byteio/nixos-config
1
0
Fork 0
mirror of https://github.com/librephoenix/nixos-config synced 2025-11-30 14:43:59 +05:30
Code Issues Projects Releases Packages Wiki Activity

Compare commits

base: byteio:0324f60ab14f8551b72ea6078562813befc72786
Branches Tags
byteio:main
..
compare: byteio:44dee10436fe606e14b85e54b99e4df99ab2b78e
Branches Tags
byteio:main

317 commits
0324f60ab1 ... 44dee10436

Author SHA1 Message Date
Emmet
44dee10436 Mention secrets repo + some todos 2025-10-01 20:25:42 -05:00
Emmet
b44aeb9150 Haven't updated these readme's in a long time.. 2025-10-01 20:00:02 -05:00
Emmet
44e854f32e Updated system 2025-10-01 18:42:09 -05:00
Emmet
cff06e61c8 Updates to my hyprgamemode 2025-10-01 18:41:52 -05:00
Emmet
dd3d042c0f For my new site using quartz 2025-10-01 18:41:23 -05:00
Emmet
0c43e51e60 Just use mesa.. 2025-10-01 18:41:12 -05:00
Emmet
392b361944 Some hyprland fixes 2025-09-25 20:24:12 -05:00
Emmet
27d121a412 messing around with some ai 2025-09-25 20:23:29 -05:00
Emmet
a8a0e1249d this is helpful for colors.. 2025-09-25 20:23:14 -05:00
Emmet
917cbe4a39 Made orichalcum theme 2025-09-25 20:23:03 -05:00
Emmet
76788051dd needs flatpaks 2025-09-20 17:27:15 -05:00
Emmet
8a2a6ccfdb Forgot default value :| 2025-09-20 17:24:42 -05:00
Emmet
c7be140c86 Updated secrets 2025-09-20 17:15:15 -05:00
Emmet
316588308d Add packages to work computer 2025-09-20 17:14:21 -05:00
Emmet
147aec1692 Create allowedHosts to let specific hosts through blocklist 2025-09-20 17:13:53 -05:00
Emmet
0ca063ddde Updated system 2025-09-20 17:05:07 -05:00
Emmet
601990c613 Removed some todos 2025-09-20 16:35:33 -05:00
Emmet
fce49ba54e Fixed some home dirs 2025-09-20 16:35:26 -05:00
Emmet
b75226279d phoenix now aquires wakelock 2025-09-20 16:35:02 -05:00
Emmet
d970b1f933 Org node/roam fixes 2025-09-20 07:26:26 -05:00
Emmet
c931983717 Fix amdgpu 2025-09-14 09:41:32 -05:00
Emmet
e488b0212d Fix weird bug with browser spawn keybind? 2025-09-14 09:41:17 -05:00
Emmet
02d584c129 Add devenv 2025-09-14 09:41:08 -05:00
Emmet
62b02e96e0 Trying to fix dumb amd gpu 2025-09-13 21:03:34 -05:00
Emmet
48e0909748 Updated system 2025-09-13 21:03:28 -05:00
Emmet
35cd781c3d Learning some svelte 2025-09-13 21:03:09 -05:00
Emmet
c69616c4b5 Trying some alternate ricing 2025-09-13 21:02:58 -05:00
Emmet
5dee28b5c8 Fix hyprland... 2025-09-07 20:48:53 -05:00
Emmet
4bcd9efc99 more efficient projectile 2025-09-07 19:20:21 -05:00
Emmet
0fbac317f5 Updated system 2025-09-07 19:10:02 -05:00
Emmet
d6cc3de97c added web-mode 2025-09-07 19:09:55 -05:00
Emmet
a4e8b952c6 some fixes 2025-09-06 18:08:27 -05:00
Emmet
eac2cd88ea work updates 2025-09-02 20:18:52 -05:00
Emmet
90719e9a93 Finalize updates 2025-08-31 18:09:26 -05:00
Emmet
e1a29072eb More scratch buffer functions 2025-08-31 18:09:14 -05:00
Emmet
80e7c3bc6b Fix qt styling 2025-08-31 18:09:00 -05:00
Emmet
b927432d45 Better brave config 2025-08-31 18:08:30 -05:00
Emmet
5684e1b560 Updated system 2025-08-28 21:56:23 -05:00
Emmet
c94dcbff29 localsend is really cool 2025-08-28 19:51:22 -05:00
Emmet
30e2e2b5e0 Enable wireguard 2025-08-28 19:51:22 -05:00
Emmet
fa16f0c327 Updates for new work computer 2025-08-20 20:51:23 -05:00
Emmet
23574a726e Updated system 2025-08-12 18:13:52 -05:00
Emmet
29c347ff9c Fix grayscale shader to gles 3 2025-08-04 10:12:39 -05:00
Emmet
62fc76cfd9 Scratch plus autosave buggy with project scratch buffers 2025-08-04 08:21:43 -05:00
Emmet
90a46342eb This is useful for networking gui 2025-08-04 08:21:24 -05:00
Emmet
f1a64aa937 Emacs updates and improvements 2025-07-29 15:54:01 -05:00
Emmet
3734ba792c Updated system 2025-07-29 11:41:59 -05:00
Emmet
237e8246ce Random fixes 2025-07-28 16:40:45 -05:00
Emmet
84d7101a6e Seems like --fast parameter causes cache misses? 2025-07-21 22:12:41 -05:00
Emmet
4e4ba6a0a3 (Finally) Fixed problems with line wrapping and lsp! 2025-07-21 22:10:59 -05:00
Emmet
0893a4e483 Make git easier 2025-07-18 09:46:13 -05:00
Emmet
d35760e4dc Gonna try making materials 2025-07-18 09:45:37 -05:00
Emmet
dafd115747 Messing around with ai is fun! 2025-07-18 09:44:48 -05:00
Emmet
f86049f259 Grayscale improves focus? 2025-07-15 12:52:25 -05:00
Emmet
6b07446f4a Cleanup old files 2025-07-15 12:52:16 -05:00
Emmet
6eacf793e9 Updated system 2025-07-13 20:06:03 -05:00
Emmet
99b33cb631 git lfs is cool 2025-07-13 20:05:58 -05:00
Emmet
0bdff9aa7f these are helpful for some art 2025-07-13 20:05:51 -05:00
Emmet
a98207c56a some emacs fixes 2025-07-13 20:05:45 -05:00
Emmet
0558047a7b switching some default apps 2025-07-13 20:05:32 -05:00
Emmet
086eb08ae6 moved undervolt to hardware config 2025-07-13 20:04:20 -05:00
Emmet
7ef44109c6 Updated system 2025-07-06 10:01:32 -05:00
Emmet
ca02e3c1b4 Various fixes and updates 2025-07-05 12:16:16 -05:00
Emmet
d510889f2e Removed some unnecessary stuff 2025-07-05 10:46:55 -05:00
Emmet
139963ccfa Duskfall optimizations 2025-07-05 10:46:25 -05:00
Emmet
14cab3e0bb some more optimizations 2025-07-04 13:51:29 -05:00
Emmet
c143f3ac30 fixes and hyprland back to duskfall 2025-07-04 13:18:03 -05:00
Emmet
eb95e975e0 Building fixes 2025-06-28 11:15:13 -05:00
Emmet
5245994270 Updated system 2025-06-28 08:06:05 -05:00
Emmet
4707a4be1d Some hyprland optimizations 2025-06-25 14:00:20 -05:00
Emmet
1db31c64ca PWAs 2025-06-24 13:34:18 -05:00
Emmet
1da801cdf1 Minor fixes 2025-06-24 13:34:13 -05:00
Emmet
a59f2b7c2e some yazi fixes 2025-06-22 12:16:54 -05:00
Emmet
fca63c71e1 gnome fixes 2025-06-19 08:58:42 -05:00
Emmet
9bceef73de Added power profiles daemon 2025-06-19 07:48:10 -05:00
Emmet
2ebee8fea0 updated system 2025-06-17 15:51:17 -05:00
Emmet
5c58bc7eb6 power key should not destroy my work :| 2025-06-17 15:51:06 -05:00
Emmet
b716a1920f fix inkscape default app for svg 2025-06-17 15:50:55 -05:00
Emmet
66efbc6c1c hyprland groups are really cool!! 2025-06-08 12:23:21 -05:00
Emmet
46e06d4d55 Updated system 2025-06-07 17:26:14 -05:00
Emmet
95fa63e7f2 battery LIFE 2025-06-01 10:43:00 -05:00
Emmet
4cf0205329 updated system 2025-05-31 12:05:26 -05:00
Emmet
5891db1994 some emacs improvements 2025-05-29 10:11:10 -05:00
Emmet
bc68d41470 vscodium is overrated 2025-05-28 18:31:14 -05:00
Emmet
154754e635 window swallowing on yazi 2025-05-28 18:28:48 -05:00
Emmet
a0c30fa91a Trying vscodium out 2025-05-28 18:28:25 -05:00
Emmet
54bd50e866 trying upscayl 2025-05-28 17:27:06 -05:00
Emmet
cb4946c86d hyprland fixes 2025-05-28 17:27:01 -05:00
Emmet
8c62da4806 some godot + emacs fixes 2025-05-28 17:26:54 -05:00
Emmet
ba41fa5c0a updated system 2025-05-28 17:26:34 -05:00
Emmet
590a16df8d fast nix building 2025-05-21 13:58:12 -05:00
Emmet
e2f4029a99 Updated system 2025-05-17 10:01:16 -05:00
Emmet
61098b8bf2 might need this sometimes 2025-05-10 12:49:21 -05:00
Emmet
76bc180286 various fixes 2025-05-10 12:16:55 -05:00
Emmet
fef1d51ec1 work time management 2025-05-10 11:37:24 -05:00
Emmet
12fe0ac1f2 various cleanup 2025-05-10 11:37:19 -05:00
Emmet
38e7e0469c opengl for ashell 2025-05-10 11:17:01 -05:00
Emmet
c0532d96d2 updates for hyprland + ashell 2025-05-10 11:15:05 -05:00
Emmet
c8666c3638 doas fixes 2025-05-10 11:14:54 -05:00
Emmet
f708c24dc5 system fixes 2025-05-10 09:20:53 -05:00
Ori
17c684c89a Updated system 2025-05-10 02:01:11 -05:00
Emmet
58504c7fc4 Updated system 2025-05-04 09:23:25 -05:00
Ori
a01c55adaf Updated system 2025-05-03 12:11:22 -05:00
Ori
d791f724ac Updated system 2025-05-03 11:42:36 -05:00
Emmet
41b15489ad get building working again? 2025-05-03 11:42:04 -05:00
Ori
168256eb76 Updated system 2025-05-03 11:28:29 -05:00
Emmet
00c9e00cbb avoid erroring out if no updates available 2025-05-03 11:27:15 -05:00
Ori
f92e905725 Updated system 2025-05-03 11:18:22 -05:00
Ori
c76b49aae3 Updated system 2025-05-03 10:49:01 -05:00
Ori
3702ea7d4f Updated system 2025-05-03 10:39:02 -05:00
Emmet
07305f2422 hopefully this fixes auto-builder? 2025-05-03 10:11:29 -05:00
Emmet
abd1c42b79 Fix auto build script 2025-05-03 09:58:57 -05:00
Emmet
e5d9995856 trying to make an automatic system updater/builder 2025-05-02 14:42:30 -05:00
Emmet
3e63f2385f yazi fileselect for qb 2025-05-02 11:00:28 -05:00
Emmet
3e87bd1b9e switching over to yazi 2025-05-02 10:42:14 -05:00
Emmet
d704ed1c49 Revert "updated system" 
This reverts commit 909764d6a9.
 2025-04-26 10:38:03 -05:00
Emmet
c1fde985f0 fix phoenix build when dotfiles are unlocked 2025-04-25 11:13:52 -05:00
Emmet
909764d6a9 updated system 2025-04-25 11:12:59 -05:00
Emmet
0812e99783 gnome is nice to have around 2025-04-25 11:12:41 -05:00
Emmet
53a87c1815 makehuman is kinda cool 2025-04-25 11:10:27 -05:00
Emmet
9c132baedb More theming 2025-04-18 10:27:07 -05:00
Emmet
37c3ad4ef9 Fix intel iGPUs 2025-04-18 10:26:56 -05:00
Emmet
34d644aff0 Typo 2025-04-18 09:58:07 -05:00
Emmet
7c59e8ba92 Basic gnome customizations 2025-04-18 09:56:25 -05:00
Emmet
99435866a4 Updated system 2025-04-17 11:10:21 -05:00
Emmet
31e2f08079 Trying yazi instead of ranger 2025-04-17 10:24:54 -05:00
Emmet
c28546a0c8 Updated system 2025-04-17 10:24:48 -05:00
Emmet
1cd425c2b1 emacs fixes 2025-04-15 09:03:54 -05:00
Emmet
56c66b47e5 fixes for duskfall 2025-04-15 09:02:13 -05:00
Emmet
c6d5fe50f6 jovian doesn't seem to work on my system :| 2025-04-12 16:42:04 -05:00
Emmet
569c03e540 trying gnome on duskfall 2025-04-12 12:54:31 -05:00
Emmet
b6c786fa73 updated system 2025-04-12 12:44:31 -05:00
Emmet
a22643fda0 gdscript-mode fixed 2025-04-12 12:44:10 -05:00
Emmet
acfd1fd680 Some emacs fixes 2025-04-12 11:28:59 -05:00
Emmet
f202d2011a org node fixes 2025-04-07 10:05:21 -05:00
Emmet
94d0c3fd2c Fix Cura 2025-04-07 10:05:14 -05:00
Emmet
13d7a83981 Updated systems 2025-04-05 10:40:25 -05:00
Emmet
145505bd25 Updated system 2025-03-28 09:52:41 -05:00
Emmet
ba53b06504 vrr multi monitor is a bit glitchy 2025-03-28 08:15:08 -05:00
Emmet
20b3ebac4b some gaming fixes 2025-03-28 08:15:01 -05:00
Emmet
63bac87b76 Keep zsh when going into nix-shell 2025-03-26 10:20:14 -05:00
Emmet
68b58ccd0a For managing ldap server 2025-03-26 10:20:02 -05:00
Emmet
eb367190d4 fix org node 2025-03-26 09:04:27 -05:00
Emmet
1f628687fa some gaming fixes 2025-03-22 15:12:22 -05:00
Emmet
6e5af424be vrr + hdr for hyprland + gamescope 2025-03-22 10:02:54 -05:00
Emmet
f3f50a612c focus on activate 2025-03-22 10:02:43 -05:00
Emmet
89b54b1aaa updated system 2025-03-22 09:45:20 -05:00
Emmet
eade9c6bd8 Trying to get out of gamescope session wout reboot 2025-03-21 18:59:58 -05:00
Emmet
9a61a9ff03 intel improvements 2025-03-21 09:43:25 -05:00
Emmet
b87f720318 added learning apps 2025-03-21 09:43:13 -05:00
Emmet
d6fd22fc61 intel hwaccel improvements 2025-03-20 14:33:36 -05:00
Emmet
1a2ac810e3 ranger gcode preview script 2025-03-19 11:04:07 -05:00
Emmet
1fb21a0543 Better performance with alt gamescope session 2025-03-16 17:27:01 -05:00
Emmet
5efd1662eb typo 2025-03-15 14:29:12 -05:00
Emmet
8ff7e88f4f Gaming optimizations 2025-03-15 14:19:12 -05:00
Emmet
23b046aadb updated system 2025-03-15 14:18:21 -05:00
Emmet
c8eaa63b8a updated hyprgamemode script for more performance in mh wilds :) 2025-03-09 14:01:54 -05:00
Emmet
6136cc9f2a optimized some lower-powered hosts 2025-03-09 11:10:38 -05:00
Emmet
8a145e6580 fixed various problems 2025-03-08 17:54:36 -06:00
Emmet
c33d75a1be fixed some host-specific config 2025-03-08 16:36:47 -06:00
Emmet
c4dcf59357 scaling + updated fonts 2025-03-08 16:24:21 -06:00
Emmet
16b66ba515 Trying ashell 2025-03-08 16:24:10 -06:00
Emmet
