
in
{
users.users."dave.gallant".home = "/Users/dave.gallant";
environment = {
extraInit = ''
${checkBrew} || >&2 echo "brew is not installed (install it via https://brew.sh)"
'';
};
system.defaults = {
loginwindow = {
GuestEnabled = false;
SHOWFULLNAME = false;
};
finder = {
AppleShowAllExtensions = true;
FXEnableExtensionChangeWarning = true;
_FXShowPosixPathInTitle = true;
};
trackpad = {
ActuationStrength = 0;
Clicking = true;
FirstClickThreshold = 1;
SecondClickThreshold = 1;
TrackpadRightClick = false;
};
# firewall
alf = {
# 0 = disabled 1 = enabled 2 = blocks all connections except for essential services
globalstate = 1;
loggingenabled = 0;
stealthenabled = 1;
};
dock = {
autohide = true;
autohide-delay = 0.0;
autohide-time-modifier = 1.0;
tilesize = 50;
static-only = false;
showhidden = false;
show-recents = false;
show-process-indicators = true;
orientation = "bottom";
mru-spaces = false;
};
NSGlobalDomain = {
"com.apple.sound.beep.feedback" = 0;
"com.apple.sound.beep.volume" = 0.000;
ApplePressAndHoldEnabled = false;
InitialKeyRepeat = 10;
KeyRepeat = 2;
AppleShowAllExtensions = true;
AppleShowScrollBars = "Automatic";
};
};
homebrew = {
enable = true;
onActivation.autoUpdate = false;
onActivation.upgrade = false;
global = {
brewfile = true;
};
brews = [
"coreutils"
"gnu-sed"
"gnu-tar"
"netdata"
"node"
"podman"
"podman-compose"
];
casks = [
"dbeaver-community"
"font-fira-code-nerd-font"
"font-hack-nerd-font"
"karabiner-elements"
"logseq"
"lulu"
"notunes"
"obsidian"
"podman-desktop"
"postman"
"raycast"
"rectangle"
"stats"
"warp"
];
taps = [
"homebrew/bundle"
"homebrew/cask-fonts"
"homebrew/cask-versions"
"homebrew/services"
];
};
}

12
flake.lock generated
View File

@@ -204,11 +204,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1709780214,
"narHash": "sha256-p4iDKdveHMhfGAlpxmkCtfQO3WRzmlD11aIcThwPqhk=",
"lastModified": 1710066242,
"narHash": "sha256-bO7kahLdawW7rBqUTfWgf9mdPYrnOo5DGvWRJa9N8Do=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f945939fd679284d736112d3d5410eb867f3b31c",
"rev": "db339f1706f555794b71aa4eb26a5a240fb6a599",
"type": "github"
},
"original": {
@@ -220,11 +220,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1709677081,
"narHash": "sha256-tix36Y7u0rkn6mTm0lA45b45oab2cFLqAzDbJxeXS+c=",
"lastModified": 1710021367,
"narHash": "sha256-FuMVdWqXMT38u1lcySYyv93A7B8wU0EGzUr4t4jQu8g=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "880992dcc006a5e00dd0591446fdf723e6a51a64",
"rev": "b94a96839afcc56de3551aa7472b8d9a3e77e05d",
"type": "github"
},
"original": {

120
flake.nix
View File

@@ -23,5 +23,123 @@
};
};
outputs = { ... } @ args: import ./outputs.nix args;
outputs =
{ self
, darwin
, home-manager
, nixpkgs
, nixpkgs-unstable
, nixos-hardware
, nix-ld
, ...
} @ inputs: {
nixosConfigurations =
let
modulesDir = ./modules;
unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config.allowUnfree = true;
config.permittedInsecurePackages = [ ];
};
defaultModules = [
home-manager.nixosModules.home-manager
./fonts.nix
./packages.nix
./upgrade-diff.nix
({ config
, lib
, ...
}: {
config = {
nix = {
settings = {
auto-optimise-store = true;
sandbox = false;
substituters = [ "https://davegallant.cachix.org" ];
trusted-users = [ "root" "dave" ];
trusted-public-keys = [
"davegallant.cachix.org-1:SsUMqL4+tF2R3/G6X903E9laLlY1rES2QKFfePegF08="
];
};
registry = { nixpkgs.flake = nixpkgs; };
gc = {
automatic = true;
dates = "daily";
options = "--delete-older-than 14d";
};
};
nixpkgs.overlays = [
(import ./overlays)
];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users.dave.imports = [
./home/default.nix
inputs.nixvim.homeManagerModules.nixvim
];
extraSpecialArgs = {
inherit unstable;
};
};
};
})
];
in
{
hephaestus = nixpkgs.lib.nixosSystem {
specialArgs = { inherit unstable; };
modules =
[
./machines/hephaestus/configuration.nix
./services/netdata/default.nix
]
++ defaultModules;
};
};
darwinConfigurations =
let
system = "aarch64-darwin";
unstable = import nixpkgs-unstable {
config.allowUnfree = true;
inherit system;
};
in
{
zelus = darwin.lib.darwinSystem {
inherit system;
specialArgs = { inherit unstable; };
modules = [
home-manager.darwinModules.home-manager
./machines/zelus/configuration.nix
./packages.nix
./upgrade-diff.nix
({ config, ... }: {
config = {
nixpkgs.overlays = [
(import ./overlays)
];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users."dave.gallant".imports = [
./home/default.nix
inputs.nixvim.homeManagerModules.nixvim
];
extraSpecialArgs = {
inherit unstable;
};
};
};
})
];
};
};
};
}

