diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..3550a30 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/.gitignore b/.gitignore index b009740..a8a7a3c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ # Result is a symlink to the built iso -result \ No newline at end of file +result +# direnv binaries +.direnv diff --git a/.sops.yaml b/.sops.yaml index cdc46e0..e3b1e01 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -1,14 +1,12 @@ -# This example uses YAML anchors which allows reuse of multiple keys -# without having to repeat yourself. -# Also see https://github.com/Mic92/dotfiles/blob/d6114726d859df36ccaa32891c4963ae5717ef7f/nixos/.sops.yaml -# for a more complex example. keys: - &remy_usb age1027e2vu808mvf95m4f0am3aeg88n8vgzt56s04ndpkgm7awzeajspxl6tu - - &remy_yoga age1t2stzdjfwrtekk23w43623fdvt9awdujth765f8l6mu9g6l4537q4gw8d0 - # - &admin_bob age12zlz6lvcdk6eqaewfylg35w0syh58sm7gh53q5vvn7hd7c6nngyseftjxl + - &remy_yoga ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAX4zsiXSSWbE75C0wyBVwaHOw6Gsbh/WqQsgEhvPwT8 remy@nyx + + - &host_yoga age1ckqer7nxzq7q58v9xaqy8ac9vx2va69a46t86wp9m78pj5dpuy3sq8xeaj creation_rules: - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ key_groups: - age: - *remy_usb - *remy_yoga + - *host_yoga diff --git a/flake.lock b/flake.lock index 2ef2329..eef1498 100644 --- a/flake.lock +++ b/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1760101617, - "narHash": "sha256-8jf/3ZCi+B7zYpIyV04+3wm72BD7Z801IlOzsOACR7I=", + "lastModified": 1761420899, + "narHash": "sha256-kxGCip6GNbcbNWKu4J2iKbNYfFTS8Zbjg9CWp0zmFoM=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "1826a9923881320306231b1c2090379ebf9fa4f8", + "rev": "62479232aae42c1ef09c2c027c8cfd91df060897", "type": "github" }, "original": { @@ -112,11 +112,11 @@ ] }, "locked": { - "lastModified": 1761744363, - "narHash": "sha256-c+lu6aSPPeI9HnqFg4pyNYUWqLrRL2Yju3sFDu42q/w=", + "lastModified": 1762403774, + "narHash": "sha256-CXgW0EEW+WV4jJ/5mxNluQeTgS6wyuuUlUcsZF84bKU=", "owner": "AvengeMedia", "repo": "DankMaterialShell", - "rev": "5e36b1454a7b2cec0c657fd4345a715736bbef19", + "rev": "c9ee856f916023563d9446483024a8aec2dce870", "type": "github" }, "original": { @@ -148,17 +148,16 @@ }, "dms-cli": { "inputs": { - "gomod2nix": "gomod2nix", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1761674192, - "narHash": "sha256-KpQxBHiXjs1xFlM8mtVaY/XcKX0J5tCoqg8lXtIC9Pk=", + "lastModified": 1762404200, + "narHash": "sha256-/GhnVY1AwcgxOVhSXdrejVQNbi27kXRNMD93C2nH5ho=", "owner": "AvengeMedia", "repo": "danklinux", - "rev": "477968d6b3e5dbb82f5e07feb0a1a7b2de9d948e", + "rev": "b94cc56f44e7fb987d293e4880871fa0845da8ed", "type": "github" }, "original": { @@ -220,24 +219,6 @@ "type": "github" } }, - "flake-utils": { - "inputs": { - "systems": "systems" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, "fromYaml": { "flake": false, "locked": { @@ -293,29 +274,6 @@ "type": "github" } }, - "gomod2nix": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": [ - "dms-cli", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1756047880, - "narHash": "sha256-JeuGh9kA1SPL70fnvpLxkIkCWpTjtoPaus3jzvdna0k=", - "owner": "nix-community", - "repo": "gomod2nix", - "rev": "47d628dc3b506bd28632e47280c6b89d3496909d", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "v1.7.0", - "repo": "gomod2nix", - "type": "github" - } - }, "home-manager": { "inputs": { "nixpkgs": [ @@ -323,11 +281,11 @@ ] }, "locked": { - "lastModified": 1761750844, - "narHash": "sha256-ab6kNHAEP/oWz8qdblnDw7TIwetr4GnmnDyvya0aw/k=", + "lastModified": 1762367206, + "narHash": "sha256-c/164YOPkV09BH8KIUdvVvJs3VF2LNIbE2piKGgXPxk=", "owner": "nix-community", "repo": "home-manager", - "rev": "b8082c6803353456d45e6a8c0d4b36ad33fb7d6a", + "rev": "af119feb17cb242398e0fb97f92b867d25882522", "type": "github" }, "original": { @@ -344,11 +302,11 @@ ] }, "locked": { - "lastModified": 1752603129, - "narHash": "sha256-S+wmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR+kw=", + "lastModified": 1762351818, + "narHash": "sha256-0ptUDbYwxv1kk/uzEX4+NJjY2e16MaAhtzAOJ6K0TG0=", "owner": "nix-community", "repo": "home-manager", - "rev": "e8c19a3cec2814c754f031ab3ae7316b64da085b", + "rev": "b959c67241cae17fc9e4ee7eaf13dfa8512477ea", "type": "github" }, "original": { @@ -427,15 +385,15 @@ "hyprwayland-scanner": "hyprwayland-scanner", "nixpkgs": "nixpkgs", "pre-commit-hooks": "pre-commit-hooks", - "systems": "systems_2", + "systems": "systems", "xdph": "xdph" }, "locked": { - "lastModified": 1761742422, - "narHash": "sha256-dke/JIFqles3r4nZwn+XPASGpIxIaKgeUp7NTBHpxgM=", + "lastModified": 1762387591, + "narHash": "sha256-dbxpwgat8W/+P/cYnLXzoj5Gi8WKdtMgvqHuEzIU8fs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "ff50dc36e912b6ad764802d51be838bc7f6ed323", + "rev": "c757fd375cce299e3da922190ddf1a0622ce807c", "type": "github" }, "original": { @@ -578,11 +536,11 @@ ] }, "locked": { - "lastModified": 1759619523, - "narHash": "sha256-r1ed7AR2ZEb2U8gy321/Xcp1ho2tzn+gG1te/Wxsj1A=", + "lastModified": 1762208756, + "narHash": "sha256-hC1jb4tdjFfEuU18KQiMgz5XPAO+d5SfbjAUS7haLl4=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "3df7bde01efb3a3e8e678d1155f2aa3f19e177ef", + "rev": "164a30b3d8b3174a32ac7326782476f1188e6118", "type": "github" }, "original": { @@ -631,31 +589,34 @@ "type": "github" } }, - "nix-vscode-extensions": { + "nix4vscode": { "inputs": { - "nixpkgs": "nixpkgs_2" + "nixpkgs": [ + "nixpkgs" + ], + "systems": "systems_2" }, "locked": { - "lastModified": 1761726545, - "narHash": "sha256-+Id4G/5NRpf8Lkdr5q4PBrQo6hvVFTbrN/J+0Q0KU6s=", + "lastModified": 1762394598, + "narHash": "sha256-AbDS8JL8mXAP0gVAXQA1RIUwnH6rUHueCTPf/hxAooE=", "owner": "nix-community", - "repo": "nix-vscode-extensions", - "rev": "daf7c5026b02623d17ad74548a791c387db438d8", + "repo": "nix4vscode", + "rev": "4c90ca996c860583f8fc77fa8abd24610439f850", "type": "github" }, "original": { "owner": "nix-community", - "repo": "nix-vscode-extensions", + "repo": "nix4vscode", "type": "github" } }, "nixpkgs": { "locked": { - "lastModified": 1761114652, - "narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=", + "lastModified": 1762111121, + "narHash": "sha256-4vhDuZ7OZaZmKKrnDpxLZZpGIJvAeMtK6FKLJYUtAdw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c", + "rev": "b3d51a0365f6695e7dd5cdf3e180604530ed33b4", "type": "github" }, "original": { @@ -667,11 +628,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1761373498, - "narHash": "sha256-Q/uhWNvd7V7k1H1ZPMy/vkx3F8C13ZcdrKjO7Jv7v0c=", + "lastModified": 1762111121, + "narHash": "sha256-4vhDuZ7OZaZmKKrnDpxLZZpGIJvAeMtK6FKLJYUtAdw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "6a08e6bb4e46ff7fcbb53d409b253f6bad8a28ce", + "rev": "b3d51a0365f6695e7dd5cdf3e180604530ed33b4", "type": "github" }, "original": { @@ -683,27 +644,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1759770925, - "narHash": "sha256-CZwkCtzTNclqlhuwDsVtGoRumTpqCUK0xSnFIMgd8ls=", + "lastModified": 