3620c1ad51 reinstall to thinkpad 2025-03-08 13:06:32 -06:00
Emmet
7ef53cbab3 Updated system 2025-03-08 10:06:07 -06:00
Emmet
734186e087 Added hyprgamemode toggle for better performance 2025-03-08 10:05:54 -06:00
Emmet
e607d9f02e fix fcitx deprecated setup warning 2025-03-02 12:58:41 -06:00
Emmet
6781b0585e added sddm avatars 2025-03-02 12:58:35 -06:00
Emmet
ae2090378a Don't spawn nextcloud where it isn't necessary 2025-03-02 12:35:03 -06:00
Emmet
277dd6992c Use old sddm for now because themes 2025-03-02 12:34:45 -06:00
Emmet
9b8e886082 Fixed phoenix script 2025-03-02 12:29:27 -06:00
Emmet
98d5f73cc1 fix file mod time discrepencies for local secrets repo 2025-03-02 12:19:02 -06:00
Emmet
48263bc769 Make downloads from qb more seamless 2025-03-02 12:16:27 -06:00
Emmet
a298b75c7a emacs fixes 2025-03-02 11:40:27 -06:00
Emmet
15fa120084 hyprland gpu fixes 2025-03-02 11:40:15 -06:00
Emmet
e48a4ba75a Fix indenting in org mode 2025-03-02 08:58:15 -06:00
Emmet
32527be821 Slight fixes for steam 2025-03-02 08:58:02 -06:00
Emmet
c5fa7cd206 Fix building godot 2025-03-02 08:57:55 -06:00
Emmet
7d6bec4228 Fix hyprland after update 2025-03-02 08:57:31 -06:00
Emmet
8f04449cb0 Updated system 2025-03-01 07:52:28 -06:00
Emmet
8908025c43 Updated phoenix script 2025-03-01 07:29:37 -06:00
Emmet
b394cff259 Fix typo 2025-02-23 15:53:04 -06:00
Emmet
1b6bdc9790 Fixes for work computer 2025-02-23 15:50:44 -06:00
Emmet
d5a354a0df Fixes fetchGit glitch maybe? 2025-02-23 15:50:26 -06:00
Emmet
a1044a90b0 Updated system 2025-02-23 15:08:14 -06:00
Emmet
edefa9637c Removed some bloat 2025-02-23 15:07:51 -06:00
Emmet
c6b672ff9c Gaming optimizations? 2025-02-23 15:07:40 -06:00
Emmet
73c20c7f68 Rewrote phoenix script 2025-02-23 15:07:23 -06:00
Emmet
cae83f449e cachy scheduler 2025-02-18 20:37:56 -06:00
Emmet
352ac4c445 Better tlp settings? 2025-02-18 20:37:44 -06:00
Emmet
1b3b5e4b12 home manager uses global packages 2025-02-18 20:37:23 -06:00
Emmet
9a50ad5a3f fixed qute-containers 2025-02-16 15:16:04 -06:00
Emmet
16f689ff07 These scripts broke my thinkpad 2025-02-16 15:10:05 -06:00
Emmet
919b71abea add wife to gaming laptop 2025-02-16 15:09:47 -06:00
Emmet
1ac3b10b68 autostart emacs daemon 2025-02-16 15:09:36 -06:00
Emmet
85e5c666de fix keybinds 2025-02-16 15:09:31 -06:00
Emmet
33fb08cd68 Fixed polarias config 2025-02-15 16:23:31 -06:00
Emmet
9101886d9c Finalized plasma config (I hope!) 2025-02-12 20:32:33 -06:00
Emmet
68f10cc45a Fixes config conflict 2025-02-12 20:20:48 -06:00
Emmet
d786a00ee3 some plasma fixes 2025-02-12 20:18:05 -06:00
Emmet
25b7cbb919 Minor updates and got all systems to build! 2025-02-12 15:57:42 -06:00
Emmet
52ce2d1cb1 Arduinos 2025-02-12 14:13:04 -06:00
Emmet
f224e7cfc1 Move aliases for extras 2025-02-12 14:12:54 -06:00
Emmet
d63f9982f4 Why isn't nix-mode part of prog-mode? 2025-02-12 14:12:35 -06:00
Emmet
cd1d2d866b Major update to handle multiple systems 2025-02-12 14:12:11 -06:00
Emmet K
0453901d17 Major config overhaul: use custom modules, setup for multi-host config, and less boilerplate 2025-02-09 16:50:26 -06:00
Emmet
1fa8b17b07 Swapped some apps and added config 2025-01-31 22:09:43 -06:00
Emmet
19fb076abd Updated system 2025-01-31 22:09:09 -06:00
Emmet
99d4736759 lollypop -> mpd 2025-01-31 05:39:00 -06:00
Emmet
c48136641c fix script reference 2025-01-30 17:53:31 -06:00
Emmet
2c56a2e3bb +vterm 2025-01-28 22:10:37 -06:00
Emmet
0f95aa9305 insert items in motion state org mode 2025-01-28 21:47:51 -06:00
Emmet
b2ea20d730 Respawn eww bars when monitor connected 2025-01-28 21:42:00 -06:00
Emmet
b5f864ace9 org-todo 2025-01-28 21:26:53 -06:00
Emmet
19487cb432 open in workspace underneath ranger scratch term by default 2025-01-25 22:31:43 -06:00
Emmet
6aafa4a6af Updated system (& temp remove stuff that doesn't build) 2025-01-25 21:10:05 -06:00
Emmet
2b5c68a6c6 Replacing waybar with eww 2025-01-25 17:54:53 -06:00
Emmet
238b1987c1 my org mode is getting closer to doom emacs 2025-01-23 22:34:11 -06:00
Emmet
0850760486 some startup optimizations + better dired 2025-01-19 16:42:05 -06:00
Emmet
7a285da892 file management fixes in emacs 2025-01-19 12:02:57 -06:00
Emmet
ea1d540f84 unfinished work on making non-declarative configs more declarative :| 2025-01-18 23:01:24 -06:00
Emmet
99f32b0d1d overhaul of emacs config with only use-package 2025-01-18 22:59:30 -06:00
Emmet
4f95708829 Trying to fix usb hub lag 2025-01-18 13:39:38 -06:00
Emmet
ab494a2590 nix lsp server 2025-01-18 13:39:29 -06:00
Emmet
e1d290775f No longer use logseq 2025-01-18 11:37:24 -06:00
Emmet
bd8132c5ce Emacs daemon is fixed now 2025-01-18 11:23:30 -06:00
Emmet
f43d8ed821 Updated system 2025-01-18 11:21:45 -06:00
Emmet
26287e6627 Doom theme daemon bug workaround (don't use daemon) 2025-01-15 21:18:12 -06:00
Emmet
2ad56359fb org-node fix 2025-01-15 21:18:06 -06:00
Emmet
6affffc1c8 ultra-scroll is amazing!! 2025-01-15 21:17:05 -06:00
Emmet
b0f5968acd New SSD 2025-01-11 13:43:02 -06:00
Emmet
174dd50e16 Updated system 2025-01-11 09:58:51 -06:00
Emmet
69486ace88 Simplified qutebrowser containers 2025-01-11 09:58:38 -06:00
Emmet
228f602691 Rearranged user-dirs 2025-01-11 09:58:16 -06:00
Emmet
22669e1f6d Cleaned up some readme's and main config files 2025-01-07 14:51:33 -06:00
Emmet
38dd9e474a Use brave in qutebrowser 2025-01-07 14:35:48 -06:00
Emmet
194bf1f298 Forgot to commit treemacs-evil 2025-01-07 14:35:37 -06:00
Emmet
0d757f8f6d Fixes an org-mode keybind 2025-01-07 14:35:27 -06:00
Emmet
c10f209a8b Fixed config pull script 2025-01-07 14:35:06 -06:00
Emmet
9f8378b586 Updated system 2025-01-07 14:34:58 -06:00
Emmet
90d9b7a6b8 Updated stylix schema 2025-01-07 14:33:53 -06:00
Emmet
c7a8e44bb6 inherit pkgs-unstable 2025-01-04 06:37:33 -06:00
Emmet
43b2240d2d Disable steam 2025-01-04 06:37:18 -06:00
Emmet
166a8525e2 More org roam keybinds 2024-12-28 12:17:48 -06:00
Emmet
02a775ba57 Some doas fixes 2024-12-28 12:11:45 -06:00
Emmet
4b6d29902b note for later 2024-12-28 11:36:50 -06:00
Emmet
3e1caa4cde Quicker nix shell? 2024-12-28 11:35:36 -06:00
Emmet
95deb5b0c4 Fix redo 2024-12-28 11:32:11 -06:00
Emmet
b6f4118a6b Minor fixes 2024-12-28 11:30:30 -06:00
Emmet
a8f84076e1 Moved scripts into scripts/ 2024-12-28 11:03:24 -06:00
Emmet
cedb24e74d Removed some bloat 2024-12-28 10:47:54 -06:00
Emmet
fe6340553d Fixes line truncating in prog mode 2024-12-26 08:02:36 -06:00
Emmet
23ece1cc42 Various emacs fixes 2024-12-24 07:21:13 -06:00
Emmet
a7a32dba09 Fix emacs startup 2024-12-23 08:36:09 -06:00
Emmet
5f60682fd1 Updated system 2024-12-21 11:47:33 -06:00
Emmet
710fd0f169 some org-mode fixes 2024-12-19 13:55:42 -06:00
Emmet
2c042240ea Better double keypress rejection maybe? 2024-12-18 22:34:01 -06:00
Emmet
058320aea9 undo-fu and org-roam 2024-12-18 22:33:45 -06:00
Emmet
7a75115885 direnv 2024-12-17 14:20:58 -06:00
Emmet
c159757e33 Hoping this helps performance 2024-12-17 09:38:36 -06:00
Emmet
58eff218ce Added magit-todos 2024-12-16 14:56:20 -06:00
Emmet
a46254ff00 Plymouth is kinda cool 2024-12-15 16:59:27 -06:00
Emmet
8634babe28 Reverted hyprland ver 2024-12-15 10:08:54 -06:00
Emmet
99ecf7925f I think this should fix stupid cache permission errors 2024-12-15 07:08:16 -06:00
Emmet
1358906a30 Updated hyprland and rm some hyprland extras 2024-12-15 07:07:58 -06:00
Emmet
2764e2a86c Removing non-nix neovim config (will make nix neovim config later) 2024-12-15 07:07:21 -06:00
Emmet
2d490d087d Comment about declarative godot config 2024-12-14 21:43:10 -06:00
Emmet
63f4f88e1f Script security fix 2024-12-14 21:43:00 -06:00
Emmet
ee73848f3c Automatically get non-hm config files out of the way 2024-12-14 21:42:30 -06:00
Emmet
52d58fcd90 Updated system 2024-12-14 20:06:40 -06:00
Emmet
84fd06bfb7 Minor emacs config fixes 2024-12-14 17:37:58 -06:00
Emmet
43bfdff4c8 Some more emacs config updates 2024-12-14 17:29:25 -06:00
Emmet
58ba3f53c4 Better and declarative godot config 2024-12-14 10:54:55 -06:00
Emmet
c68f5cdc15 Hopefully this fixes substituters? 2024-12-08 10:09:22 -06:00
Emmet
9557a25db1 Get rid of annoying pasystray notifications 2024-12-08 10:06:16 -06:00
Emmet
245c97ab1d Declarative substituter settings for user 2024-12-07 23:42:53 -06:00
Emmet
e4d03a8300 Need projectile grep :| 2024-12-07 23:41:48 -06:00
Emmet
710df8920f Need this to operate attic 2024-12-07 23:25:01 -06:00
Emmet
fdbc49fac8 Updated system 2024-12-07 20:10:44 -06:00
Emmet
b2b9941c1a bandaid for https://github.com/NixOS/nix/issues/10202 2024-12-07 17:10:08 -06:00
Emmet
28fd35073c Nerd icons everywhere 2024-12-07 14:41:37 -06:00
Emmet
b07d3bf253 Updated hyprlock 2024-12-07 14:07:57 -06:00
Emmet
acd020feb8 Forgot to re-add chaotic to flake 2024-12-07 13:04:56 -06:00
Emmet
e24e76cd3f Added some basic godot ide stuff to emacs 2024-12-07 13:02:13 -06:00
Emmet
fdc301a09a Fix for chaotic 2024-12-07 12:17:52 -06:00
Emmet
35ea2d54b5 Org mode styling 2024-12-07 11:49:08 -06:00
Emmet
1aac49cf9b Reorganized emacs config 2024-12-07 10:51:31 -06:00
Emmet
509f38a50b Fixes iio-hyprland wallpaper bug 2024-12-06 14:30:34 -06:00
Emmet
0645a253b3 iio-hyprland is pretty epic :) 2024-12-06 11:37:37 -06:00
Emmet
b751878241 Use hyprprofiles even on work system profile 2024-12-06 10:32:11 -06:00
Emmet
ad598b4322 Some emacs improvements 2024-12-06 10:32:01 -06:00
Emmet
09708e1b37 Trying cachyos kernel 2024-12-06 10:31:50 -06:00
Emmet
5ba4deb614 Some more emacs config fixes and keybinds 2024-12-03 22:09:58 -06:00
Emmet
e1ec4d8c99 Some emacs fixes 2024-12-03 14:57:28 -06:00
Emmet
bcec988125 Start scratchpads automatically 2024-12-03 14:53:35 -06:00
Emmet
df1f12a896 Ricing emacs a bit 2024-12-01 18:06:02 -06:00
Emmet
22590257d1 Added sudo-edit 2024-12-01 07:15:13 -06:00
Emmet
a5d7529c2f Should hopefully improve build times 2024-11-30 23:46:04 -06:00
Emmet
47ca13829b Magit fixes + some style changes 2024-11-30 23:38:59 -06:00
Emmet
dad9e68dad Updated system 2024-11-30 23:34:36 -06:00
Emmet
874386138d Some more emacs config 2024-11-30 19:07:28 -06:00
Emmet
0dbe546122 Starting a vanilla emacs config 2024-11-28 20:11:59 -06:00
Emmet
9637ddbb8c Fix nix cache permission errors? 2024-11-28 19:16:18 -06:00
Emmet
de490f478d Fixed some popup windows on hyprland 2024-11-28 19:09:05 -06:00
Emmet
6f53422717 Trying to fix some wine apps :| 2024-11-27 18:04:03 -06:00
Emmet
966f9587d7 Some touch navigation for qutebrowser 2024-11-27 18:03:38 -06:00
Emmet
5c6d42ea79 Updated system 2024-11-22 21:05:37 -06:00
Emmet K
9e9561dd4f iio-hyprland is really cool 2024-11-20 15:04:07 -06:00
Emmet
46020354bb Updated system + hyprland 2024-11-15 21:17:52 -06:00
Emmet K
7b6cc8d4b3 Updated chadrc for newer nvchad 2024-11-14 22:39:43 -06:00
Emmet
caa751a30b Updated system and removed unecessary blender patch 2024-11-10 20:44:29 -06:00
Emmet
1e9af19457 Extra gpu stuff on qutebrowser 2024-11-08 21:56:06 -06:00
Emmet
33f3d14cbf Trying bfq scheduler 2024-11-08 14:59:53 -06:00
Emmet
be4639509d Fixed cura desktop file 2024-11-08 14:58:00 -06:00
Emmet
0c5037333f Turned off broken firejail profiles, needs fixing 2024-11-08 14:42:12 -06:00
Emmet
26162df66c Updated system, fixes, culled lots of old config 2024-11-08 14:41:54 -06:00
Emmet
0408d049d2 Freecad is kinda cool 2024-11-01 22:52:22 -05:00
Emmet
0251e201ab Updated system 2024-11-01 22:41:30 -05:00
622 changed files with 9750 additions and 13562 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.scratch/scratch.org-mode Normal file
View file

