From 230144c3b9ba4b06a85a0972ec7135919431269e Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Wed, 28 Aug 2024 00:18:47 +0200 Subject: [PATCH] adding modularity --- README.md | 19 ++- flake.lock | 66 ++++++++++ flake.nix | 40 +++++- hosts/spectre-x360-2018/configuration.nix | 49 +++++++ hosts/spectre-x360-2018/default.nix | 13 ++ .../hardware-configuration.nix | 0 machines/spectre-x360-2018/configuration.nix | 124 ------------------ modules/home-manager/browser.nix | 55 ++++++++ modules/home-manager/code.nix | 6 + modules/nixos/gdm.nix | 27 ++++ modules/nixos/networks.nix | 26 ++++ modules/nixos/pipewire.nix | 15 +++ users/remy.nix | 63 +++++++++ utils/binary-cache.nix | 22 ++++ utils/garbage-collection.nix | 23 ++++ 15 files changed, 417 insertions(+), 131 deletions(-) create mode 100644 flake.lock create mode 100644 hosts/spectre-x360-2018/configuration.nix create mode 100644 hosts/spectre-x360-2018/default.nix rename {machines => hosts}/spectre-x360-2018/hardware-configuration.nix (100%) delete mode 100644 machines/spectre-x360-2018/configuration.nix create mode 100644 modules/home-manager/browser.nix create mode 100644 modules/home-manager/code.nix create mode 100644 modules/nixos/gdm.nix create mode 100644 modules/nixos/networks.nix create mode 100644 modules/nixos/pipewire.nix create mode 100644 users/remy.nix create mode 100644 utils/binary-cache.nix create mode 100644 utils/garbage-collection.nix diff --git a/README.md b/README.md index d633a68..4f5c8bf 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,19 @@ # NixOS configuration - managing my devices - \ No newline at end of file + + +## Using this flake +Clone this repository and use the current directory as the flake target ``. + +or + +Use this repository as a a remote input using the following format for ``: +``` +git+https://git.kluster.moll.re/remoll/nixos-config +``` +Don't forget to add the `#` to the end of the target to specify the host configuration to use. + + +## Hosts + +### Spectre +Run `nixos-rebuild switch --flake #spectre` to apply the configuration. diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..d6c5872 --- /dev/null +++ b/flake.lock @@ -0,0 +1,66 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1720042825, + "narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.05", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1724531977, + "narHash": "sha256-XROVLf9ti4rrNCFLr+DmXRZtPjCQTW4cYy59owTEmxk=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "2527da1ef492c495d5391f3bcf9c1dd9f4514e32", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1724479785, + "narHash": "sha256-pP3Azj5d6M5nmG68Fu4JqZmdGt4S4vqI5f8te+E/FTw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d0e1602ddde669d5beb01aec49d71a51937ed7be", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "nixpkgs-unstable": "nixpkgs-unstable" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix index 71d9f44..d290c5c 100644 --- a/flake.nix +++ b/flake.nix @@ -4,16 +4,44 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; - # probably home manager at some point + # Home manager + home-manager.url = "github:nix-community/home-manager/release-24.05"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; }; - outputs = { self, nixpkgs, ... }@inputs: { + outputs = { + self, + nixpkgs, + home-manager, + ... + } @ inputs: { - nixosConfigurations.spectre-x360-2018 = nixpkgs.lib.nixosSystem { + ## NixOS configurations are the main output of this flake + # HP Spectre x360 2018 + nixosConfigurations.spectre = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ - ./machines/spectre-x360-2018/configuration.nix - ]; - }; + ./hosts/spectre-x360-2018 + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + + # home-manager.extraSpecialArgs = inputs // specialArgs; + home-manager.users.remy = import ./users/remy.nix; + } + ]; + }; + + # nixosConfigurations.raspberry-pi = nixpkgs.lib.nixosSystem { + # system = "aarch64-linux"; + # modules = [ + # ./hosts/raspberry-pi/configuration.nix + # ]; + # }; + + ## Home Manager configurations here? + # TODO + }; } diff --git a/hosts/spectre-x360-2018/configuration.nix b/hosts/spectre-x360-2018/configuration.nix new file mode 100644 index 0000000..5c3b586 --- /dev/null +++ b/hosts/spectre-x360-2018/configuration.nix @@ -0,0 +1,49 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page, on +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). + +{ config, lib, pkgs, ... }: + +{ + # imports = + # [ # Include the results of the hardware scan. + # ./hardware-configuration.nix + # ]; + + # Use the "experimental" flakes for cleaner config + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nixpkgs.config.allowUnfree = true; + + # Use the systemd-boot EFI boot loader. + # In this