1
fonts.nix
View File

@@ -7,6 +7,7 @@
font-awesome
google-fonts
liberation_ttf
nerdfonts
noto-fonts
noto-fonts-cjk
noto-fonts-emoji

110
machines/hephaestus/configuration.nix
View File

@@ -1,4 +1,6 @@
{ config
, lib
, modulesPath
, pkgs
, unstable
, ...
@@ -19,11 +21,88 @@ let
];
in
{
imports = [ ./hardware.nix ];
hardware.opengl.enable = true;
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
nixpkgs.config.allowUnfree = true;
boot = {
extraModulePackages = with config.boot.kernelPackages; [
xpadneo
];
kernelModules = [ "kvm-amd" ];
kernelPackages = pkgs.linuxPackages;
loader = {
efi.canTouchEfiVariables = true;
efi.efiSysMountPoint = "/boot/efi";
grub = {
enable = true;
device = "nodev";
efiSupport = true;
enableCryptodisk = true;
};
};
supportedFilesystems = [ "ntfs" ];
initrd = {
availableKernelModules = [
"ahci"
"nvme"
"sd_mod"
"usb_storage"
"usbhid"
"xhci_pci"
];
luks.devices."root" = {
allowDiscards = true;
device = "/dev/disk/by-uuid/21cd166c-1528-49a4-b31b-0d408d48aa80";
preLVM = true;
keyFile = "./keyfile0.bin";
};
secrets = {
"keyfile0.bin" = "/etc/secrets/initrd/keyfile0.bin";
};
};
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/a6723178-6f18-428e-b541-9ac901861125";
fsType = "ext4";
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/e3ab2e1a-bddf-4ae0-b00a-bf954c6c182b";
fsType = "ext4";
};
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/3CFD-D749";
fsType = "vfat";
};
fileSystems."/mnt/synology-2b/media" = {
device = "192.168.1.178:/volume1/Media";
fsType = "nfs";
};
fileSystems."/mnt/synology-2b/backups" = {
device = "192.168.1.178:/volume1/Backups";
fsType = "nfs";
};
swapDevices = [
{ device = "/dev/disk/by-uuid/5d6d0388-2b15-4ff1-9f0f-391818a76090"; }
];
nixpkgs = {
hostPlatform = "x86_64-linux";
config = {
allowUnfree = true;
permittedInsecurePackages = [
"nix-2.16.2"
];
};
};
networking = {
iproute2.enable = true;
@@ -41,9 +120,6 @@ in
systemd.services.NetworkManager-wait-online.enable = false;
boot.kernelPackages = pkgs.linuxPackages;
boot.supportedFilesystems = [ "ntfs" ];
system = {
autoUpgrade.enable = true;
stateVersion = "23.11";
@@ -68,19 +144,21 @@ in
time.timeZone = "America/Toronto";
hardware.pulseaudio.enable = true;
hardware = {
opengl.enable = true;
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
pulseaudio.enable = true;
# Vulkan
opengl.driSupport = true;
opengl.driSupport32Bit = true;
# Steam
opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
pulseaudio.support32Bit = true;
};
# Vulkan
hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true;
# Steam
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
hardware.pulseaudio.support32Bit = true;
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
remotePlay.openFirewall = true;
};
virtualisation = {

77
machines/hephaestus/hardware.nix
View File

@@ -1,77 +0,0 @@
{ config
, lib
, pkgs
, modulesPath
, ...
}: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
nixpkgs.hostPlatform = "x86_64-linux";
boot.initrd.availableKernelModules = [
"ahci"
"nvme"
"sd_mod"
"usb_storage"
"usbhid"
"xhci_pci"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = with config.boot.kernelPackages; [
xpadneo
];
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.loader.grub = {
enable = true;
device = "nodev";
efiSupport = true;
enableCryptodisk = true;
};
boot.initrd = {
luks.devices."root" = {
allowDiscards = true;
device = "/dev/disk/by-uuid/21cd166c-1528-49a4-b31b-0d408d48aa80";
preLVM = true;
keyFile = "./keyfile0.bin";
};
secrets = {
"keyfile0.bin" = "/etc/secrets/initrd/keyfile0.bin";
};
};
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
fileSystems."/" = {
device = "/dev/disk/by-uuid/a6723178-6f18-428e-b541-9ac901861125";
fsType = "ext4";
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/e3ab2e1a-bddf-4ae0-b00a-bf954c6c182b";
fsType = "ext4";
};
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/3CFD-D749";
fsType = "vfat";
};
fileSystems."/mnt/synology-2b/media" = {
device = "192.168.1.178:/volume1/Media";
fsType = "nfs";
};
fileSystems."/mnt/synology-2b/backups" = {
device = "192.168.1.178:/volume1/Backups";
fsType = "nfs";
};
swapDevices = [
{ device = "/dev/disk/by-uuid/5d6d0388-2b15-4ff1-9f0f-391818a76090"; }
];
}