@ -0,0 +1 @@
# Scratchpad

84
README.org
View file

@ -13,28 +13,10 @@ These are my dotfiles (configuration files) for my NixOS setup(s).
Here is my main setup:
[[desktop.png]]
** My Themes
** Themes
[[https://github.com/danth/stylix#readme][Stylix]] (and [[https://github.com/SenchoPens/base16.nix#readme][base16.nix]], of course) is amazing, allowing you to theme your entire system with base16-themes.
Using this I have [[./themes][55+ themes]] (I add more sometimes) I can switch between on-the-fly. Visit the [[./themes][themes directory]] for more info and screenshots!
** Install
I wrote some reinstall notes for myself [[./install.org][here (install.org)]].
TLDR: You should™ be able to install my dotfiles to a fresh NixOS system with the following experimental script:
#+begin_src sh :noeval
nix-shell -p git --command "nix run --experimental-features 'nix-command flakes' gitlab:librephoenix/nixos-config"
#+end_src
Disclaimer: Ultimately, I can't gaurantee this will work for anyone other than myself, so /use this at your own discretion/. Also my dotfiles are /highly/ opinionated, which you will discover immediately if you try them out.
Potential Errors: I've only tested it working on UEFI with the default EFI mount point of =/boot=. I've added experimental legacy (BIOS) boot support, but it does rely on a quick and dirty script to find the grub device. If you are testing it using some weird boot configuration for whatever reason, try modifying =bootMountPath= (UEFI) or =grubDevice= (legacy BIOS) in =flake.nix= before install, or else it will complain about not being able to install the bootloader.
Note: If you're installing this to a VM, Hyprland won't work unless 3D acceleration is enabled.
Security Disclaimer: If you install or copy my =homelab= or =worklab= profiles, /CHANGE THE PUBLIC SSH KEYS UNLESS YOU WANT ME TO BE ABLE TO SSH INTO YOUR SERVER. YOU CAN CHANGE OR REMOVE THE SSH KEY IN THE RELEVANT CONFIGURATION.NIX/:
- [[./profiles/homelab/configuration.nix][configuration.nix]] for homelab profile
- [[./profiles/worklab/configuration.nix][configuration.nix]] for worklab profile
Using this I have [[./modules/themes][a lot of themes]] (I add more sometimes) I can switch between on-the-fly. Visit the [[./modules/themes][themes directory]] for more info and screenshots!
** Modules
Separate Nix files can be imported as modules using an import block:
@ -47,58 +29,58 @@ imports = [ ./import1.nix
This conveniently allows configurations to be (*cough cough) /modular/ (ba dum, tssss).
I have my modules separated into two groups:
- System-level - stored in the [[./system][system directory]]
- System-level modules are imported into configuration.nix, which is what is sourced into [[./flake.nix][my flake (flake.nix)]]
- User-level - stored in the [[./user][user directory]] (managed by home-manager)
- User-level modules are imported into home.nix, which is also sourced into [[./flake.nix][my flake (flake.nix)]]
I have my modules separated into three subdirectories:
- System-level - stored in the [[./modules/system][system directory]]
- User-level - stored in the [[./modules/user][user directory]]
More detailed information on these specific modules are in the [[./system][system directory]] and [[./user][user directory]] respectively.
** Install
I wrote some reinstall notes for myself [[./install.org][here (install.org)]].
Check them out if you'd like to try out my config in a VM or base your config on mine.
** Patches
In some cases, since I use =nixpgs-unstable=, I must patch nixpkgs. This can be done inside of a flake via:
#+BEGIN_SRC nix
nixpkgs-patched = (import nixpkgs { inherit system; }).applyPatches {
name = "nixpkgs-patched";
src = nixpkgs;
patches = [ ./example-patch.nix ];
};
nixpkgs-patched = (import nixpkgs { inherit system; }).applyPatches {
name = "nixpkgs-patched";
src = nixpkgs;
patches = [
./example-patch.nix
(builtins.fetchurl {
url = "https://asdf1234.patch";
sha256 = "sha256:qwerty123456...";
})
];
};
# configure pkgs
pkgs = import nixpkgs-patched { inherit system; };
# configure pkgs
pkgs = import nixpkgs-patched { inherit system; };
# configure lib
lib = nixpkgs.lib;
# configure lib
lib = nixpkgs.lib;
#+END_SRC
Patches can either be local or remote, so you can even import unmerged pull requests by using =fetchpatch= and the raw patch url, i.e: https://github.com/NixOS/nixpkgs/pull/example.patch.
I currently curate patches local to this repo in the [[./patches][patches]] directory.
** Profiles
I separate my configurations into [[./profiles][profiles]] (essentially system templates), i.e:
- [[./profiles/personal][Personal]] - What I would run on a personal laptop/desktop
- [[./profiles/work][Work]] - What I would run on a work laptop/desktop (if they let me bring my own OS :P)
- [[./profiles/homelab][Homelab]] - What I would run on a server or homelab
- [[./profiles/wsl][WSL]] - What I would run underneath Windows Subystem for Linux
My profile can be conveniently selected in [[./flake.nix][my flake.nix]] by setting the =profile= variable.
More detailed information on these profiles is in the [[./profiles][profiles directory]].
** Hosts
Configurations for all my machines are in [[./hosts][hosts]].
** Nix Wrapper Script
Some Nix commands are confusing, really long to type out, or require me to be in the directory with my dotfiles. To solve this, I wrote a [[./system/bin/phoenix.nix][wrapper script called phoenix]], which calls various scripts in the root of this directory.
Some Nix commands are confusing, really long to type out, or require me to be in the directory with my dotfiles. To solve this, I wrote a [[./modules/system/phoenix][wrapper script called phoenix]], which calls various scripts in the root of this directory.
TLDR:
- =phoenix sync= - Synchronize system and home-manager state with config files (essentially =nixos-rebuild switch= + =home-manager switch=)
- =phoenix sync system= - Only synchronize system state (essentially =nixos-rebuild switch=)
- =phoenix sync user= - Only synchronize home-manager state (essentially =home-manager switch=)
- =phoenix sync= - Synchronize system state with config
- =phoenix build= - Build all host configurations and push results to attic (requires attic config to be setup)
- =phoenix update= - Update all flake inputs without synchronizing system and home-manager states
- =phoenix upgrade= - Update flake.lock and synchronize system and home-manager states (=phoenix update= + =phoenix sync=)
- =phoenix update INPUT= - Update only the specified =INPUT= (see inputs in [[./flake.nix][flake.nix]])
- =phoenix refresh= - Call synchronization posthooks (mainly to refresh stylix and some dependent daemons)
- =phoenix pull= - Pull changes from upstream git and attempt to merge local changes (I use this to update systems other than my main system)
- =phoenix harden= - Ensure that all "system-level" files cannot be edited by an unprivileged user
- =phoenix soften= - Relax permissions so all dotfiles can be edited by a normal user (use temporarily for git or other operations)
- =phoenix lock= - Ensure that all "system-level" files cannot be edited by an unprivileged user
- =phoenix unlock= - Relax permissions so all dotfiles can be edited by a normal user (use temporarily for git or other operations)
- =phoenix gc= - Garbage collect the system and user nix stores
- =phoenix gc full= - Delete everything not currently in use
- =phoenix gc 15d= - Delete everything older than 15 days

1551
flake.lock generated
View file

File diff suppressed because it is too large Load diff

341
flake.nix
View file

@ -3,313 +3,116 @@
outputs = inputs@{ self, ... }:
let
# ---- SYSTEM SETTINGS ---- #
systemSettings = {
system = "x86_64-linux"; # system arch
hostname = "snowfire"; # hostname
profile = "personal"; # select a profile defined from my profiles directory
timezone = "America/Chicago"; # select timezone
locale = "en_US.UTF-8"; # select locale
bootMode = "uefi"; # uefi or bios
bootMountPath = "/boot"; # mount path for efi boot partition; only used for uefi boot mode
grubDevice = ""; # device identifier for grub; only used for legacy (bios) boot mode
gpuType = "amd"; # amd, intel or nvidia; only makes some slight mods for amd at the moment
};
# ----- USER SETTINGS ----- #
userSettings = rec {
username = "emmet"; # username
name = "Emmet"; # name/identifier
email = "emmet@librephoenix.com"; # email (used for certain configurations)
dotfilesDir = "~/.dotfiles"; # absolute path of the local repo
theme = "io"; # selcted theme from my themes directory (./themes/)
wm = "hyprland"; # Selected window manager or desktop environment; must select one in both ./user/wm/ and ./system/wm/
# window manager type (hyprland or x11) translator
wmType = if ((wm == "hyprland") || (wm == "plasma")) then "wayland" else "x11";
browser = "qutebrowser"; # Default browser; must select one from ./user/app/browser/
spawnBrowser = if ((browser == "qutebrowser") && (wm == "hyprland")) then "qutebrowser-hyprprofile" else (if (browser == "qutebrowser") then "qutebrowser --qt-flag enable-gpu-rasterization --qt-flag enable-native-gpu-memory-buffers --qt-flag num-raster-threads=4" else browser); # Browser spawn command must be specail for qb, since it doesn't gpu accelerate by default (why?)
defaultRoamDir = "Personal.p"; # Default org roam directory relative to ~/Org
term = "alacritty"; # Default terminal command;
font = "Intel One Mono"; # Selected font
fontPkg = pkgs.intel-one-mono; # Font package
editor = "neovide"; # Default editor;
# editor spawning translator
# generates a command that can be used to spawn editor inside a gui
# EDITOR and TERM session variables must be set in home.nix or other module
# I set the session variable SPAWNEDITOR to this in my home.nix for convenience
spawnEditor = if (editor == "emacsclient") then
"emacsclient -c -a 'emacs'"
else
(if ((editor == "vim") ||
(editor == "nvim") ||
(editor == "nano")) then
"exec " + term + " -e " + editor
else
(if (editor == "neovide") then
"neovide -- --listen /tmp/nvimsocket"
else
editor));
};
system = "x86_64-linux";
# create patched nixpkgs
nixpkgs-patched =
(import inputs.nixpkgs { system = systemSettings.system; rocmSupport = (if systemSettings.gpu == "amd" then true else false); }).applyPatches {
(import inputs.nixpkgs { inherit system; }).applyPatches {
name = "nixpkgs-patched";
src = inputs.nixpkgs;
patches = [ #./patches/emacs-no-version-check.patch
#./patches/nixpkgs-348697.patch
];
patches = [
#(builtins.fetchurl {
# url = "https://asdf1234.patch";
# sha256 = "sha256:qwerty123456...";
#})
];
};
# configure pkgs
# use nixpkgs if running a server (homelab or worklab profile)
# otherwise use patched nixos-unstable nixpkgs
pkgs = (if ((systemSettings.profile == "homelab") || (systemSettings.profile == "worklab"))
then
pkgs-stable
else
(import nixpkgs-patched {
system = systemSettings.system;
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
};
overlays = [ inputs.rust-overlay.overlays.default ];
}));
pkgs = import nixpkgs-patched {
inherit system;
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
};
overlays = [ inputs.rust-overlay.overlays.default inputs.emacs-overlay.overlays.default inputs.chaotic.overlays.default ];
};
pkgs-stable = import inputs.nixpkgs-stable {
system = systemSettings.system;
inherit system;
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
};
};
pkgs-unstable = import inputs.nixpkgs-patched {
system = systemSettings.system;
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
};
overlays = [ inputs.rust-overlay.overlays.default ];
};
pkgs-emacs = import inputs.emacs-pin-nixpkgs {
system = systemSettings.system;
};
pkgs-kdenlive = import inputs.kdenlive-pin-nixpkgs {
system = systemSettings.system;
};
pkgs-nwg-dock-hyprland = import inputs.nwg-dock-hyprland-pin-nixpkgs {
system = systemSettings.system;
};
# configure lib
# use nixpkgs if running a server (homelab or worklab profile)
# otherwise use patched nixos-unstable nixpkgs
lib = (if ((systemSettings.profile == "homelab") || (systemSettings.profile == "worklab"))
then
inputs.nixpkgs-stable.lib
else
inputs.nixpkgs.lib);
lib = inputs.nixpkgs.lib;
# use home-manager-stable if running a server (homelab or worklab profile)
# otherwise use home-manager-unstable
home-manager = (if ((systemSettings.profile == "homelab") || (systemSettings.profile == "worklab"))
then
inputs.home-manager-stable
else
inputs.home-manager-unstable);
# Systems that can run tests:
supportedSystems = [ "aarch64-linux" "i686-linux" "x86_64-linux" ];
# Function to generate a set based on supported systems:
forAllSystems = inputs.nixpkgs.lib.genAttrs supportedSystems;
# Attribute set of nixpkgs for each system:
nixpkgsFor =
forAllSystems (system: import inputs.nixpkgs { inherit system; });
# create a list of all directories inside of ./hosts
# every directory in ./hosts has config for that machine
hosts = builtins.filter (x: x != null) (lib.mapAttrsToList (name: value: if (value == "directory") then name else null) (builtins.readDir ./hosts));
in {
homeConfigurations = {
user = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
modules = [
(./. + "/profiles" + ("/" + systemSettings.profile) + "/home.nix") # load home.nix from selected PROFILE
];
extraSpecialArgs = {
# pass config variables from above
inherit pkgs-stable;
inherit pkgs-emacs;
inherit pkgs-kdenlive;
inherit pkgs-nwg-dock-hyprland;
inherit systemSettings;
inherit userSettings;
inherit inputs;
# generate a nixos configuration for every host in ./hosts
nixosConfigurations = builtins.listToAttrs
(map (host: {
name = host;
value = lib.nixosSystem {
system = "x86_64-linux";
modules = [
# host specific config
{ config.networking.hostName = host; }
(./hosts + "/${host}")
(inputs.secrets.hostSecrets.${host})
# my modules
./modules/system
# home manager
inputs.home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = {
inherit pkgs;
inherit pkgs-stable;
inherit inputs;
};
}
# chaos... control!
inputs.chaotic.nixosModules.default
];
specialArgs = {
inherit pkgs-stable;
inherit inputs;
};
};
};
};
nixosConfigurations = {
system = lib.nixosSystem {
system = systemSettings.system;
modules = [
(./. + "/profiles" + ("/" + systemSettings.profile) + "/configuration.nix")
inputs.lix-module.nixosModules.default
./system/bin/phoenix.nix
]; # load configuration.nix from selected PROFILE
specialArgs = {
# pass config variables from above
inherit pkgs-stable;
inherit systemSettings;
inherit userSettings;
inherit inputs;
};
};
};
nixOnDroidConfigurations = {
inherit pkgs;
default = inputs.nix-on-droid.lib.nixOnDroidConfiguration {
modules = [ ./profiles/nix-on-droid/configuration.nix ];
};
extraSpecialArgs = {
# pass config variables from above
inherit pkgs-stable;
inherit pkgs-emacs;
inherit systemSettings;
inherit userSettings;
inherit inputs;
};
};
packages = forAllSystems (system:
let pkgs = nixpkgsFor.${system};
in {
default = self.packages.${system}.install;
install = pkgs.writeShellApplication {
name = "install";
runtimeInputs = with pkgs; [ git ]; # I could make this fancier by adding other deps
text = ''${./install.sh} "$@"'';
};
});
apps = forAllSystems (system: {
default = self.apps.${system}.install;
install = {
type = "app";
program = "${self.packages.${system}.install}/bin/install";
};
});
}) hosts);
};
inputs = {
lix-module = {
url = "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz";
inputs.nixpkgs.follows = "nixpkgs";
};
nixpkgs.url = "nixpkgs/nixos-unstable";
nixpkgs-stable.url = "nixpkgs/nixos-24.05";
emacs-pin-nixpkgs.url = "nixpkgs/f72123158996b8d4449de481897d855bc47c7bf6";
kdenlive-pin-nixpkgs.url = "nixpkgs/cfec6d9203a461d9d698d8a60ef003cac6d0da94";
nwg-dock-hyprland-pin-nixpkgs.url = "nixpkgs/2098d845d76f8a21ae4fe12ed7c7df49098d3f15";
nixpkgs-stable.url = "nixpkgs/nixos-24.11";
chaotic.url = "github:chaotic-cx/nyx";
home-manager-unstable.url = "github:nix-community/home-manager/master";
home-manager-unstable.inputs.nixpkgs.follows = "nixpkgs";
home-manager-stable.url = "github:nix-community/home-manager/release-24.05";
home-manager-stable.inputs.nixpkgs.follows = "nixpkgs-stable";
nix-on-droid = {
url = "github:nix-community/nix-on-droid/master";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager-unstable";
};
home-manager.url = "github:nix-community/home-manager/master";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
hyprland = {
url = "github:hyprwm/Hyprland/v0.44.1?submodules=true";
url = "github:hyprwm/Hyprland/v0.51.0?submodules=true";
inputs.nixpkgs.follows = "nixpkgs";
};
hyprland-plugins = {
type = "git";
url = "https://code.hyprland.org/hyprwm/hyprland-plugins.git";
rev = "4d7f0b5d8b952f31f7d2e29af22ab0a55ca5c219"; #v0.44.1
inputs.hyprland.follows = "hyprland";
};
hyprlock = {
type = "git";
url = "https://code.hyprland.org/hyprwm/hyprlock.git";
rev = "73b0fc26c0e2f6f82f9d9f5b02e660a958902763";
inputs.nixpkgs.follows = "nixpkgs";
};
hyprgrass.url = "github:horriblename/hyprgrass/427690aec574fec75f5b7b800ac4a0b4c8e4b1d5";
hyprgrass.inputs.hyprland.follows = "hyprland";
nix-doom-emacs.url = "github:nix-community/nix-doom-emacs";
nix-doom-emacs.inputs.nixpkgs.follows = "emacs-pin-nixpkgs";
nix-straight.url = "github:librephoenix/nix-straight.el/pgtk-patch";
nix-straight.flake = false;
nix-doom-emacs.inputs.nix-straight.follows = "nix-straight";
nvchad = {
url = "github:NvChad/starter";
flake = false;
plasma-manager = {
url = "github:nix-community/plasma-manager";
inputs.nixpkgs.follows = "nixpkgs";
inputs.home-manager.follows = "home-manager";
};
eaf = {
url = "github:emacs-eaf/emacs-application-framework";
flake = false;
};
eaf-browser = {
url = "github:emacs-eaf/eaf-browser";
flake = false;
};
org-nursery = {
url = "github:chrisbarrett/nursery";
flake = false;
};
org-yaap = {
url = "gitlab:tygrdev/org-yaap";
flake = false;
};
org-side-tree = {
url = "github:localauthor/org-side-tree";
flake = false;
};
org-timeblock = {
url = "github:ichernyshovvv/org-timeblock";
flake = false;
};
org-krita = {
url = "github:librephoenix/org-krita";
flake = false;
};
org-xournalpp = {
url = "gitlab:vherrmann/org-xournalpp";
flake = false;
};
org-sliced-images = {
url = "github:jcfk/org-sliced-images";
flake = false;
};
magit-file-icons = {
url = "github:librephoenix/magit-file-icons/abstract-icon-getters-compat";
flake = false;
};
phscroll = {
url = "github:misohena/phscroll";
flake = false;
};
mini-frame = {
url = "github:muffinmad/emacs-mini-frame";
flake = false;
};
stylix.url = "github:nix-community/stylix";
stylix.url = "github:danth/stylix";
emacs-overlay = {
url = "github:nix-community/emacs-overlay";
inputs.nixpkgs.follows = "nixpkgs";
};
rust-overlay.url = "github:oxalica/rust-overlay";
@ -317,5 +120,11 @@
url = "github:StevenBlack/hosts";
flake = false;
};
secrets = {
url = "path:/etc/nixos.secrets";
type = "git";
inputs.nixpkgs.follows = "nixpkgs";
};
};
}