setup it is chain-loaded by REFInd (managed by Arch linux) + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = false; + + # require the bcachefs modules to be loaded + boot.supportedFilesystems = [ "bcachefs" ]; + boot.kernelPackages = pkgs.linuxPackages_latest; + + networking.hostName = "ArchNix"; # Define your hostname. + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + time.timeZone = "Europe/Berlin"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.remy = { + isNormalUser = true; + extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + }; + + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "24.05"; # Did you read the comment? + +} + diff --git a/hosts/spectre-x360-2018/default.nix b/hosts/spectre-x360-2018/default.nix new file mode 100644 index 0000000..e435c3e --- /dev/null +++ b/hosts/spectre-x360-2018/default.nix @@ -0,0 +1,13 @@ +{lib, config, options, pkgs, ...}: +{ + # Merge the configuration and hardware configuration + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ../../modules/nixos/gdm.nix + ../../modules/nixos/pipewire.nix + ../../utils/binary-cache.nix + ../../utils/garbage-collection.nix + + ]; +} diff --git a/machines/spectre-x360-2018/hardware-configuration.nix b/hosts/spectre-x360-2018/hardware-configuration.nix similarity index 100% rename from machines/spectre-x360-2018/hardware-configuration.nix rename to hosts/spectre-x360-2018/hardware-configuration.nix diff --git a/machines/spectre-x360-2018/configuration.nix b/machines/spectre-x360-2018/configuration.nix deleted file mode 100644 index 8028157..0000000 --- a/machines/spectre-x360-2018/configuration.nix +++ /dev/null @@ -1,124 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page, on -# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - -{ config, lib, pkgs, ... }: - -{ - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = false; - boot.supportedFilesystems = [ "bcachefs" ]; - boot.kernelPackages = pkgs.linuxPackages_latest; - - networking.hostName = "nixos"; # Define your hostname. - # Pick only one of the below networking options. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. - - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - # console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - # useXkbConfig = true; # use xkb.options in tty. - # }; - - # Enable the X11 windowing system. - # services.xserver.enable = true; - - - - - # Configure keymap in X11 - # services.xserver.xkb.layout = "us"; - # services.xserver.xkb.options = "eurosign:e,caps:escape"; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - # hardware.pulseaudio.enable = true; - # OR - services.pipewire = { - enable = true; - pulse.enable = true; - }; - - # Enable touchpad support (enabled default in most desktopManager). - # services.libinput.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.remy = { - isNormalUser = true; - extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. - # packages = with pkgs; [ - # firefox - # tree - # ]; - }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - # environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - # ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "24.05"; # Did you read the comment? - -} - diff --git a/modules/home-manager/browser.nix b/modules/home-manager/browser.nix new file mode 100644 index 0000000..e327094 --- /dev/null +++ b/modules/home-manager/browser.nix @@ -0,0 +1,55 @@ +# See https://github.com/nix-community/home-manager/blob/master/modules/programs/browserpass.nix for a reference +{pkgs, ...}: +{ + programs.firefox = { + ## Enable the Firefox web browser + enable = true; + ## Global preferences + policies = { + BlockAboutConfig = true; + DefaultDownloadDirectory = "\${home}/Downloads"; + }; + + ## Per-profile preferences + profiles.default = { + search = { + force = true; + default = "DuckDuckGo"; + privateDefault = "DuckDuckGo"; + order = ["DuckDuckGo" "Google"]; + }; + settings = { + "browser.startup.homepage" = "about:home"; + + # Disable irritating first-run stuff + "browser.disableResetPrompt" = true; + "browser.download.panel.shown" = true; + "browser.feeds.showFirstRunUI" = false; + "browser.messaging-system.whatsNewPanel.enabled" = false; + "browser.rights.3.shown" = true; + "browser.shell.checkDefaultBrowser" = false; + "browser.shell.defaultBrowserCheckCount" = 1; + "browser.startup.homepage_override.mstone" = "ignore"; + "browser.uitour.enabled" = false; + "startup.homepage_override_url" = ""; + "trailhead.firstrun.didSeeAboutWelcome" = true; + "browser.bookmarks.restore_default_bookmarks" = false; + "browser.bookmarks.addedImportButton" = true; + + # Disable "save password" prompt + "signon.rememberSignons" = false; + + # Harden + "privacy.trackingprotection.enabled" = true; + "dom.security.https_only_mode" = true; + }; + + # Extensions + extensions = with pkgs.inputs.firefox-addons; [ + ublock-origin + keepassxc-browser + ghostery + ]; + }; + }; +} diff --git a/modules/home-manager/code.nix b/modules/home-manager/code.nix new file mode 100644 index 0000000..7929821 --- /dev/null +++ b/modules/home-manager/code.nix @@ -0,0 +1,6 @@ +{pkgs, ...