102
machines/zelus/configuration.nix
View File

@@ -1,7 +1,16 @@
{ pkgs, ... }: {
nixpkgs.config.allowUnfree = true;
environment = { variables = { LANG = "en_US.UTF-8"; }; };
{ pkgs, ... }:
let
checkBrew = "command -v brew > /dev/null";
in
{
nixpkgs = {
config = {
allowUnfree = true;
permittedInsecurePackages = [
"nix-2.16.2"
];
};
};
networking = { hostName = "zelus"; };
@@ -17,4 +26,89 @@
};
system.stateVersion = 4;
users.users."dave.gallant".home = "/Users/dave.gallant";
environment = {
extraInit = ''
${checkBrew} || >&2 echo "brew is not installed (install it via https://brew.sh)"
'';
variables = { LANG = "en_US.UTF-8"; };
};
system.defaults = {
trackpad = {
ActuationStrength = 0;
Clicking = true;
FirstClickThreshold = 1;
SecondClickThreshold = 1;
TrackpadRightClick = true;
};
dock = {
autohide = true;
autohide-delay = 0.0;
autohide-time-modifier = 1.0;
tilesize = 50;
static-only = false;
showhidden = false;
show-recents = false;
show-process-indicators = true;
orientation = "bottom";
mru-spaces = false;
};
NSGlobalDomain = {
"com.apple.sound.beep.feedback" = 0;
"com.apple.sound.beep.volume" = 0.000;
ApplePressAndHoldEnabled = false;
InitialKeyRepeat = 10;
KeyRepeat = 2;
AppleShowAllExtensions = true;
AppleShowScrollBars = "Automatic";
};
};
homebrew = {
enable = true;
onActivation.autoUpdate = false;
onActivation.upgrade = false;
global = {
brewfile = true;
};
brews = [
"coreutils"
"gnu-sed"
"gnu-tar"
"netdata"
"node"
"podman"
"podman-compose"
];
casks = [
"dbeaver-community"
"font-fira-code-nerd-font"
"font-hack-nerd-font"
"karabiner-elements"
"logseq"
"lulu"
"notunes"
"obsidian"
"postman"
"raycast"
"rectangle"
"stats"
"warp"
];
taps = [
"homebrew/bundle"
"homebrew/cask-fonts"
"homebrew/cask-versions"
"homebrew/services"
];
};
}

127
outputs.nix
View File

@@ -1,127 +0,0 @@
{ self
, darwin
, home-manager
, nixpkgs
, nixpkgs-unstable
, nixos-hardware
, nix-ld
, ...
} @ inputs: {
nixosConfigurations =
let
modulesDir = ./modules;
unstable = import nixpkgs-unstable {
system = "x86_64-linux";
config.allowUnfree = true;
config.permittedInsecurePackages = [
"electron-25.9.0" # caused by obsidian
];
};
defaultModules = [
home-manager.nixosModules.home-manager
./fonts.nix
./packages.nix
./upgrade-diff.nix
({ config
, lib
, lib'
, ...
}: {
config = {
_module.args = {
lib' = lib // import ./lib { inherit config lib; };
};
nix = {
settings = {
auto-optimise-store = true;
sandbox = false;
substituters = [ "https://davegallant.cachix.org" ];
trusted-users = [ "root" "dave" ];
trusted-public-keys = [
"davegallant.cachix.org-1:SsUMqL4+tF2R3/G6X903E9laLlY1rES2QKFfePegF08="
];
};
registry = { nixpkgs.flake = nixpkgs; };
gc = {
automatic = true;
dates = "daily";
options = "--delete-older-than 14d";
};
};
nixpkgs.overlays = [
(import ./overlays)
];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users.dave.imports = [
./home/default.nix
inputs.nixvim.homeManagerModules.nixvim
];
extraSpecialArgs = {
inherit unstable;
};
};
};
})
];
in
{
hephaestus = nixpkgs.lib.nixosSystem {
specialArgs = { inherit unstable; };
modules =
[
./machines/hephaestus/configuration.nix
./machines/hephaestus/hardware.nix
./services/netdata/default.nix
]
++ defaultModules;
};
};
darwinConfigurations =
let
system = "aarch64-darwin";
unstable = import nixpkgs-unstable {
config.allowUnfree = true;
inherit system;
};
in
{
zelus = darwin.lib.darwinSystem {
inherit system;
specialArgs = { inherit unstable; };
modules = [
home-manager.darwinModules.home-manager
./darwin.nix
./machines/zelus/configuration.nix
./packages.nix
./upgrade-diff.nix
({ config, ... }: {
config = {
nixpkgs.overlays = [
(import ./overlays)
];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
users."dave.gallant".imports = [
./home/default.nix
inputs.nixvim.homeManagerModules.nixvim
];
extraSpecialArgs = {
inherit unstable;
};
};
};
})
];
};
};
}