36
harden.sh
View file

@ -1,36 +0,0 @@
#!/bin/sh
# This will harden the security of these dotfiles, preventing
# unpriveleged users from editing system-level (root configuration)
# files maliciously
# Run this inside of ~/.dotfiles (or whatever directory you installed
# the dotfiles to)
# Run this as root!
# BTW, this assumes your user account has a PID/GID of 1000
# After running this, the command `nix flake update` will require root
if [ "$#" = 1 ]; then
SCRIPT_DIR=$1;
else
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
fi
pushd $SCRIPT_DIR &> /dev/null;
sudo chown 0:0 .;
sudo chown 0:0 profiles/*;
sudo chown -R 0:0 system;
sudo chown -R 0:0 patches;
sudo chown 0:0 flake.lock;
sudo chown 0:0 flake.nix
sudo chown 0:0 profiles
sudo chown 0:0 profiles/*/configuration.nix;
sudo chown 0:0 profiles/homelab/base.nix;
sudo chown 0:0 harden.sh;
sudo chown 0:0 soften.sh;
sudo chown 0:0 install.sh;
sudo chown 0:0 update.sh;
sudo chown 1000:users **/README.org;
popd &> /dev/null;

11
hosts/README.org Normal file
View file

@ -0,0 +1,11 @@
#+title: Machines
This directory contains config for each of my machines.
In this directory you'll find:
- [[./snowfire][snowfire]] - My main machine (gaming laptop)
- [[./duskfall][duskfall]] - An old thinkpad I use occasionally
- [[./stardust][stardust]] - My wife's laptop
- [[./zenith][zenith]] - My work laptop
- [[./ori][ori]] - My homelab server host
- [[./TEMPLATE][TEMPLATE]] - Template files to use for a new host

0
profiles/personal/README.org → hosts/TEMPLATE/README.org
View file

61
hosts/TEMPLATE/configuration.nix Normal file
View file

@ -0,0 +1,61 @@
{ config, lib, pkgs, ... }:
{
config = {
systemSettings = {
# users
users = [ "USERNAME" ];
adminUsers = [ "USERNAME" ];
# hardware
cachy.enable = true;
bluetooth.enable = true;
powerprofiles.enable = true;
tlp.enable = false;
printing.enable = true;
# software
flatpak.enable = false;
gaming.enable = false;
virtualization = {
docker.enable = false;
virtualMachines.enable = false;
};
brave.enable = true;
# wm
hyprland.enable = true;
# dotfiles
dotfilesDir = "/etc/nixos";
# security
security = {
automount.enable = true;
blocklist.enable = true;
doas.enable = true;
firejail.enable = false; # TODO setup firejail profiles
firewall.enable = true;
gpg.enable = true;
openvpn.enable = true;
sshd.enable = false;
};
# style
stylix = {
enable = true;
theme = "orichalcum";
};
};
users.users.USERNAME.description = "NAME";
home-manager.users.USERNAME.userSettings = {
name = "NAME";
email = "EMAIL";
};
## EXTRA CONFIG GOES HERE
};
}

14
hosts/TEMPLATE/default.nix Normal file
View file

@ -0,0 +1,14 @@
{ config, lib, pkgs, ... }:
{
imports = [
./configuration.nix
./hardware-configuration.nix
];
config = {
home-manager.users = builtins.listToAttrs
(map (user: { name = user; value =
({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
};
}

8
hosts/TEMPLATE/hardware-configuration.nix Normal file
View file

@ -0,0 +1,8 @@
## THIS FILE MUST BE GENERATED ON A PER MACHINE BASIS
## RUN
{ config, lib, pkgs, modulesPath, inputs, ... }:
{
}

47
hosts/TEMPLATE/home.nix Normal file
View file

@ -0,0 +1,47 @@
{ config, lib, pkgs, ... }:
{
config = {
userSettings = {
# setup
shell = {
enable = true;
apps.enable = true;
extraApps.enable = true;
};
xdg.enable = true;
# programs
browser = "brave";
editor = "emacs";
vscodium.enable = true;
yazi.enable = true;
git.enable = true;
engineering.enable = false;
art.enable = false;
flatpak.enable = false;
godot.enable = false;
keepass.enable = false;
media.enable = true;
music.enable = false;
office.enable = true;
recording.enable = false;
virtualization = {
virtualMachines.enable = false;
};
ai.enable = false;
# wm
hyprland.enable = true;
# style
stylix.enable = true;
# hardware
bluetooth.enable = true;
};
## EXTRA CONFIG GOES HERE
};
}

3
hosts/duskfall/README.org Normal file
View file

@ -0,0 +1,3 @@
#+title: Thinkpad go brrr...
This is my config for an old Thinkpad. It's /really/ slow, but it's nice since it has a touch screen and pen with palm rejection! I don't use it that often, and I'm considering connecting it to the TV and trying Kodi out on it.

68
hosts/duskfall/configuration.nix Normal file
View file

@ -0,0 +1,68 @@
{ config, lib, pkgs, ... }:
{
config = {
systemSettings = {
# users
users = [ "emmet" "ignatius" ];
adminUsers = [ "emmet" ];
# hardware
cachy.enable = true;
bluetooth.enable = true;
powerprofiles.enable = true;
tlp.enable = false;
printing.enable = true;
# software
flatpak.enable = false;
virtualization = {
docker.enable = true;
virtualMachines.enable = false;
};
brave.enable = true;
# wm
hyprland.enable = true;
# dotfiles
dotfilesDir = "/etc/nixos";
# security
security = {
automount.enable = true;
blocklist.enable = true;
doas.enable = true;
firejail.enable = false; # TODO setup firejail profiles
firewall.enable = true;
gpg.enable = true;
openvpn.enable = true;
sshd.enable = false;
};
# style
stylix = {
enable = true;
theme = "io";
};
};
users.users.emmet.description = "Emmet";
home-manager.users.emmet.userSettings = {
name = "Emmet";
email = "emmet@librephoenix.com";
};
users.users.ignatius.description = "Ignatius";
home-manager.users.ignatius.userSettings = {
stylix.theme = "woodland";
};
environment.systemPackages = with pkgs; [
libwacom
];
services.xserver.wacom.enable = true;
services.xserver.videoDrivers = [ "i915" ];
};
}

14
hosts/duskfall/default.nix Normal file
View file

@ -0,0 +1,14 @@
{ config, lib, pkgs, ... }:
{
imports = [
./configuration.nix
./hardware-configuration.nix
];
config = {
home-manager.users = builtins.listToAttrs
(map (user: { name = user; value =
({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
};
}

100
hosts/duskfall/hardware-configuration.nix Normal file
View file

@ -0,0 +1,100 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
services.fstrim.enable = true;
services.xserver.videoDrivers = lib.mkDefault [ "modesetting" ];
services.undervolt = {
enable = true;
coreOffset = -100;
uncoreOffset = -100;
analogioOffset = -100;
gpuOffset = -100;
};
hardware.graphics = {
enable = lib.mkDefault true;
enable32Bit = lib.mkDefault true;
extraPackages = with pkgs; [
vpl-gpu-rt
intel-media-driver
intel-vaapi-driver
vaapiIntel
vaapiVdpau
libvdpau-va-gl
];
extraPackages32 = with pkgs.driversi686Linux; [
intel-media-driver
intel-vaapi-driver
libvdpau-va-gl
];
};
environment.sessionVariables = {
LIBVA_DRIVER_NAME = "iHD";
};
powerManagement.cpuFreqGovernor = "performance";
services.thermald.enable = true;
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ "i915" ];
boot.kernelModules = [ "kvm-intel" ];
boot.kernelParams = [ "psmouse.synaptics_intertouch=0" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/9982bd44-cfaa-4959-8e30-3341f728c29a";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-3165c377-6b98-498c-bd86-20a8fc530e9d".device = "/dev/disk/by-uuid/3165c377-6b98-498c-bd86-20a8fc530e9d";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/4DA8-3F95";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices = [ ];
services.pipewire.enable = lib.mkForce false;
hardware.pulseaudio.enable = true;
hardware.pulseaudio.daemon.config = {
default-sample-format = "float32ne";
default-sample-rate = 48000;
alternate-sample-rate = 44100;
default-sample-channels = 2;
default-channel-map = "front-left,front-right";
default-fragments = 2;
default-fragment-size-msec = 125;
resample-method = "speex-float-5";
enable-lfe-remixing = "no";
high-priority = "yes";
nice-level = -11;
realtime-scheduling = "yes";
realtime-priority = 9;
rlimit-rtprio = 9;
rlimit-rttime = -1;
daemonize = "no";
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

81
hosts/duskfall/home.nix Normal file
View file

@ -0,0 +1,81 @@
{ config, lib, pkgs, ... }:
{
config = {
userSettings = {
# setup
shell = {
enable = true;
apps.enable = true;
extraApps.enable = true;
};
xdg.enable = true;
# programs
browser = "brave";
editor = "emacs";
yazi.enable = true;
git.enable = true;
engineering.enable = true;
art.enable = true;
flatpak.enable = false;
godot.enable = true;
keepass.enable = true;
media.enable = true;
music.enable = true;
office.enable = true;
# wm
hyprland.enable = true;
hyprland.performanceOptimizations = true;
# style
stylix.enable = true;
# hardware
bluetooth.enable = true;
};
home.packages = with pkgs; [
cage
gcompris
tuxpaint
];
home.sessionVariables = lib.mkIf config.userSettings.hyprland.enable {
AQ_DRM_DEVICES = lib.mkForce "/dev/dri/card0";
};
wayland.windowManager.hyprland = lib.mkIf config.userSettings.hyprland.enable {
settings = {
misc = {
vfr = true;
};
animations = {
enabled = lib.mkForce "no";
};
decoration = {
shadow.enabled = lib.mkForce false;
blur = {
size = lib.mkForce 10;
passes = lib.mkForce 1;
};
};
#input = {
# repeat_delay = lib.mkForce 850;
# repeat_rate = lib.mkForce 80;
#};
monitor = [
"eDP-1,1920x1080@48,0x0,1"
];
};
};
};
}

7
hosts/ori/README.org Normal file
View file

@ -0,0 +1,7 @@
#+title: Just chillin'
This is for my personal gaming laptop. Necessary and extra batteries included: office, engineering, development, media, recording, and gaming apps. Highly bloated system.
Specs:
- Asus ROG Strix G15 Advantage
- Upgraded to 64GB of RAM + 1TB SSD

56
hosts/ori/configuration.nix Normal file
View file

@ -0,0 +1,56 @@
{ config, lib, pkgs, ... }:
{
config = {
systemSettings = {
# users
users = [ "emmet" ];
adminUsers = [ "emmet" ];
# hardware
cachy.enable = true;
cachy.variant = "server";
virtualization = {
docker.enable = true;
};
# dotfiles
dotfilesDir = "/etc/nixos";
systemBuilder.enable = false;
# security
security = {
automount.enable = false;
blocklist.enable = true;
doas.enable = true;
firejail.enable = false; # TODO setup firejail profiles
firewall.enable = true;
gpg.enable = true;
sshd.enable = true;
};
stylix = {
enable = true;
theme = "tomorrow-night";
};
};
users.users.emmet.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDaeejVJwUVrIZSo1isbu+gkQ7+8ftCgCsczy3OclkEVWHyRTqlG6yp74hr3j8ZNsOhov7c2Q6RqC8oy669hlxi/y9BsvtlI7sBr94oAKFOmkCS4RiK72ngJjBvI0vbk89wQQjmAd3r8B7ZcedpNOC8CkHu8SebKdYPRIUvAbPc3fTEt7DsJkazAepZCB8LEhUp57FAqQ/Ezlt3X/1uwNq5S0EbE9Zm+nUpEfSqR9apY2neKWLyGiCxpK3dzyNOuulCxvtVz+ie2sTk/6SxM+qWEoVVxhdwyxPihEjgC0EvtG0S5mVh5JmcjRkJOzzBHJuw+6r8yWn/AxGdIsoJ4rKNxH1XH1iLHgCraOLOUjUNlmejTcQPu6o92a79fdz2gCHT/BuIjfCW7MErAC3YSmF45TSur/kiWCBaTqYo06pgbQ3w1vKg7fievQlQzsutmg47RvJp6fb74yxuOdVg39cShQu/l8r6zqm21JAeUaaIp4P/0MrAIMOOVUhbK0QgsNElO4yn0ZKH8wGIF8xORh7ikxUIAyq8C41gjJiO2sAFJc3M8DhduQU3X0lHB7U0Qyu+8ZXn05+zdFPXJ73LKc7DCcLkppRXJsdHLSDEFdWqFnV7o08B4qZkPMT4pmvhwhY0Pf1fwavOqxuTstzw18gUGyQzl0foQi0Qrmdazsp2Qw== emmet@snowfire"
];
environment.systemPackages = with pkgs; [
rclone
rdiff-backup
rsnapshot
cryptsetup
gocryptfs
attic-client
];
programs.fuse.userAllowOther = true;
};
}

14
hosts/ori/default.nix Normal file
View file

@ -0,0 +1,14 @@
{ config, lib, pkgs, ... }:
{
imports = [
./configuration.nix
./hardware-configuration.nix
];
config = {
home-manager.users = builtins.listToAttrs
(map (user: { name = user; value =
({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
};
}

69
hosts/ori/hardware-configuration.nix Normal file
View file

@ -0,0 +1,69 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, inputs, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
services.fstrim.enable = true;
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "ums_realtek" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/ea03d496-2769-485d-b5cb-de0b58cb698c";
fsType = "btrfs";
options = [ "subvol=@" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/4F5E-11FB";
fsType = "vfat";
};
swapDevices = [ ];
services.btrfs.autoScrub = {
enable = true;
interval = "weekly";
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.br-df7898ffaebc.useDHCP = lib.mkDefault true;
# networking.interfaces.br-e6c4f9058f19.useDHCP = lib.mkDefault true;
# networking.interfaces.docker0.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.veth00e4385.useDHCP = lib.mkDefault true;
# networking.interfaces.veth0814d46.useDHCP = lib.mkDefault true;
# networking.interfaces.veth329e18d.useDHCP = lib.mkDefault true;
# networking.interfaces.veth54f044d.useDHCP = lib.mkDefault true;
# networking.interfaces.veth71ad87e.useDHCP = lib.mkDefault true;
# networking.interfaces.veth8a14ed4.useDHCP = lib.mkDefault true;
# networking.interfaces.veth906e2ca.useDHCP = lib.mkDefault true;
# networking.interfaces.veth95a2121.useDHCP = lib.mkDefault true;
# networking.interfaces.veth96c8b25.useDHCP = lib.mkDefault true;
# networking.interfaces.veth97cb8cc.useDHCP = lib.mkDefault true;
# networking.interfaces.veth9f4b444.useDHCP = lib.mkDefault true;
# networking.interfaces.vethb88cfbb.useDHCP = lib.mkDefault true;
# networking.interfaces.vethc1707ca.useDHCP = lib.mkDefault true;
# networking.interfaces.vethec441e8.useDHCP = lib.mkDefault true;
# networking.interfaces.vethed69a4e.useDHCP = lib.mkDefault true;
# networking.interfaces.vethf0728b9.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# Enable OpenGL
hardware.opengl = {
enable = true;
};
}

21
hosts/ori/home.nix Normal file
View file

@ -0,0 +1,21 @@
{ config, lib, pkgs, ... }:
{
config = {
userSettings = {
# setup
shell = {
enable = true;
apps.enable = true;
};
xdg.enable = true;
# programs
ranger.enable = true;
yazi.enable = true;
git.enable = true;
};
};
}

3
hosts/snowfire/README.org Normal file
View file

@ -0,0 +1,3 @@
#+title: Just chillin'
This is my profile for a personal computer. It is functionally identical to my [[../work]] profile, but includes extra things like games and social apps!