}: { + home.packages = with pkgs; [ + vscode + flutter + ]; +} diff --git a/modules/nixos/gdm.nix b/modules/nixos/gdm.nix new file mode 100644 index 0000000..be68009 --- /dev/null +++ b/modules/nixos/gdm.nix @@ -0,0 +1,27 @@ +{ + config, + lib, + pkgs, + ... +}: +{ + # this actually does not enable xorg, but it is required for GDM + services.xserver.enable = true; + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + # here we set wayland to be used + services.xserver.displayManager.gdm.wayland = true; + + + ## Slim down the gnome dependencies + environment.gnome.excludePackages = (with pkgs; [ + gnome-photos + gnome-tour + gnome.geary + gnome.gedit + gnome.tali + gnome.gnome-music + gnome.cheese + ]) + +} diff --git a/modules/nixos/networks.nix b/modules/nixos/networks.nix new file mode 100644 index 0000000..a3bb981 --- /dev/null +++ b/modules/nixos/networks.nix @@ -0,0 +1,26 @@ +{ config, pkgs, ... }: + +let + networks = [ + { + ssid = "MyNetwork1"; + psk = "password1"; + } + { + ssid = "MyNetwork2"; + psk = "password2"; + } + { + ssid = "MyNetwork3"; + psk = "password3"; + } + { + ssid = "MyNetwork4"; + psk = "password4"; + } + ]; +in + +{ + networking.networkmanager.networks = networks; +} \ No newline at end of file diff --git a/modules/nixos/pipewire.nix b/modules/nixos/pipewire.nix new file mode 100644 index 0000000..8bc4419 --- /dev/null +++ b/modules/nixos/pipewire.nix @@ -0,0 +1,15 @@ +{ + config, + lib, + pkgs, + ... +}: +{ + # Needs to be explicitly set to false... + hardware.pulseaudio.enable = false; + # OR + services.pipewire = { + enable = true; + pulse.enable = true; + }; +} diff --git a/users/remy.nix b/users/remy.nix new file mode 100644 index 0000000..79f97ea --- /dev/null +++ b/users/remy.nix @@ -0,0 +1,63 @@ +{ config, pkgs, ... }: +{ + imports = [ + ../modules/home-manager/browser.nix + ../modules/home-manager/code.nix + ]; + + ## Home Manager configuration + home.stateVersion = "24.05"; + # Let Home Manager install and manage itself. + programs.home-manager.enable = true; + + ## Basic configuration + home.username = "remy"; + home.homeDirectory = "/home/remy"; + + #home.file. = ; + + ## Utils relevant to this user only + programs.git = { + userName = "Remy Moll"; + userEmail = "me@moll.re"; + }; + + programs.fish = { + enable = true; + # enableCompletion = true; + plugins = [ + { + name = "fzf-fish"; + src = pkgs.fetchFromGitHub { + owner = "PatrickF1"; + repo = "fzf.fish"; + rev = "v10.3"; + sha256 = "T8KYLA/r/g0KvAivKRoeqIwE2pINlxFQtZJHp0y9GMM="; + }; + } + # add others here + ]; + }; + + # sets the "default" shell to fish + # actually keeps bash as a posix-compliant default but starts fish if the shell is not bash + # See https://nixos.wiki/wiki/Fish + programs.bash = { + initExtra = '' + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + ''; + }; + + ## Gnome settings + dconf.settings = { + # set the keyboard layout to german + "org/gnome/desktop/input-sources" = { + "sources" = "[('xkb', 'de'), ('xkb', 'ch'), ('xkb', 'us')]"; + "xkb-options" = "['lv3:ralt_switch']"; + }; + }; +} diff --git a/utils/binary-cache.nix b/utils/binary-cache.nix new file mode 100644 index 0000000..9fc2778 --- /dev/null +++ b/utils/binary-cache.nix @@ -0,0 +1,22 @@ +{ + lib, + ... +}: { + + # ... + nix.settings = { + # allow substituters to be used + + substituters = [ + # also add mirrors? + # "https://mirrors.ustc.edu.cn/nix-channels/store" + "https://cache.nixos.org" + ]; + + trusted-public-keys = [ + # the default public key of cache.nixos.org, it's built-in, no need to add it here + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + ]; + }; + +} diff --git a/utils/garbage-collection.nix b/utils/garbage-collection.nix new file mode 100644 index 0000000..18ce57b --- /dev/null +++ b/utils/garbage-collection.nix @@ -0,0 +1,23 @@ +{ lib, pkgs, ... }: + +{ + # ... + + # Limit the number of generations to keep + boot.loader.systemd-boot.configurationLimit = 10; + # boot.loader.grub.configurationLimit = 10; + + # Perform garbage collection weekly to maintain low disk usage + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 1w"; + }; + + # Optimize storage + # You can also manually optimize the store via: + # nix-store --optimise + # Refer to the following link for more details: + # https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store + nix.settings.auto-optimise-store = true; +}