1762111121, + "narHash": "sha256-4vhDuZ7OZaZmKKrnDpxLZZpGIJvAeMtK6FKLJYUtAdw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "674c2b09c59a220204350ced584cadaacee30038", - "type": "github" - }, - "original": { - "owner": "nixos", - "repo": "nixpkgs", - "rev": "674c2b09c59a220204350ced584cadaacee30038", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1761373498, - "narHash": "sha256-Q/uhWNvd7V7k1H1ZPMy/vkx3F8C13ZcdrKjO7Jv7v0c=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "6a08e6bb4e46ff7fcbb53d409b253f6bad8a28ce", + "rev": "b3d51a0365f6695e7dd5cdf3e180604530ed33b4", "type": "github" }, "original": { @@ -768,8 +713,8 @@ "home-manager": "home-manager", "hyprland": "hyprland", "nix-flatpak": "nix-flatpak", - "nix-vscode-extensions": "nix-vscode-extensions", - "nixpkgs": "nixpkgs_3", + "nix4vscode": "nix4vscode", + "nixpkgs": "nixpkgs_2", "nixpkgs-unstable": "nixpkgs-unstable", "sops-nix": "sops-nix", "stylix": "stylix", @@ -818,11 +763,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1761666531, - "narHash": "sha256-nKOOPeblDcebtYfBjHo+PHXHKNSNKuifn1EGcBEgKWs=", + "lastModified": 1762264356, + "narHash": "sha256-QVfC53Ri+8n3e7Ujx9kq6all3+TLBRRPRnc6No5qY5w=", "owner": "nix-community", "repo": "stylix", - "rev": "f8f4e3c3658ee962f8f332a56720c8dfc2836f7a", + "rev": "647bb8dd96a206a1b79c4fd714affc88b409e10b", "type": "github" }, "original": { @@ -832,21 +777,6 @@ } }, "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_2": { "locked": { "lastModified": 1689347949, "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", @@ -861,6 +791,22 @@ "type": "github" } }, + "systems_2": { + "flake": false, + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "systems_3": { "locked": { "lastModified": 1681028828, @@ -1006,11 +952,11 @@ ] }, "locked": { - "lastModified": 1760713634, - "narHash": "sha256-5HXelmz2x/uO26lvW7MudnadbAfoBnve4tRBiDVLtOM=", + "lastModified": 1761431178, + "narHash": "sha256-xzjC1CV3+wpUQKNF+GnadnkeGUCJX+vgaWIZsnz9tzI=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "753bbbdf6a052994da94062e5b753288cef28dfb", + "rev": "4b8801228ff958d028f588f0c2b911dbf32297f9", "type": "github" }, "original": { @@ -1027,11 +973,11 @@ ] }, "locked": { - "lastModified": 1761712008, - "narHash": "sha256-Nf2s59dLg6KDUV0omZqIlOGNUxw/Rl/KKXEXQGFCAlo=", + "lastModified": 1762403216, + "narHash": "sha256-BPv/dC0S54hqsurgmxGxUbXb3kJMpK3KNKQDrdO4NRE=", "owner": "0xc000022070", "repo": "zen-browser-flake", - "rev": "1383ed38745d12f3896c996848d24c451643db58", + "rev": "a3a22c5ad43f46f8ddad7eed8aa7f82ec649765f", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index ed00d40..d0be1b0 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,7 @@ { description = "Nix config entry point"; - + # since secrets live in a submodule, enable submodules by default + inputs.self.submodules = true; inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; @@ -49,7 +50,10 @@ inputs.dms-cli.follows = "dms-cli"; }; - nix-vscode-extensions.url = "github:nix-community/nix-vscode-extensions"; + nix4vscode = { + url = "github:nix-community/nix4vscode"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; outputs = { @@ -59,7 +63,7 @@ home-manager, stylix, sops-nix, - nix-vscode-extensions, + nix4vscode, ... } @ inputs: let @@ -112,11 +116,12 @@ ./users/remy_yoga inputs.nix-flatpak.homeManagerModules.nix-flatpak