69
hosts/snowfire/configuration.nix Normal file
View file

@ -0,0 +1,69 @@
{ config, lib, pkgs, ... }:
{
config = {
systemSettings = {
# users
users = [ "emmet" ];
adminUsers = [ "emmet" ];
# hardware
cachy.enable = true;
bluetooth.enable = true;
powerprofiles.enable = true;
tlp.enable = false;
printing.enable = true;
# software
flatpak.enable = true;
gaming.enable = true;
virtualization = {
docker.enable = true;
virtualMachines.enable = true;
};
brave.enable = true;
# wm
hyprland.enable = true;
# dotfiles
dotfilesDir = "/etc/nixos";
# security
security = {
automount.enable = true;
blocklist.enable = true;
doas.enable = true;
firejail.enable = false; # TODO setup firejail profiles
firewall.enable = true;
gpg.enable = true;
openvpn.enable = true;
sshd.enable = false;
};
# style
stylix = {
enable = true;
theme = "orichalcum";
};
};
services.thermald.enable = true;
services.asusd.enable = true;
services.supergfxd.enable = true;
environment.systemPackages = with pkgs; [
asusctl
supergfxctl
];
users.users.emmet.description = "Emmet";
home-manager.users.emmet.userSettings = {
name = "Emmet";
email = "emmet@librephoenix.com";
};
services.displayManager.defaultSession = "hyprland";
};
}

14
hosts/snowfire/default.nix Normal file
View file

@ -0,0 +1,14 @@
{ config, lib, pkgs, ... }:
{
imports = [
./configuration.nix
./hardware-configuration.nix
];
config = {
home-manager.users = builtins.listToAttrs
(map (user: { name = user; value =
({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
};
}

84
system/hardware-configuration.nix → hosts/snowfire/hardware-configuration.nix
View file

@ -9,29 +9,68 @@
];
services.fstrim.enable = true;
services.lact.enable = true;
#services.lact.settings = {};
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "radeon" ];
boot.initrd.kernelModules = [ "radeon" ];
boot.kernelModules = [ "kvm-amd" "radeon" "zenpower" "8812au" ];
boot.blacklistedKernelModules = [ "k10temp" ];
boot.kernelParams = [ "amd_pstate=active" ];
boot.extraModulePackages = with config.boot.kernelPackages; [ zenpower rtl8812au ];
boot.kernelParams = [ "amd_pstate=active" "acpi_osi=Linux" "acpi_wake=USB0" ];
boot.extraModulePackages = with config.boot.kernelPackages; [ zenpower ];
networking.wireguard.enable = true;
# https://wiki.nixos.org/wiki/Mesa
hardware = {
graphics =
let
fn = oa: {
nativeBuildInputs = oa.nativeBuildInputs ++ [ pkgs.glslang ];
mesonFlags = oa.mesonFlags ++ [ "-Dvulkan-layers=device-select,overlay" ];
# patches = oa.patches ++ [ ./mesa-vulkan-layer-nvidia.patch ]; See below
postInstall = oa.postInstall + ''
mv $out/lib/libVkLayer* $drivers/lib
#Device Select layer
layer=VkLayer_MESA_device_select
substituteInPlace $drivers/share/vulkan/implicit_layer.d/''${layer}.json \
--replace "lib''${layer}" "$drivers/lib/lib''${layer}"
#Overlay layer
layer=VkLayer_MESA_overlay
substituteInPlace $drivers/share/vulkan/explicit_layer.d/''${layer}.json \
--replace "lib''${layer}" "$drivers/lib/lib''${layer}"
'';
};
in
with pkgs; {
enable = true;
enable32Bit = true;
package = (mesa.overrideAttrs fn).drivers;
package32 = (pkgsi686Linux.mesa.overrideAttrs fn).drivers;
#extraPackages = with pkgs; [ amdvlk ];
#extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ];
};
};
hardware.opengl.extraPackages = [ pkgs.rocmPackages.clr.icd ];
hardware.opengl.extraPackages32 = [ ];
environment.systemPackages = with pkgs.rocmPackages; [ hipcc hip-common hiprand hipblas hipfft hipcub hipify ];
#environment.systemPackages = with pkgs.rocmPackages; [ hipcc hip-common hiprand hipblas hipfft hipcub hipify ];
environment.systemPackages = with pkgs.rocmPackages; [ hipcc hip-common hiprand hipfft hipcub hipify ];
services.xserver.videoDrivers = lib.mkDefault [ "modesetting" ];
hardware.graphics = {
enable = lib.mkDefault true;
enable32Bit = lib.mkDefault true;
};
hardware.amdgpu.initrd.enable = true;
hardware.amdgpu.opencl.enable = true;
hardware.amdgpu.amdvlk.enable = true;
#hardware.amdgpu.amdvlk.enable = true;
#hardware.amdgpu.overdrive.enable = true;
environment.sessionVariables = {
VK_ICD_FILENAMES = "/run/opengl-driver/share/vulkan/icd.d/radeon_icd.x86_64.json"; # fix for godot
};
# makes disk io not freeze the computer
services.udev.extraRules = ''
ACTION=="add|change", SUBSYSTEM=="block", ENV{ID_SERIAL_SHORT}=="BTKA121225GP512A", ATTR{queue/scheduler}="bfq"
'';
systemd.tmpfiles.rules =
let
@ -77,30 +116,25 @@
};
boot.kernel.sysctl = {
"vm.swappiness" = 90;
"vm.vfs_cache_pressure" = 50;
"vm.dirty_background_ratio" = 2;
"vm.dirty_ratio" = 5;
};
services.btrfs.autoScrub = {
enable = true;
interval = "weekly";
"vm.swappiness" = 180;
"vm.vfs_cache_pressure" = 500;
"vm.dirty_background_ratio" = 4;
"vm.dirty_ratio" = 8;
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/637d8261-0650-4ece-a35b-59d97baf64a7";
fsType = "btrfs";
options = [ "noatime,compress-force=zstd:2,discard=async,commit=120,clear_cache,space_cache=v2,subvol=@" ];
{ device = "/dev/disk/by-uuid/88f5f921-0a64-4711-9d74-e0f8a3a1b3af";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-385106b5-71f7-460e-9a2b-2416f3b54cb6".device = "/dev/disk/by-uuid/385106b5-71f7-460e-9a2b-2416f3b54cb6";
boot.initrd.luks.devices."luks-09f429eb-1add-48da-b3b8-1a811c0d1472".device = "/dev/disk/by-uuid/09f429eb-1add-48da-b3b8-1a811c0d1472";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/F09D-73C9";
{ device = "/dev/disk/by-uuid/4695-0F2E";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

58
hosts/snowfire/home.nix Normal file
View file

@ -0,0 +1,58 @@
{ config, lib, pkgs, ... }:
{
config = {
userSettings = {
# setup
shell = {
enable = true;
apps.enable = true;
extraApps.enable = true;
};
xdg.enable = true;
# programs
browser = "brave";
editor = "emacs";
vscodium.enable = true;
yazi.enable = true;
git.enable = true;
engineering.enable = true;
art.enable = true;
flatpak.enable = false;
godot.enable = true;
keepass.enable = true;
media.enable = true;
music.enable = true;
office.enable = true;
recording.enable = true;
virtualization = {
virtualMachines.enable = true;
};
ai.enable = true;
# wm
hyprland.enable = true;
# style
stylix.enable = true;
# hardware
bluetooth.enable = true;
};
home.sessionVariables = lib.mkIf config.userSettings.hyprland.enable {
AQ_DRM_DEVICES = lib.mkForce "/dev/dri/card1:/dev/dri/card2";
};
wayland.windowManager.hyprland = lib.mkIf config.userSettings.hyprland.enable {
settings = {
monitor = [
"eDP-1,1920x1080@60.00,720x864,1.25,vrr,0"
"HDMI-A-1,preferred,1536x0,1.25,vrr,0"
"DP-1,preferred,0x0,1.25,vrr,0"
];
};
};
};
}

3
hosts/stardust/README.org Normal file
View file

@ -0,0 +1,3 @@
#+title: For my wife
This is a config for my wife's computer. She likes Plasma and she mainly uses it for her art work and some light gaming.

53
hosts/stardust/configuration.nix Normal file
View file

@ -0,0 +1,53 @@
{ config, lib, pkgs, ... }:
{
config = {
systemSettings = {
# users
users = [ "corrina" ];
adminUsers = [ "corrina" ];
# hardware
cachy.enable = true;
bluetooth.enable = true;
tlp.enable = true;
printing.enable = true;
# software
flatpak.enable = true;
gaming.enable = true;
virtualization = {
docker.enable = true;
};
brave.enable = true;
# wm
plasma.enable = true;
# security
security = {
automount.enable = true;
blocklist.enable = true;
doas.enable = true;
firejail.enable = false; # TODO setup firejail profiles
firewall.enable = true;
gpg.enable = true;
openvpn.enable = true;
sshd.enable = false;
};
# style
stylix = {
enable = true;
theme = "spaceduck";
};
};
users.users.corrina.description = "Corrina";
home-manager.users.corrina.userSettings = {
name = "Corrina";
};
};
}

14
hosts/stardust/default.nix Normal file
View file

@ -0,0 +1,14 @@
{ config, lib, pkgs, ... }:
{
imports = [
./configuration.nix
./hardware-configuration.nix
];
config = {
home-manager.users = builtins.listToAttrs
(map (user: { name = user; value =
({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
};
}

41
hosts/stardust/hardware-configuration.nix Normal file
View file

@ -0,0 +1,41 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/3d07095a-0dc5-4a51-99be-592352b5755c";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-cc9ec6bd-3b81-47ad-b289-4c56da1fc791".device = "/dev/disk/by-uuid/cc9ec6bd-3b81-47ad-b289-4c56da1fc791";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/5179-698C";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
# networking.interfaces.wwan0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

39
hosts/stardust/home.nix Normal file
View file

@ -0,0 +1,39 @@
{ config, lib, pkgs, ... }:
{
config = {
userSettings = {
# setup
shell = {
enable = true;
apps.enable = true;
extraApps.enable = true;
};
xdg.enable = true;
# programs
browser = "brave";
editor = "vscodium";
ranger.enable = true;
yazi.enable = true;
git.enable = true;
art.enable = true;
flatpak.enable = false;
godot.enable = true;
keepass.enable = true;
media.enable = true;
office.enable = true;
# wm
plasma.enable = true;
# style
stylix.enable = true;
# hardware
bluetooth.enable = true;
};
};
}

3
hosts/zenith/README.org Normal file
View file

@ -0,0 +1,3 @@
#+title: Time to focus
This is config for my work computer. Essentially the same as [[../snowfire][snowfire]], just minus the gaming (and a few other things).

66
hosts/zenith/configuration.nix Normal file
View file

@ -0,0 +1,66 @@
{ config, lib, pkgs, ... }:
{
config = {
systemSettings = {
# users
users = [ "emmet" ];
adminUsers = [ "emmet" ];
# hardware
cachy.enable = true;
bluetooth.enable = true;
tlp.enable = false; # intel doesn't work with tlp
printing.enable = true;
# software
flatpak.enable = false;
virtualization = {
docker.enable = true;
virtualMachines.enable = true;
};
brave.enable = true;
# wm
hyprland.enable = true;
# dotfiles
dotfilesDir = "/etc/nixos";
# security
security = {
automount.enable = true;
blocklist.enable = true;
doas.enable = true;
firejail.enable = false; # TODO setup firejail profiles
firewall.enable = true;
gpg.enable = true;
openvpn.enable = true;
sshd.enable = false;
};
# style
stylix = {
enable = true;
theme = "alph";
};
};
programs.localsend.enable = true;
programs.localsend.openFirewall = true;
home-manager.users.emmet.userSettings = {
name = "Emmet";
};
environment.systemPackages = with pkgs; [
libwacom
];
services.xserver.wacom.enable = true;
services.xserver.videoDrivers = [ "i915" ];
services.displayManager.defaultSession = "hyprland";
};
}

14
hosts/zenith/default.nix Normal file
View file

@ -0,0 +1,14 @@
{ config, lib, pkgs, ... }:
{
imports = [
./configuration.nix
./hardware-configuration.nix
];
config = {
home-manager.users = builtins.listToAttrs
(map (user: { name = user; value =
({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
};
}

48
hosts/zenith/hardware-configuration.nix Normal file
View file

@ -0,0 +1,48 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = with config.boot.kernelPackages; [ zenpower ];
services.fstrim.enable = true;
services.xserver.videoDrivers = lib.mkDefault [ "modesetting" ];
powerManagement.cpuFreqGovernor = "performance";
services.thermald.enable = true;
fileSystems."/" =
{ device = "/dev/disk/by-uuid/41b254d6-96aa-4498-91d3-939f1722fff1";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-759bd464-2cda-4c25-b7c0-800d4265314b".device = "/dev/disk/by-uuid/759bd464-2cda-4c25-b7c0-800d4265314b";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/3212-E58F";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

104
hosts/zenith/home.nix Normal file
View file

@ -0,0 +1,104 @@
{ config, lib, pkgs, pkgs-stable, ... }:
{
config = {
userSettings = {
# setup
shell = {
enable = true;
apps.enable = true;
};
xdg.enable = true;
# programs
browser = "brave";
editor = "emacs";
vscodium.enable = true;
yazi.enable = true;
git.enable = true;
engineering.enable = true;
art.enable = true;
flatpak.enable = false;
godot.enable = true;
keepass.enable = true;
media.enable = true;
music.enable = true;
office.enable = true;
recording.enable = true;
remote.enable = true;
virtualization = {
virtualMachines.enable = true;
};
# wm
hyprland.enable = true;
# style
stylix.enable = true;
# hardware
bluetooth.enable = true;
};
home.packages = with pkgs; [
openldap ldapvi rclone teams-for-linux rpi-imager freerdp pkgs-stable.tigervnc unixtools.xxd
];
home.sessionVariables = lib.mkIf config.userSettings.hyprland.enable {
AQ_DRM_DEVICES = lib.mkForce "/dev/dri/card1";
};
wayland.windowManager.hyprland = lib.mkIf config.userSettings.hyprland.enable {
settings = {
animations = {
enabled = lib.mkForce "no";
};
decoration = {
shadow.enabled = lib.mkForce false;
blur = {
size = lib.mkForce 10;
passes = lib.mkForce 1;
};
};
monitor = [
"eDP-1,1920x1200,1536x0,1.25"
"HDMI-A-1,1920x1080,0x0,1.25"
];
};
};
services.fnott.settings = {
main = {
output = "eDP-1"; # notifications only on main display
};
};
services.nextcloud-client = {
enable = lib.mkForce false;
startInBackground = lib.mkForce false;
};
home.file.".config/hypr/hypridle.conf".text = lib.mkForce ''
general {
lock_cmd = pgrep hyprlock || hyprlock
before_sleep_cmd = loginctl lock-session
ignore_dbus_inhibit = false
}
listener {
timeout = 3000 # in seconds
on-timeout = loginctl lock-session
}
listener {
timeout = 3015 # in seconds
on-timeout = systemctl suspend
on-resume = hyprctl dispatch dpms on
}
'';
};
}

187
install.org
View file

@ -3,102 +3,14 @@
These are just some simple install notes for myself (in-case I have to reinstall unexpectedly). You could also use these to try out my config in a VM.
** Automated Install Script (Experimental)
*** Install Directly From Git
I wrote a quick automated install script at [[./install.sh][install.sh]]. It essentially just runs [[Manual Install Procedure][the manual install steps]] and additionally hardens the security of the system-level (root configuration) files using [[./harden.sh][harden.sh]].
I'll eventually™ add the ability to supply arguments to this script as well.
The quickest way to install is running the install script directly from the remote git repo using =nix run=, which is essentially just one of the following:
#+BEGIN_SRC sh :noeval
# Install from gitlab
nix run gitlab:librephoenix/nixos-config
# Or install from github
nix run github:librephoenix/nixos-config
# Or install from codeberg
nix run git+https://codeberg.org/librephoenix/nixos-config
#+END_SRC
This will install the dotfiles to =~/.dotfiles=, but if you'd like to install to a custom directory, just supply it as a positional argument, i.e:
#+BEGIN_SRC sh :noeval
# Install from gitlab
nix run gitlab:librephoenix/nixos-config -- /your/custom/directory
#+END_SRC
The script will ask for sudo permissions at certain points, /but you should not run the script as root/.
If the above =nix run= command gives you an error, odds are you either don't have =git= installed, or you haven't enabled the experimental features in your Nix config (=nix-command= and =flakes=). To get the command to install properly, you can first enter a shell with =git= available using:
#+begin_src sh :noeval
nix-shell -p git
#+end_src
and then running:
#+BEGIN_SRC sh :noeval
nix run --experimental-features 'nix-command flakes' gitlab:librephoenix/nixos-config
#+END_SRC
And if you want a single copy-paste solution:
#+begin_src sh :noeval
nix-shell -p git --command "nix run --experimental-features 'nix-command flakes' gitlab:librephoenix/nixos-config"
#+end_src
This /should/ still work with a custom dotfiles directory too, i.e:
#+begin_src sh :noeval
nix-shell -p git --command "nix run --experimental-features 'nix-command flakes' gitlab:librephoenix/nixos-config -- /your/custom/directory"
#+end_src
At a certain point in the install script it will open =nano= (or whatever your $EDITOR is set to) and ask you to edit the =flake.nix=. You can edit as much or as little of the config variables as you like, and it will continue the install after you exit the editor.
Potential Errors: I've only tested it working on UEFI with the default EFI mount point of =/boot=. I've added experimental legacy (BIOS) boot support, but it does rely on a quick and dirty script to find the grub device. If you are testing it using some weird boot configuration for whatever reason, try modifying =bootMountPath= (UEFI) or =grubDevice= (legacy BIOS) in =flake.nix= before install, or else it will complain about not being able to install the bootloader.
Note: If you're installing this to a VM, Hyprland won't work unless 3D acceleration is enabled.
Disclaimer: If you install my =homelab= or =worklab= profiles /CHANGE THE PUBLIC SSH KEYS UNLESS YOU WANT ME TO BE ABLE TO SSH INTO YOUR SERVER. YOU CAN CHANGE OR REMOVE THE SSH KEY IN THE RELEVANT CONFIGURATION.NIX/:
- [[./profiles/homelab/configuration.nix][configuration.nix]] for homelab profile
- [[./profiles/worklab/configuration.nix][configuration.nix]] for worklab profile
*** Install From Local Git Clone
The dotfiles can be installed after cloning the repo into =~/.dotfiles= using:
#+BEGIN_SRC sh :noeval
git clone https://gitlab.com/librephoenix/nixos-config.git ~/.dotfiles
~/.dotfiles/install.sh
#+END_SRC
or with a custom directory:
#+BEGIN_SRC sh :noeval
git clone https://gitlab.com/librephoenix/nixos-config.git /your/custom/directory
/your/custom/directory/install.sh
#+END_SRC
If you install to a custom directory, make sure to edit the =userSettings.dotfilesDir= in the [[./flake.nix][flake.nix]], or else my [[./system/bin/phoenix.nix][phoenix wrapper script]] won't work.
At a certain point in the install script it will open =nano= (or whatever your =$EDITOR= is set to) and ask you to edit the =flake.nix=. You can edit as much or as little of the config variables as you like, and it will continue the install after you exit the editor.
Potential Errors: I mainly only test this on UEFI, but I've added experimental legacy (BIOS) boot support. Keep in mind, it does rely on a quick and dirty script to find the grub device. If you are testing it using some weird boot configuration for whatever reason, try modifying =bootMountPath= (UEFI) or =grubDevice= (legacy BIOS) in =flake.nix= before install, or else it will complain about not being able to install the bootloader.
Note: If you're installing this to a VM, Hyprland won't work unless 3D acceleration is enabled.
Disclaimer: If you install my =homelab= or =worklab= profiles /CHANGE THE PUBLIC SSH KEYS UNLESS YOU WANT ME TO BE ABLE TO SSH INTO YOUR SERVER. YOU CAN CHANGE OR REMOVE THE SSH KEY IN THE RELEVANT CONFIGURATION.NIX/:
- [[./profiles/homelab/configuration.nix][configuration.nix]] for homelab profile
- [[./profiles/worklab/configuration.nix][configuration.nix]] for worklab profile
*** Automatic Install Script Limitations
At this time, this only works on an existing NixOS install. It also only works if the dotfiles are cloned into =~/.dotfiles=. It also only works on UEFI, not on BIOS :(
Future upgrade plans:
- [ ] Be able to install directly from NixOS iso
- [ ] Be able to install just home-manager config to a non-NixOS Linux distro
- [ ] Be able to detect EFI mount point for systemd-boot?
- [X] +Be able to detect UEFI or BIOS and switch config as needed+
- [ ] ??? (open up an issue if you think there is anything else I should try to figure out)
** Manual Install Procedure
If you instead want to install this manually to see all the steps (kind of like an Arch install before the archinstall script existed), you can follow this following procedure:
Currently, the only supported install method is installing manually. This way yuo can see all the steps (kind of like an Arch install before the archinstall script existed), you can follow this following procedure:
*** Clone Repo and Modify Configuration
Start by cloning the repo:
Start by cloning the repo to =/etc/nixos=:
#+BEGIN_SRC sh :noeval
git clone https://gitlab.com/librephoenix/nixos-config.git ~/.dotfiles
sudo mv /etc/nixos /etc/nixos.bkp
git clone https://gitlab.com/librephoenix/nixos-config.git /etc/nixos
#+END_SRC
Any custom directory should also work:
@ -106,50 +18,32 @@ Any custom directory should also work:
git clone https://gitlab.com/librephoenix/nixos-config.git /your/custom/directory
#+END_SRC
If you install to a custom directory, make sure to edit the =userSettings.dotfilesDir= in the beginning [[./flake.nix][flake.nix]], or else my [[./system/bin/phoenix.nix][phoenix wrapper script]] won't work.
If you install to a custom directory, make sure to edit =systemSettings.dotfilesDir= in the system configuration, or else the [[./system/bin/phoenix.nix][phoenix wrapper script]] won't work.
#+BEGIN_SRC nix :noeval
...
let
...
# ----- USER SETTINGS ----- #
dotfilesDir = "/your/custom/directory"; # username
...
# somewhere in system-level config:
{ config, lib, pkgs, ...}:
{
systemSettings.dotfilesDir = "/your/custom/directory";
}
#+END_SRC
To get the hardware configuration on a new system, either copy from =/etc/nixos/hardware-configuration.nix= or run:
To configure a new system, navigate to the [[./hosts][hosts]] directory and copy the [[./hosts/TEMPLATE][TEMPLATE]] directory. Name the copy whatever you want the new hostname to be (needs to match the hostname exactly).
Next, configure the resulting =configuration.nix= and =home.nix= with the available options. Make sure to change all references to =USERNAME=, =NAME= and =EMAIL= for your desired user(s).
Next, you must copy or generate the new system's hardware-config into your specific host's =hardware-configuration.nix=. To get the hardware configuration on a new system, either copy from =/etc/nixos.bkp/hardware-configuration.nix= or run:
#+BEGIN_SRC sh :noeval
sudo nixos-generate-config --show-hardware-config > ~/.dotfiles/system/hardware-configuration.nix
sudo nixos-generate-config --show-hardware-config > /etc/nixos/hosts/YOURHOSTNAMEHERE/hardware-configuration.nix
#+END_SRC
Also, if you have a differently named user account than my default (=emmet=), you /must/ update the following lines in the let binding near the top of the [[./flake.nix][flake.nix]]:
#+BEGIN_SRC nix :noeval
...
let
...
# ----- USER SETTINGS ----- #
username = "YOURUSERNAME"; # username
name = "YOURNAME"; # name/identifier
...
#+END_SRC
There are many more config options there that you may also want to change as well.
The build will fail if you are booting from BIOS instead of UEFI, unless change some of the system settings of the flake. Change =bootMode= to "bios" and set the =grubDevice= appropriately for your system (i.e. =/dev/vda= or =/dev/sda=).
#+begin_src nix :noeval
...
let
# ---- SYSTEM SETTINGS ---- #
...
bootMode = "bios"; # uefi or bios
grubDevice = "/dev/vda"; # device identifier for grub; find this by running lsblk
...
#+end_src
Note: If you're installing this to a VM, Hyprland won't work unless 3D acceleration is enabled.
Disclaimer: If you install my =homelab= or =worklab= profiles /CHANGE THE PUBLIC SSH KEYS UNLESS YOU WANT ME TO BE ABLE TO SSH INTO YOUR SERVER. YOU CAN CHANGE OR REMOVE THE SSH KEY IN THE RELEVANT CONFIGURATION.NIX/:
- [[./profiles/homelab/configuration.nix][configuration.nix]] for homelab profile
- [[./profiles/worklab/configuration.nix][configuration.nix]] for worklab profile
Disclaimer: If you copy my =ori= host config to setup a sever with NixOS, /MAKE SURE YOU CHANGE OR REMOVE THE PUBLIC SSH KEYS UNLESS YOU WANT ME TO BE ABLE TO SSH INTO YOUR SERVER. YOU CAN CHANGE OR REMOVE THE SSH KEY IN THE RELEVANT CONFIGURATION.NIX/ (see [[./hosts/ori/configuration.nix][configuration.nix]]).
*** Clone and Setup Secrets Config Repo
Clone and setup the =/etc/nixos.secrets= directory using my template [[https://gitlab.com/librephoenix/nixos-secrets-template][repo]]. Intructions on how to set it up can be found in that repository. This will allow you to track your main config to a public repo, without exposing /all/ of your configuration options publically.
If you'd rather not set that up, you can just delete all references to the =secrets= input in the =flake.nix= and it will stop complaining about the input not being found!
*** Rebuild and Switch System Config
Once the variables are set, then switch into the system configuration by running:
@ -161,42 +55,17 @@ or for your own custom directory:
sudo nixos-rebuild switch --flake /your/custom/directory#system
#+END_SRC
*** Intall and Switch Home Manager Config
Home manager can be installed and the configuration activated with:
Subsequent rebuilds can now use my =phoenix= wrapper script to rebuild:
#+BEGIN_SRC sh :noeval
nix run home-manager/master -- switch --flake ~/.dotfiles#user
#+END_SRC
or for your own custom directory:
#+BEGIN_SRC sh :noeval
nix run home-manager/master -- switch --flake /your/custom/directory#user
phoenix sync
#+END_SRC
** FAQ
*** =home-manager switch --flake .#user= Command Fails
If it fails with something to the effect of "could not download {some image file}" then that just means that one of my themes is having trouble downloading the background image. To conserve on space in the repo, my themes download the relevant wallpapers directly from their source, but that also means that if the link is broken, =home-manager switch= fails.
I have included a script in the [[./themes][themes directory]] named [[./themes/background-test.sh][background-test.sh]] which performs a rough test on every theme background url, reporting which are broken.
If you're having this error, navigate to the [[./flake.nix][flake.nix]] and select any theme with a good background wallpaper link. As long as it is able to download the new wallpaper, it should be able to build.
*** Do I have to put the configuration files in =~/.dotfiles=?
No. You can put them in literally any directory you want. I just prefer to use =~/.dotfiles= as a convention. If you change the directory, do keep in mind that the above scripts must be modified, replacing =~/.dotfiles= with whatever directory you want to install them to. Also, you may want to modify the =dotfilesDir= variable in =flake.nix=.
*** So I cloned these dotfiles into ~/.dotfiles, and now there are system-level files owned by my user account.. HOW IS THIS SECURE?!
If you're worried about someone modifying your system-level (root configuration) files as your unpriveleged user, see [[./harden.sh][harden.sh]].
*** I installed this to a VM and when I log in, it crashes and sends me back to the login manager (SDDM)?
Enable 3D acceleration for your virtual machine. Hyprland doesn't work without it.
*** It fails installing with some weird errors about grub or a bootloader?
It will 100% fail if you test it with a non-default boot configuration. It might even give this error otherwise! If this is the case, try modifying =bootMountPath= (UEFI) or =grubDevice= (legacy BIOS) in =flake.nix= before installing again.
*** It's complaining about not finding an input called secrets?
Either setup the =/etc/nixos.secrets= directory using my template [[https://gitlab.com/librephoenix/nixos-secrets-template][repo]] or delete all references to the =secrets= input in the =flake.nix=!
*** The install seems to work, but when I login, I'm missing a lot of stuff (partial install)
This can happen if you run the autoinstall script on a system that already has a desktop environment, or if any other (non-Nix-store-symlink) config files are in the way of the config files generated by home-manager. In these cases, home-manager refuses to build anything, even if there's just one file in the way. If you try running =nix run home-manager/master -- switch --flake ~/.dotfiles#user=, it should throw an error at the end with something like:
#+begin_example
Existing file '/home/user/.gtkrc-2.0' is in the way of '/nix/store/6p3hzdbzhad8ra5j1qf4b2b3hs6as6sf-home-manager-files/.gtkrc-2.0'
Existing file '/home/user/.config/Trolltech.conf' is in the way of '/nix/store/6p3hzdbzhad8ra5j1qf4b2b3hs6as6sf-home-manager-files/.config/Trolltech.conf'
Existing file '/home/user/.config/user-dirs.conf' is in the way of '/nix/store/6p3hzdbzhad8ra5j1qf4b2b3hs6as6sf-home-manager-files/.config/user-dirs.conf'
...
#+end_example
The current solution to this is to delete or move the files mentioned so that home-manager can evaluate. Once the files are out of the way, just run =nix run home-manager/master -- switch --flake ~/.dotfiles#user= again and it should work!
*** You used to have an auto-install script! Where did it go?
My old [[https://www.youtube.com/watch?v=Dm11dcJ0vWY][auto-install script]] was kind of cool, but I found it wasn't really stable (even for me). I'll probably revisit this at some point (looking at you [[https://github.com/nix-community/nixos-anywhere][nixos-everywhere]] and [[https://github.com/nix-community/disko][disko]]).

45
install.sh
View file

@ -1,45 +0,0 @@
#!/bin/sh
# Automated script to install my dotfiles
# Clone dotfiles
if [ $# -gt 0 ]
then
SCRIPT_DIR=$1
else
SCRIPT_DIR=~/.dotfiles
fi
nix-shell -p git --command "git clone https://gitlab.com/librephoenix/nixos-config $SCRIPT_DIR"
# Generate hardware config for new system
sudo nixos-generate-config --show-hardware-config > $SCRIPT_DIR/system/hardware-configuration.nix
# Check if uefi or bios
if [ -d /sys/firmware/efi/efivars ]; then
sed -i "0,/bootMode.*=.*\".*\";/s//bootMode = \"uefi\";/" $SCRIPT_DIR/flake.nix
else
sed -i "0,/bootMode.*=.*\".*\";/s//bootMode = \"bios\";/" $SCRIPT_DIR/flake.nix
grubDevice=$(findmnt / | awk -F' ' '{ print $2 }' | sed 's/\[.*\]//g' | tail -n 1 | lsblk -no pkname | tail -n 1 )
sed -i "0,/grubDevice.*=.*\".*\";/s//grubDevice = \"\/dev\/$grubDevice\";/" $SCRIPT_DIR/flake.nix
fi
# Patch flake.nix with different username/name and remove email by default
sed -i "0,/emmet/s//$(whoami)/" $SCRIPT_DIR/flake.nix
sed -i "0,/Emmet/s//$(getent passwd $(whoami) | cut -d ':' -f 5 | cut -d ',' -f 1)/" $SCRIPT_DIR/flake.nix
sed -i "s/emmet@librephoenix.com//" $SCRIPT_DIR/flake.nix
sed -i "s+~/.dotfiles+$SCRIPT_DIR+g" $SCRIPT_DIR/flake.nix
# Open up editor to manually edit flake.nix before install
if [ -z "$EDITOR" ]; then
EDITOR=nano;
fi
$EDITOR $SCRIPT_DIR/flake.nix;
# Permissions for files that should be owned by root
sudo $SCRIPT_DIR/harden.sh $SCRIPT_DIR;
# Rebuild system
sudo nixos-rebuild switch --flake $SCRIPT_DIR#system;
# Install and build home-manager configuration
nix run home-manager/master --extra-experimental-features nix-command --extra-experimental-features flakes -- switch --flake $SCRIPT_DIR#user;

14
modules/system/README.org Normal file
View file

@ -0,0 +1,14 @@
#+title: System-level Nix Modules
#+author: Emmet
Separate Nix files can be imported as modules using an import block:
#+BEGIN_SRC nix
imports = [ import1.nix
import2.nix
...
];
#+END_SRC
Modules in this directory are used are system-level (root) configurations.
# TODO add list of all options

18
modules/system/bluetooth/default.nix Normal file
View file

@ -0,0 +1,18 @@
{ lib, config, ... }:
let
cfg = config.systemSettings.bluetooth;
in {
options = {
systemSettings.bluetooth = {
enable = lib.mkEnableOption "Enable bluetooth";
};
};
config = lib.mkIf cfg.enable {
hardware.bluetooth = {
enable = true;
};
services.blueman.enable = true;
};
}

40
modules/system/brave-policy/default.nix Normal file
View file

@ -0,0 +1,40 @@
{ config, lib, pkgs, ...}:
let
cfg = config.systemSettings.brave;
in
{
options = {
systemSettings.brave = {
enable = lib.mkEnableOption "Enable brave group policies";
};
};
config = lib.mkIf cfg.enable {
environment.etc."/brave/policies/managed/GroupPolicy.json".text = ''
{
"BrowserSignin": 0,
"PasswordManagerEnabled": false,
"SpellcheckEnabled": true,
"SpellcheckLanguage": [
"en-US"
],
"TorDisabled": true,
"BraveRewardsDisabled": true,
"BraveWalletDisabled": true,
"BraveVPNDisabled": true,
"BraveAIChatEnabled": false,
"BraveNewsDisabled": true,
"BraveTalkDisabled": true,
"BraveSpeedreaderEnabled": false,
"BraveP3AEnabled": false,
"BraveStatsPingEnabled": false,
"BraveWebDiscoveryEnabled": false,
"BraveSyncUrl": "https://sync-v2.brave.com/v2",
"DefaultSearchProviderAlternateURLS": [
"https://search.nixos.org/packages?channel=unstable&query={searchTerms}"
]
}
'';
};
}