inputs.dankMaterialShell.homeModules.dankMaterialShell.default + ]; extraModules = [ inputs.stylix.nixosModules.stylix inputs.sops-nix.nixosModules.sops - { nixpkgs.overlays = [ inputs.nix-vscode-extensions.overlays.default ]; } + { nixpkgs.overlays = [ inputs.nix4vscode.overlays.default ]; } ]; }; }; @@ -160,5 +165,15 @@ # }) # ]; # }; + + # devshell for this configuration + devShells.x86_64-linux.default = nixpkgs.legacyPackages.x86_64-linux.mkShell { + packages = [ + pkgs.sops + ]; + + # tell sops where the public ssh key to "seed" the age key from is located + SOPS_AGE_SSH_PRIVATE_KEY_FILE = "/home/remy/.ssh/main_key"; + }; }; } diff --git a/hosts/yoga-7-pro/configuration.nix b/hosts/yoga-7-pro/configuration.nix index 5572347..93cc364 100644 --- a/hosts/yoga-7-pro/configuration.nix +++ b/hosts/yoga-7-pro/configuration.nix @@ -5,17 +5,21 @@ { config, lib, pkgs, ... }: { - boot.loader = { systemd-boot.enable = true; timeout = 0; efi.canTouchEfiVariables = true; }; - # cause it is so inconveniently located - services.logind.powerKey = "ignore"; - services.logind.lidSwitch = "sleep"; - services.logind.lidSwitchDocked = "ignore"; + services.logind.settings.Login = { + # because it is so inconveniently located + HandlePowerKey = "ignore"; + + # handled by the dm instead + HandleLidSwitch = "ignore"; + HandleLidSwitchDocked = "ignore"; + }; + # requires too many shenanigans so I just install using --no-root-passwd # users.users.root.hashedPassword = "!"; diff --git a/hosts/yoga-7-pro/default.nix b/hosts/yoga-7-pro/default.nix index a3c9fd4..0bada65 100644 --- a/hosts/yoga-7-pro/default.nix +++ b/hosts/yoga-7-pro/default.nix @@ -26,6 +26,7 @@ ../../modules/nixos/pipewire.nix ../../modules/nixos/podman.nix ../../modules/nixos/power.nix + ../../modules/nixos/sops.nix ../../modules/nixos/stylix.nix ../../modules/nixos/user.nix diff --git a/modules/home-manager/code.nix b/modules/home-manager/code.nix index 90e784e..2dfcca2 100644 --- a/modules/home-manager/code.nix +++ b/modules/home-manager/code.nix @@ -1,14 +1,14 @@ {pkgs, ...}: let - baseExtensions = with pkgs.vscode-marketplace; [ + baseExtensions = pkgs.nix4vscode.forVscode [ # QOL - mhutchie.git-graph - redhat.vscode-yaml - # github.copilot - # github.copilot-chat + "mhutchie.git-graph" + "redhat.vscode-yaml" + "github.copilot" + "github.copilot-chat" # Nix environment selector - arrterian.nix-env-selector - continue.continue + "arrterian.nix-env-selector" + # continue.continue ]; @@ -102,21 +102,21 @@ in }; profiles.development = { - extensions = baseExtensions ++ (with pkgs.vscode-marketplace; [ + extensions = baseExtensions ++ pkgs.nix4vscode.forVscode [ # python - ms-python.python - ms-python.isort - ms-python.debugpy - ms-python.vscode-pylance + "ms-python.python" + "ms-python.isort" + "ms-python.debugpy" + "ms-python.vscode-pylance" # nix language - jnoortheen.nix-ide + "jnoortheen.nix-ide" # Flutter and co - dart-code.flutter - dart-code.dart-code + "dart-code.flutter" + "dart-code.dart-code" - ]); + ]; keybindings = baseKeybindings; @@ -125,19 +125,19 @@ in profiles.science = { - extensions = baseExtensions ++ (with pkgs.vscode-marketplace; [ + extensions = baseExtensions ++ pkgs.nix4vscode.forVscode [ # python + jupyter - ms-python.python - ms-python.isort - ms-python.debugpy - # ms-python.vscode-pylance - ms-toolsai.vscode-jupyter-slideshow - ms-toolsai.jupyter - ms-toolsai.jupyter-hub - ms-toolsai.jupyter-renderers + "ms-python.python" + "ms-python.isort" + "ms-python.debugpy" + "ms-python.vscode-pylance" + "ms-toolsai.vscode-jupyter-slideshow" + "ms-toolsai.jupyter" + "ms-toolsai.jupyter-hub" + "ms-toolsai.jupyter-renderers" # Typst - myriad-dreamin.tinymist - ]); + "myriad-dreamin.tinymist" + ]; keybindings = baseKeybindings ++ [ # run code cell in jupyter diff --git a/modules/home-manager/directories.nix b/modules/home-manager/directories.nix index bdc27f2..24ee4eb 100644 --- a/modules/home-manager/directories.nix +++ b/modules/home-manager/directories.nix @@ -11,7 +11,7 @@ createDirectories = true; documents = "${config.home.homeDirectory}/Documents"; download = "${config.home.homeDirectory}/Downloads"; - pictures = "${config.home.homeDirectory}/Pictures";# + pictures = "${config.home.homeDirectory}/Pictures"; # do not create the following desktop = null; music = null; diff --git a/modules/home-manager/sops.nix b/modules/home-manager/sops.nix new file mode 100644 index 0000000..e69de29 diff --git a/modules/nixos/networking.nix b/modules/nixos/networking.nix index 936b397..44bdc3a 100644 --- a/modules/nixos/networking.nix +++ b/modules/nixos/networking.nix @@ -13,6 +13,11 @@ in type = lib.types.str; default = "nixos"; }; + + nix-config.networking.vpn = lib.mkOption { + type = lib.types.bool; + default = true; + }; }; config = { @@ -30,6 +35,60 @@ in # enable = false; # }; - }; + # # VPN setup + networking.networkmanager.ensureProfiles = { + environmentFiles = [ config.sops.secrets.vpnEnvironment.path ]; + profiles.wg-home = { + connection = { + id = "wg-home"; + type = "wireguard"; + interface-name = "wgh"; + autoconnect = false; + }; + ipv4 = { + address = "10.0.0.2/32"; + method = "manual"; + }; + + wireguard = { + listen-port = 51820; + private-key = "$HOME_PRIVATE_KEY"; + }; + + "wireguard-peer.y/TBD/c0GkrRtekDkCb8TUnYYil8bSRPIjPDY650pz8=" = { + endpoint = "$HOME_ENDPOINT"; + allowed-ips = "192.168.1.0/16"; + }; + }; + + + + profiles.wg-fritzbox = { + connection = { + id = "wg-fritzbox"; + type = "wireguard"; + interface-name = "wgfb"; + autoconnect = false; + }; + + ipv4 = { + address = "192.168.178.201/24"; + dns = "192.168.178.1"; + method = "manual"; + }; + + wireguard = { + listen-port = 51820; + private-key = "$FRITZBOX_PRIVATE_KEY"; + }; + + "wireguard-peer.Jf/seKAL7kWm2qX9gf5Ln8FiN7OlPQB3CyRovDIOEHw=" = { + endpoint = "$FRITZBOX_ENDPOINT"; + allowed-ips = "192.168.178.0/24;fd73:ea00:5841::/64"; + preshared-key = "$FRITZBOX_PRESHARED_KEY"; + }; + }; + }; + }; } diff --git a/modules/nixos/power.nix b/modules/nixos/power.nix index cbe67e8..d8d1a4a 100644 --- a/modules/nixos/power.nix +++ b/modules/nixos/power.nix @@ -23,42 +23,42 @@ config = { - # services.tlp = { - # enable = true; - # settings = { - # # processor chooses frequencies itself but respects the limits set by the user - # CPU_DRIVER_OPMODE_ON_AC = "guided"; - # CPU_DRIVER_OPMODE_ON_BAT = "guided"; + services.tlp = { + enable = true; + settings = { + # processor chooses frequencies itself but respects the limits set by the user + CPU_DRIVER_OPMODE_ON_AC = "guided"; + CPU_DRIVER_OPMODE_ON_BAT = "guided"; - # # governor dictates global behavior of the CPU - # CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; - # CPU_SCALING_GOVERNOR_ON_AC = "performance"; + # governor dictates global behavior of the CPU + CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; + CPU_SCALING_GOVERNOR_ON_AC = "performance"; - # # energy performance policy (EPP) sets the energy/performance balance - # CPU_ENERGY_PERF_POLICY_ON_BAT = "balance_power"; - # CPU_ENERGY_PERF_POLICY_ON_AC = "performance"; + # energy performance policy (EPP) sets the energy/performance balance + CPU_ENERGY_PERF_POLICY_ON_BAT = "balance_power"; + CPU_ENERGY_PERF_POLICY_ON_AC = "performance"; - # # clock speeds reported by `sudo tlp-stat` - # # 623377 [kHz] and 5090910 [kHz] - # # CPU_SCALING_MIN_FREQ_ON_AC = 623377; - # # CPU_SCALING_MAX_FREQ_ON_AC = 5090910; - # # CPU_SCALING_MIN_FREQ_ON_BAT = 0; - # # # reduce max frequency on battery to save power - # # CPU_SCALING_MAX_FREQ_ON_BAT = 3000000; + # clock speeds reported by `sudo tlp-stat` + # 623377 [kHz] and 5090910 [kHz] + CPU_SCALING_MIN_FREQ_ON_AC = 623377; + CPU_SCALING_MAX_FREQ_ON_AC = 5090910; + CPU_SCALING_MIN_FREQ_ON_BAT = 0; + # reduce max frequency on battery to save power + CPU_SCALING_MAX_FREQ_ON_BAT = 3000000; - # # Allow the CPU to boost - # CPU_BOOST_ON_AC = 1; - # CPU_BOOST_ON_BAT = 1; + # Allow the CPU to boost + CPU_BOOST_ON_AC = 1; + CPU_BOOST_ON_BAT = 1; - # RADEON_DPM_PERF_LEVEL_ON_AC = "high"; - # WIFI_PWR_ON_BAT = "off"; + RADEON_DPM_PERF_LEVEL_ON_AC = "high"; + # WIFI_PWR_ON_BAT = "off"; - # # enable battery charge thresholds on the default battery - # STOP_CHARGE_THRESH_BAT0 = 1; - # }; - # }; + # enable battery charge thresholds on the default battery + STOP_CHARGE_THRESH_BAT0 = 1; + }; + }; @@ -69,15 +69,15 @@ AllowSuspendThenHibernate=yes ''; - services.watt = { - enable = true; - settings = { - battery_charge_thresholds = [ - 40 - 80 - ]; - }; - }; + # services.watt = { + # enable = true; + # settings = { + # battery_charge_thresholds = [ + # 40 + # 80 + # ]; + # }; + # }; services.upower.enable = true; diff --git a/modules/nixos/sops.nix b/modules/nixos/sops.nix new file mode 100644 index 0000000..9fc1ce1 --- /dev/null +++ b/modules/nixos/sops.nix @@ -0,0 +1,12 @@ +{ + inputs, + ... +}: +{ + sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + sops.defaultSopsFile = ./../../secrets/vpn.env; + sops.secrets.vpnEnvironment = { + sopsFile = ./../../secrets/vpn.env; + format = "dotenv"; + }; +} diff --git a/secrets b/secrets index 2aef0ad..a51d89c 160000 --- a/secrets +++ b/secrets @@ -1 +1 @@ -Subproject commit 2aef0ad374282d35c756504d940beeb75bd485b1 +Subproject commit a51d89c420f77d92af6af4083827df8dc2d0f2e5 diff --git a/users/remy.nix b/users/remy.nix index 6ff0d7f..20b101f 100644 --- a/users/remy.nix +++ b/users/remy.nix @@ -12,8 +12,10 @@ ## Utils relevant to this user only programs.git = { enable = true; - userName = "Remy Moll"; - userEmail = "me@moll.re"; + settings = { + user.name = "Remy Moll"; + user.email = "me@moll.re"; + }; }; ## XDG configuration @@ -22,6 +24,7 @@ mimeApps = { enable = true; defaultApplications = { + # TODO "inode/directory" = "org.gnome.Nautilus.desktop"; "application/zip" = "org.gnome.FileRoller.desktop"; "application/octet-stream" = "org.gnome.GHex.desktop"; diff --git a/users/remy_yoga/default.nix b/users/remy_yoga/default.nix index e329757..e326746 100644 --- a/users/remy_yoga/default.nix +++ b/users/remy_yoga/default.nix @@ -31,7 +31,6 @@ with lib.hm.gvariant; ../../modules/home-manager/kitty.nix ../../modules/home-manager/kubectl.nix ../../modules/home-manager/launcher.nix - ../../modules/home-manager/notifications.nix ../../modules/home-manager/obsidian.nix ../../modules/home-manager/owncloud-client.nix ../../modules/home-manager/quickshell