92
modules/system/configuration.nix Normal file
View file

@ -0,0 +1,92 @@
{ config, lib, pkgs, ... }:
{
config = {
# Packages
environment.systemPackages = with pkgs; [ git ];
# Journal
services.journald.extraConfig = "SystemMaxUse=50M\nSystemMaxFiles=5";
services.journald.rateLimitBurst = 500;
services.journald.rateLimitInterval = "30s";
# Locale and TZ
time.timeZone = "America/Chicago";
services.timesyncd.enable = true;
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = config.i18n.defaultLocale;
LC_IDENTIFICATION = config.i18n.defaultLocale;
LC_MEASUREMENT = config.i18n.defaultLocale;
LC_MONETARY = config.i18n.defaultLocale;
LC_NAME = config.i18n.defaultLocale;
LC_NUMERIC = config.i18n.defaultLocale;
LC_PAPER = config.i18n.defaultLocale;
LC_TELEPHONE = config.i18n.defaultLocale;
LC_TIME = config.i18n.defaultLocale;
};
# Use zsh
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh ];
users.defaultUserShell = pkgs.zsh;
# Fix nix path
nix.nixPath = [ "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos"
"nixos-config=$HOME/dotfiles/system/configuration.nix"
"/nix/var/nix/profiles/per-user/root/channels"
];
# Ensure nix flakes are enabled
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
# Substituters
nix.settings = {
substituters = [
"https://cache.nixos.org"
"https://nix-community.cachix.org"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
};
# wheel group gets trusted access to nix daemon
nix.settings.trusted-users = [ "@wheel" ];
# Bootloader
# Use systemd-boot if uefi, default to grub otherwise
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.editor = false;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot";
# Silent Boot
# https://wiki.archlinux.org/title/Silent_boot
boot.kernelParams = [
"quiet"
"splash"
"vga=current"
"rd.systemd.show_status=false"
"rd.udev.log_level=3"
"udev.log_priority=3"
];
boot.initrd.systemd.enable = true;
boot.initrd.verbose = false;
boot.plymouth.enable = true;
# Networking
networking.networkmanager.enable = true; # Use networkmanager
# Remove bloat
programs.nano.enable = lib.mkForce false;
# Localsend is helpful for setting up new systems or quickly transferring files
programs.localsend.enable = true;
programs.localsend.openFirewall = true;
};
}

29
modules/system/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ lib, ... }:
with lib;
let
# Recursively constructs an attrset of a given folder, recursing on directories, value of attrs is the filetype
getDir = dir: mapAttrs
(file: type:
if type == "directory" then getDir "${dir}/${file}" else type
)
(builtins.readDir dir);
# Collects all files of a directory as a list of strings of paths
files = dir: collect isString (mapAttrsRecursive (path: type: concatStringsSep "/" path) (getDir dir));
# Filters out directories that don't end with .nix or are this file, also makes the strings absolute
importAll = dir: map
(file: ./. + "/${file}")
(filter
(file: hasSuffix ".nix" file && file != "default.nix" &&
! lib.hasPrefix "x/taffybar/" file &&
! lib.hasSuffix "-hm.nix" file)
(files dir));
in
{
imports = importAll ./.;
}

16
modules/system/flatpak/default.nix Normal file
View file

@ -0,0 +1,16 @@
{ lib, config, ... }:
let
cfg = config.systemSettings.flatpak;
in {
options = {
systemSettings.flatpak = {
enable = lib.mkEnableOption "Enable flatpaks";
};
};
config = lib.mkIf cfg.enable {
services.flatpak.enable = true;
xdg.portal.enable = true;
};
}

146
modules/system/gaming/default.nix Normal file
View file

@ -0,0 +1,146 @@
{ lib, config, pkgs, inputs, ... }:
let
cfg = config.systemSettings.gaming;
in {
options = {
systemSettings.gaming = {
enable = lib.mkEnableOption "Enable Steam and games";
};
};
config = lib.mkIf cfg.enable {
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "steam" "steam-unwrapped" "steam-jupiter-unwrapped" "steamdeck-hw-theme" "xow_dongle-firmware" ];
nixpkgs.config.packageOverrides = pkgs: {
steam = pkgs.steam.override {
extraPkgs = pkgs: with pkgs; [
xorg.libXcursor
xorg.libXi
xorg.libXinerama
xorg.libXScrnSaver
libpng
libpulseaudio
libvorbis
stdenv.cc.cc.lib
libkrb5
keyutils
gamemode
];
};
};
hardware.opengl.driSupport32Bit = true;
programs.steam = {
enable = true;
extest.enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
localNetworkGameTransfers.openFirewall = true;
extraPackages = with pkgs; [
xorg.libXcursor
xorg.libXi
xorg.libXinerama
xorg.libXScrnSaver
libpng
libpulseaudio
libvorbis
stdenv.cc.cc.lib
libkrb5
keyutils
];
};
environment.systemPackages = with pkgs;
[ steam
gamemode
prismlauncher
inotify-tools
protonup-qt
(pkgs.writeScriptBin "steamgrab" ''chown -R $(pgrep -nf steam | xargs -r ps -o uname= -p):steam /opt/Steam;'')
(pkgs.writeScriptBin "steamos-session-select" ''
#!/bin/sh
steam -shutdown
'')
];
programs.gamemode.enable = true;
programs.gamescope.enable = true;
programs.gamescope.capSysNice = false;
programs.steam.gamescopeSession = {
enable = true;
env = {
WLR_RENDERER = "vulkan";
DXVK_HDR = "1";
ENABLE_GAMESCOPE_WSI = "1";
ENABLE_HDR_WSI = "1";
WINE_FULLSCREEN_FSR = "1";
# Games allegedly prefer X11
#SDL_VIDEODRIVER = "x11";
};
args = [
"--xwayland-count 1"
#"--expose-wayland"
"-e" # Enable steam integration
"--adaptive-sync"
"--hdr-enabled"
"--hdr-itm-enable"
# External monitor
"--fullscreen"
"--prefer-output eDP-1"
"--output-width 1920"
"--output-height 1080"
"--nested-width 1920"
"--nested-height 1080"
"--prefer-vk-device 1002:1638" # lspci -nn | grep VGA
];
};
chaotic.hdr.enable = true;
systemSettings.bluetooth.enable = true;
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings.General = {
experimental = true;
Privacy = "device";
JustWorksRepairing = "always";
Class = "0x000100";
FastConnectable = true;
};
};
# FIXME https://github.com/NixOS/nixpkgs/issues/378447
hardware.xone.enable = true;
#hardware.xpadneo.enable = true;
boot = {
# FIXME https://github.com/NixOS/nixpkgs/issues/378447
extraModulePackages = with config.boot.kernelPackages; [ xone ];
#extraModulePackages = with config.boot.kernelPackages; [ xpadneo ];
extraModprobeConfig = ''
options bluetooth disable_ertm=Y
'';
};
users.groups = {
steam = {
members = config.systemSettings.users;
};
};
systemd.services.steamshare = {
enable = true;
unitConfig = {
Type = "exec";
};
serviceConfig = {
ExecStart = [ ''/run/current-system/sw/bin/chmod -R 777 /opt/Steam;'' ''/run/current-system/sw/bin/inotifywait -mr -e close_write,create,moved_to,modify /opt/Steam | while /run/current-system/sw/bin/read path file; do /run/current-system/sw/bin/chmod 777 $path/$file; done;'' ];
};
wantedBy = [ "graphical.target" ];
};
services.cron = {
enable = true;
systemCronJobs = [
"*/1 * * * * steamgrab"
];
};
networking.firewall.allowedTCPPorts = [ 24872 ];
networking.firewall.allowedUDPPorts = [ 24872 ];
};
}

68
modules/system/gnome/default.nix Normal file
View file

@ -0,0 +1,68 @@
{ inputs, pkgs, config, lib, ... }:
let
cfg = config.systemSettings.gnome;
in
{
options = {
systemSettings.gnome = {
enable = lib.mkEnableOption "Enable gnome";
};
};
config = lib.mkIf cfg.enable {
services.xserver.enable = true;
services.xserver.desktopManager.gnome.enable = true;
environment.gnome.excludePackages = with pkgs; [
orca
evince
# file-roller
geary
gnome-disk-utility
# seahorse
# sushi
# sysprof
#
# gnome-shell-extensions
#
# adwaita-icon-theme
# nixos-background-info
gnome-backgrounds
# gnome-bluetooth
# gnome-color-manager
# gnome-control-center
# gnome-shell-extensions
gnome-tour # GNOME Shell detects the .desktop file on first log-in.
gnome-user-docs
# glib # for gsettings program
# gnome-menus
# gtk3.out # for gtk-launch program
# xdg-user-dirs # Update user dirs as described in https://freedesktop.org/wiki/Software/xdg-user-dirs/
# xdg-user-dirs-gtk # Used to create the default bookmarks
#
baobab
epiphany
gnome-text-editor
gnome-calculator
gnome-calendar
gnome-characters
# gnome-clocks
gnome-console
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
# gnome-system-monitor
gnome-weather
# loupe
# nautilus
gnome-connections
simple-scan
snapshot
totem
yelp
gnome-software
];
};
}

143
modules/system/hyprland/default.nix Normal file
View file

@ -0,0 +1,143 @@
{ inputs, pkgs, pkgs-stable, config, lib, ... }:
let
cfg = config.systemSettings.hyprland;
in
{
options = {
systemSettings.hyprland = {
enable = lib.mkEnableOption "Enable hyprland";
};
};
config = lib.mkIf cfg.enable {
# Power key should not shut off computer by defaultPower key shuts of
services.logind.powerKey = "suspend";
# Hyprland
programs = {
hyprland = {
enable = true;
package = inputs.hyprland.packages.${pkgs.system}.hyprland;
xwayland = {
enable = true;
};
portalPackage = pkgs.xdg-desktop-portal-hyprland;
};
};
# Necessary packages
environment.systemPackages = with pkgs; [
jq
(sddm-astronaut.override {
themeConfig = {
# TODO Update Theme Config
# https://github.com/Keyitdev/sddm-astronaut-theme/blob/master/Themes/astronaut.conf
background = config.stylix.image;
ScreenWidth = 1920;
ScreenHeight = 1080;
blur = false;
};
})
];
# Display manager
services.xserver.displayManager.sddm = {
enable = true;
wayland.enable = true;
enableHidpi = true;
theme = "sddm-astronaut-theme";
package = pkgs.kdePackages.sddm;
extraPackages = with pkgs; [
(sddm-astronaut.override {
themeConfig = {
background = config.stylix.image;
ScreenWidth = 1920;
ScreenHeight = 1080;
blur = false;
};})];
};
services.upower.enable = true;
# Define systemd service to run on boot to load avatars for sddm
systemd.services."sddm-avatar" = {
description = "Service to copy or update users Avatars at startup.";
wantedBy = [ "multi-user.target" ];
before = [ "sddm.service" ];
script = ''
set -eu
mkdir -p /var/lib/AccountsService/icons
for user in /home/*; do
username=$(basename "$user")
if [ -f "$user/.face.icon" ]; then
if [ ! -f "/var/lib/AccountsService/icons/$username" ]; then
cp "$user/.face.icon" "/var/lib/AccountsService/icons/$username"
else
if [ "$user/.face.icon" -nt "/var/lib/AccountsService/icons/$username" ]; then
cp "$user/.face.icon" "/var/lib/AccountsService/icons/$username"
fi
fi
fi
done
'';
serviceConfig = {
Type = "simple";
User = "root";
StandardOutput = "journal+console";
StandardError = "journal+console";
};
};
# # Ensures SDDM starts after the service.
systemd.services.sddm = { after = [ "sddm-avatar.service" ]; };
# xwayland
services.xserver = {
enable = true;
xkb = {
layout = "us";
variant = "";
options = "caps:escape";
};
excludePackages = [ pkgs.xterm ];
};
# Keyring
security.pam.services.login.enableGnomeKeyring = true;
services.gnome.gnome-keyring.enable = true;
# Dbus
services.dbus = {
enable = true;
packages = [ pkgs.dconf ];
};
programs.dconf.enable = true;
# Pipewire
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
# Some fancy fonts
fonts.packages = with pkgs-stable; [
# Fonts
nerdfonts
powerline
];
# Auto rotate screen
programs.iio-hyprland = {
enable = true;
package = pkgs.iio-hyprland.overrideAttrs {
patches = [ ./iio-hyprland-hyprpaper.patch ];
};
};
};
}

12
modules/system/hyprland/iio-hyprland-hyprpaper.patch Normal file
View file

@ -0,0 +1,12 @@
diff --git a/main.c b/main.c
index 2e858dd..2cd43e8 100644
--- a/main.c
+++ b/main.c
@@ -123,6 +123,7 @@ void handle_orientation(enum Orientation orientation, const char* monitor_id) {
system_fmt("hyprctl --batch \"keyword monitor %s,transform,%d ; keyword input:touchdevice:transform %d ; keyword input:tablet:transform %d\"", output, orientation, orientation, orientation);
}
+ system_fmt("pkill hyprpaper; hyprpaper & disown;");
}
DBusMessage* request_orientation(DBusConnection* conn) {

32
modules/system/kernel/default.nix Normal file
View file

@ -0,0 +1,32 @@
{ config, lib, pkgs, ... }:
let
cfg = config.systemSettings.cachy;
in
{
options = {
systemSettings.cachy = {
enable = lib.mkEnableOption "Enable cachyos kernel";
variant = lib.mkOption {
default = null;
type = lib.types.nullOr (lib.types.enum ["lto" "server" "hardened"]);
description = ''
This option determines the CachyOS kernel variant to use.
'';
};
};
};
config = lib.mkIf cfg.enable {
boot.kernelPackages = lib.mkMerge [
(lib.mkIf (cfg.variant == null) pkgs.linuxPackages_cachyos)
(lib.mkIf (cfg.variant == "lto") pkgs.linuxPackages_cachyos-lto)
(lib.mkIf (cfg.variant == "server") pkgs.linuxPackages_cachyos-server)
(lib.mkIf (cfg.variant == "hardened") pkgs.linuxPackages_cachyos-hardened)
];
services.scx.enable = true;
services.scx.package = pkgs.scx.rustscheds;
services.scx.scheduler = "scx_lavd";
boot.consoleLogLevel = 0;
};
}

43
modules/system/nix/default.nix Normal file
View file

@ -0,0 +1,43 @@
{ config, lib, pkgs, inputs, ... }:
{
config = {
nix = {
package = pkgs.nix;
settings = {
substituters = [
"https://cache.nixos.org"
"https://hyprland.cachix.org"
"https://nix-community.cachix.org"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
trusted-users = config.systemSettings.adminUsers ++ [ "@wheel" ];
auto-optimise-store = true;
download-buffer-size = 500000000;
};
};
programs.nix-ld = {
enable = true;
#Include libstdc++ in the nix-ld profile
libraries = [
pkgs.stdenv.cc.cc
pkgs.zlib
pkgs.fuse3
pkgs.icu
pkgs.nss
pkgs.openssl
pkgs.curl
pkgs.expat
pkgs.xorg.libX11
pkgs.vulkan-headers
pkgs.vulkan-loader
pkgs.vulkan-tools
];
};
system.stateVersion = "22.11";
};
}

35
modules/system/overlays/ranger.nix Normal file
View file

@ -0,0 +1,35 @@
{ config, lib, pkgs, ... }:
{
config = {
nixpkgs.overlays = [
(self: super:
{
ranger = super.ranger.overrideAttrs (oldAttrs: rec {
preConfigure = ''
substituteInPlace ranger/__init__.py \
--replace "DEFAULT_PAGER = 'less'" "DEFAULT_PAGER = '${lib.getBin pkgs.bat}/bin/bat'"
# give image previews out of the box when building with w3m
substituteInPlace ranger/config/rc.conf \
--replace "set preview_images false" "set preview_images true"
# adds this patch: https://github.com/ranger/ranger/pull/1758
# fixes a bug for kitty users that use image previews
substituteInPlace ranger/ext/img_display.py \
--replace "self.image_id -= 1" "self.image_id = max(0, self.image_id - 1)"
# fixes the .desktop file
substituteInPlace doc/ranger.desktop \
--replace "Icon=utilities-terminal" "Icon=user-desktop"
substituteInPlace doc/ranger.desktop \
--replace "Terminal=true" "Terminal=false"
substituteInPlace doc/ranger.desktop \
--replace "Exec=ranger" "Exec=kitty -e ranger %U"
'';
});
}
)
];
};
}

178
modules/system/phoenix/default.nix Normal file
View file

@ -0,0 +1,178 @@
{ config, lib, pkgs, ... }:
{
options = {
systemSettings = {
dotfilesDir = lib.mkOption {
default = "/etc/nixos";
description = "Absolute path to the dotfiles directory";
type = lib.types.path;
};
secretsFlakeDir = lib.mkOption {
default = "/etc/nixos.secrets";
description = "Absolute path to my secrets flake";
type = lib.types.path;
};
systemBuilder.enable = lib.mkEnableOption "Enable automatic config updater and builder";
systemBuilder.buildCronExpression = lib.mkOption {
default = "Sat *-*-* 02:00:00"; # Sat morning at 2am
description = "Cron expression for when the system should auto build config";
type = lib.types.str;
};
};
};
config = {
environment.systemPackages = with pkgs; [
attic-client
git
nix-output-monitor
(pkgs.writeScriptBin "phoenix" ''
if [[ $EUID -ne 0 ]]; then
echo "Error: This script must be run as root" 1>&2
exit 1
fi
if [ "$1" = "sync" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'sync' command has no subcommands (no $2 subcommand)";
fi
chown -R 0:0 ${config.systemSettings.dotfilesDir};
chown -R 0:0 ${config.systemSettings.secretsFlakeDir};
pushd ${config.systemSettings.dotfilesDir} &> /dev/null;
systemd-inhibit --what sleep:idle:handle-lid-switch nixos-rebuild switch;
popd &> /dev/null;
exit 0;
elif [ "$1" = "update" ]; then
pushd ${config.systemSettings.dotfilesDir} &> /dev/null;
nix flake update "''${@:2}";
popd &> /dev/null;
#if [ "$#" -eq 1 ]; then
# pushd ${config.systemSettings.secretsFlakeDir} &> /dev/null;
# nix flake update;
# popd &> /dev/null;
#fi
exit 0;
elif [ "$1" = "pull" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'pull' command has no subcommands (no $2 subcommand)";
fi
chown -R $DOAS_USER:users ${config.systemSettings.dotfilesDir};
chown -R $DOAS_USER:users ${config.systemSettings.secretsFlakeDir};
pushd ${config.systemSettings.dotfilesDir} &> /dev/null;
sudo -u $DOAS_USER git stash;
sudo -u $DOAS_USER git pull;
sudo -u $DOAS_USER git stash apply;
popd &> /dev/null;
pushd ${config.systemSettings.secretsFlakeDir} &> /dev/null;
sudo -u $DOAS_USER git stash;
sudo -u $DOAS_USER git pull;
sudo -u $DOAS_USER git stash apply;
popd &> /dev/null;
chown -R 0:0 ${config.systemSettings.dotfilesDir};
chown -R 0:0 ${config.systemSettings.secretsFlakeDir};
exit 0;
# TODO allow specifying host with $2 in build subcommand
elif [ "$1" = "build" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'build' command has no subcommands (no $2 subcommand)";
fi
chown -R 0:0 ${config.systemSettings.dotfilesDir};
chown -R 0:0 ${config.systemSettings.secretsFlakeDir};
pushd ${config.systemSettings.dotfilesDir} &> /dev/null;
systemd-inhibit --what sleep:idle:handle-lid-switch nixos-rebuild build --flake .#snowfire;
systemd-inhibit --what sleep:idle:handle-lid-switch attic push emmet ./result;
systemd-inhibit --what sleep:idle:handle-lid-switch rm ./result;
systemd-inhibit --what sleep:idle:handle-lid-switch nixos-rebuild build --flake .#duskfall;
systemd-inhibit --what sleep:idle:handle-lid-switch attic push emmet ./result;
systemd-inhibit --what sleep:idle:handle-lid-switch rm ./result;
systemd-inhibit --what sleep:idle:handle-lid-switch nixos-rebuild build --flake .#zenith;
systemd-inhibit --what sleep:idle:handle-lid-switch attic push emmet ./result;
systemd-inhibit --what sleep:idle:handle-lid-switch rm ./result;
systemd-inhibit --what sleep:idle:handle-lid-switch nixos-rebuild build --flake .#stardust;
systemd-inhibit --what sleep:idle:handle-lid-switch attic push emmet ./result;
systemd-inhibit --what sleep:idle:handle-lid-switch rm ./result;
systemd-inhibit --what sleep:idle:handle-lid-switch nixos-rebuild build --flake .#ori;
systemd-inhibit --what sleep:idle:handle-lid-switch attic push emmet ./result;
systemd-inhibit --what sleep:idle:handle-lid-switch rm ./result;
exit 0;
elif [ "$1" = "lock" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'lock' command has no subcommands (no $2 subcommand)";
fi
chown -R 0:0 ${config.systemSettings.dotfilesDir};
chown -R 0:0 ${config.systemSettings.secretsFlakeDir};
exit 0;
elif [ "$1" = "unlock" ]; then
if [ "$#" -gt 1 ]; then
echo "Warning: The 'unlock' command has no subcommands (no $2 subcommand)";
fi
chown -R $DOAS_USER:users ${config.systemSettings.dotfilesDir};
chown -R $DOAS_USER:users ${config.systemSettings.secretsFlakeDir};
exit 0;
elif [ "$1" = "gc" ]; then
if [ "$#" -gt 2 ]; then
echo "Warning: The 'gc' command only accepts one argument (collect_older_than)";
fi
if [ "$2" = "full" ]; then
systemd-inhibit --what sleep:idle:handle-lid-switch nix-collect-garbage --delete-old;
elif [ "$2" ]; then
systemd-inhibit --what sleep:idle:handle-lid-switch nix-collect-garbage --delete-older-than $2;
else
systemd-inhibit --what sleep:idle:handle-lid-switch nix-collect-garbage --delete-older-than 30d;
fi
exit 0;
fi
'')
];
# FIXME this thing doesn't work at all
systemd.services."phoenix-system-builder" = lib.mkIf config.systemSettings.systemBuilder.enable {
path = with pkgs; [
openssh git nix nixos-rebuild
];
script = ''
set -euo pipefail
export NIX_PATH="nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix"
echo "navigating to /etc/nixos";
cd ${config.systemSettings.dotfilesDir};
echo "running git pull";
${pkgs.git}/bin/git pull;
echo "running nix flake update";
nix flake update;
${pkgs.git}/bin/git stage *;
${pkgs.git}/bin/git commit -m "Updated system" || true;
${pkgs.git}/bin/git push || true;
cd ${config.systemSettings.secretsFlakeDir};
${pkgs.git}/bin/git pull;
chown -R 0:0 ${config.systemSettings.dotfilesDir};
chown -R 0:0 ${config.systemSettings.secretsFlakeDir};
cd ${config.systemSettings.dotfilesDir};
${config.system.build.nixos-rebuild}/bin/nixos-rebuild build --flake .#snowfire;
${pkgs.attic-client}/bin/attic push emmet ./result;
rm ./result;
${config.system.build.nixos-rebuild}/bin/nixos-rebuild build --flake .#duskfall;
${pkgs.attic-client}/bin/attic push emmet ./result;
rm ./result;
${config.system.build.nixos-rebuild}/bin/nixos-rebuild build --flake .#zenith;
${pkgs.attic-client}/bin/attic push emmet ./result;
rm ./result;
${config.system.build.nixos-rebuild}/bin/nixos-rebuild build --flake .#stardust;
${pkgs.attic-client}/bin/attic push emmet ./result;
rm ./result;
${config.system.build.nixos-rebuild}/bin/nixos-rebuild build --flake .#ori;
${pkgs.attic-client}/bin/attic push emmet ./result;
rm ./result;
'';
serviceConfig = {
Type = "simple";
User = "root";
};
};
systemd.timers."phoenix-system-builder-auto" = lib.mkIf config.systemSettings.systemBuilder.enable {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = config.systemSettings.systemBuilder.buildCronExpression;
Unit = "phoenix-system-builder.service";
};
};
};
}

43
modules/system/plasma/default.nix Normal file
View file

@ -0,0 +1,43 @@
{ config, lib, pkgs, ...}:
let
cfg = config.systemSettings.plasma;
in {
options = {
systemSettings.plasma = {
enable = lib.mkEnableOption "Enable plasma";
};
};
config = lib.mkIf cfg.enable {
systemSettings.tlp.enable = lib.mkForce false;
services.xserver.enable = true;
services.xserver = {
layout = "us";
xkbVariant = "";
xkbOptions = "caps:escape";
};
services.xserver.displayManager.sddm.enable = true;
services.xserver.displayManager.sddm.wayland.enable = true;
services.xserver.desktopManager.plasma6.enable = true;
services.printing.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
environment.systemPackages = with pkgs; [
kdePackages.kate
kdePackages.dolphin
];
virtualisation.waydroid.enable = true;
services.avahi.nssmdns4 = true;
};
}

17
modules/system/powerprofiles/default.nix Normal file
View file

@ -0,0 +1,17 @@
{ config, lib, ... }:
let
cfg = config.systemSettings.powerprofiles;
in {
options = {
systemSettings.powerprofiles = {
enable = lib.mkEnableOption "Enable power profiles daemon";
};
};
config = lib.mkIf cfg.enable {
services.power-profiles-daemon = {
enable = true;
};
};
}

20
modules/system/printing/default.nix Normal file
View file

@ -0,0 +1,20 @@
{ pkgs, lib, config, ... }:
let
cfg = config.systemSettings.printing;
in {
options = {
systemSettings.printing = {
enable = lib.mkEnableOption "Enable printing";
};
};
config = lib.mkIf cfg.enable {
# Enable printing
services.printing.enable = true;
services.avahi.enable = true;
services.avahi.nssmdns4 = true;
services.avahi.openFirewall = true;
environment.systemPackages = [ pkgs.cups-filters ];
};
}

17
modules/system/security/automount/default.nix Normal file
View file

@ -0,0 +1,17 @@
{ config, lib, ... }:
let
cfg = config.systemSettings.security.automount;
in {
options = {
systemSettings.security.automount = {
enable = lib.mkEnableOption "Enable automount";
};
};
config = lib.mkIf cfg.enable {
services.devmon.enable = true;
services.gvfs.enable = true;
services.udisks2.enable = true;
};
}

25
modules/system/security/blocklist/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ config, lib, inputs, ... }:
let
allowedHosts = config.systemSettings.security.blocklist.allowedHosts;
hostsFileDeletions = builtins.genList (x: "0.0.0.0 " + (builtins.elemAt allowedHosts x)) (builtins.length allowedHosts);
blocklist = builtins.replaceStrings hostsFileDeletions (builtins.genList (x: "") (builtins.length hostsFileDeletions)) (builtins.readFile "${inputs.blocklist-hosts}/alternates/gambling-porn/hosts");
cfg = config.systemSettings.security.blocklist;
in {
options = {
systemSettings.security.blocklist = {
enable = lib.mkEnableOption "Enable basic host blocking for bad websites";
allowedHosts = lib.mkOption {
default = [ ];
description = "List of hosts to allow (remove from blocklist)";
type = lib.types.listOf lib.types.str;
};
};
};
config = lib.mkIf cfg.enable {
networking.extraHosts = ''
"${blocklist}"
'';
};
}

53
modules/system/security/doas/default.nix Normal file
View file

@ -0,0 +1,53 @@
{ config, lib, pkgs, ... }:
let
cfg = config.systemSettings.security.doas;
adminUsers = config.systemSettings.adminUsers;
in {
options = {
systemSettings.security.doas = {
enable = lib.mkEnableOption "Replace sudo with doas";
};
};
config = lib.mkIf cfg.enable {
# Doas instead of sudo
security.doas.enable = true;
security.sudo.enable = false;
security.doas.extraRules = [
{
users = adminUsers;
keepEnv = true;
persist = true;
}
{
users = adminUsers;
cmd = "phoenix";
noPass = true;
keepEnv = true;
}
{
users = adminUsers;
cmd = "nix";
noPass = true;
keepEnv = true;
}
{
users = adminUsers;
cmd = "nixos-rebuild";
noPass = true;
keepEnv = true;
}
{
users = adminUsers;
cmd = "nix-collect-garbage";
noPass = true;
keepEnv = true;
}
];
environment.systemPackages = [
pkgs.doas-sudo-shim
];
};
}

30
modules/system/security/firejail/default.nix Normal file
View file

@ -0,0 +1,30 @@
{ lib, config, pkgs, ... }:
let
cfg = config.systemSettings.security.firejail;
in {
options = {
systemSettings.security.firejail = {
enable = lib.mkEnableOption "Use firejail on some apps for extra security";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [ firejail ];
programs.firejail.enable = true;
programs.firejail.wrappedBinaries = {
#prismlauncher = {
# executable = "${pkgs.prismlauncher}/bin/prismlauncher";
# profile = ./firejail-profiles/prismlauncher.profile;
#};
#steam = {
# executable = "${pkgs.steam}/bin/steam";
# profile = "${pkgs.firejail}/etc/firejail/steam.profile";
#};
#steam-run = {
# executable = "${pkgs.steam}/bin/steam-run";
# profile = "${pkgs.firejail}/etc/firejail/steam.profile";
#};
};
};
}

0
system/security/firejail-profiles/prismlauncher.profile → modules/system/security/firejail/profiles/prismlauncher.profile
View file

22
modules/system/security/firewall/default.nix Normal file
View file

@ -0,0 +1,22 @@
{ config, lib, ... }:
let
cfg = config.systemSettings.security.firewall;
in {
options = {
systemSettings.security.firewall = {
# TODO make this more granular and better :|
enable = lib.mkEnableOption "Actvate firewall with ports open only for syncthing";
};
};
config = lib.mkIf cfg.enable {
# Firewall
networking.firewall.enable = true;
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 22000 21027 ]; # syncthing
networking.firewall.allowedUDPPorts = [ 22000 21027 ]; # syncthing
# Or disable the firewall altogether.
# networking.firewall.enable = false;
};
}

18
modules/system/security/gpg/default.nix Normal file
View file

@ -0,0 +1,18 @@
{ lib, config, ... }:
let
cfg = config.systemSettings.security.gpg;
in {
options = {
systemSettings.security.gpg = {
enable = lib.mkEnableOption "Enable gpg";
};
};
config = lib.mkIf cfg.enable {
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
}

16
modules/system/security/openvpn/default.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, lib, pkgs, ... }:
let
cfg = config.systemSettings.security.openvpn;
in {
options = {
systemSettings.security.openvpn = {
enable = lib.mkEnableOption "Enable openvpn";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.openvpn ];
environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn";
};
}

25
modules/system/security/sshd/default.nix Normal file
View file

@ -0,0 +1,25 @@
{ config, lib, ... }:
let
cfg = config.systemSettings.security.sshd;
in {
options = {
systemSettings.security.sshd = {
enable = lib.mkEnableOption "Enable incoming ssh connections";
};
};
config = lib.mkIf cfg.enable {
# Enable incoming ssh
services.openssh = {
enable = true;
openFirewall = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
};
# Don't forget to set:
# users.users.${username}.openssh.authorizedKeys.keys = "myAuthorizedKey";
};
}

58
modules/system/stylix/default.nix Normal file
View file

@ -0,0 +1,58 @@
{ lib, config, pkgs, inputs, ... }:
let
cfg = config.systemSettings.stylix;
theme = import (./. + "../../../themes"+("/"+config.systemSettings.stylix.theme));
in
{
options = {
systemSettings.stylix = {
enable = lib.mkEnableOption "Enable stylix theming";
};
systemSettings.stylix.theme = lib.mkOption {
default = "orichalcum";
type = lib.types.enum (builtins.attrNames (lib.filterAttrs (name: type: type == "directory") (builtins.readDir ../../themes)));
description = "Theme for stylix to use system wide. A list of themes can be found in the `themes` directory.";
};
};
imports = [ inputs.stylix.nixosModules.stylix ];
config = lib.mkIf cfg.enable {
stylix.enable = true;
stylix.autoEnable = false;
stylix.polarity = theme.polarity;
stylix.image = pkgs.fetchurl {
url = theme.backgroundUrl;
sha256 = theme.backgroundSha256;
};
stylix.base16Scheme = theme;
stylix.fonts = {
# TODO abstract fonts into an option
monospace = {
name = "FiraCode Nerd Font";
package = pkgs.nerd-fonts.fira-code;
};
serif = {
name = "FiraCode Nerd Font";
package = pkgs.nerd-fonts.fira-code;
};
sansSerif = {
name = "FiraCode Nerd Font";
package = pkgs.nerd-fonts.fira-code;
};
emoji = {
name = "Noto Color Emoji";
package = pkgs.noto-fonts-emoji-blob-bin;
};
};
stylix.targets.console.enable = true;
stylix.targets.chromium.enable = true;
environment.sessionVariables = {
#QT_QPA_PLATFORMTHEME = "qt5ct";
};
};
}

58
modules/system/tlp/default.nix Normal file
View file

@ -0,0 +1,58 @@
{ config, lib, ... }:
let
cfg = config.systemSettings.tlp;
in {
options = {
systemSettings.tlp = {
enable = lib.mkEnableOption "Enable tlp power management";
};
};
config = lib.mkIf cfg.enable {
services.tlp = {
enable = true;
settings = {
CPU_SCALING_GOVERNOR_ON_AC = "interactive";
CPU_SCALING_GOVERNOR_ON_BAT = "ondemand";
CPU_ENERGY_PERF_POLICY_ON_BAT = "balance";
CPU_ENERGY_PERF_POLICY_ON_AC = "balance_performance";
CPU_DRIVER_OPMODE_ON_AC = "active";
CPU_DRIVER_OPMODE_ON_BAT = "active";
WIFI_PWR_ON_AC = "on";
WIFI_PWR_ON_BAT = "on";
RUNTIME_PM_ON_AC = "auto";
RUNTIME_PM_ON_BAT = "auto";
CPU_MIN_PERF_ON_AC = 0;
CPU_MAX_PERF_ON_AC = 100;
CPU_MIN_PERF_ON_BAT = 0;
CPU_MAX_PERF_ON_BAT = 70;
CPU_BOOST_ON_AC = 1;
CPU_BOOST_ON_BAT = 0;
CPU_HWP_DYN_BOOST_ON_AC = 1;
CPU_HWP_DYN_BOOST_ON_BAT = 0;
START_CHARGE_THRESH_BAT0 = 75;
STOP_CHARGE_THRESH_BAT0 = 80;
MEM_SLEEP_ON_AC = "deep";
MEM_SLEEP_ON_BAT = "deep";
PLATFORM_PROFILE_ON_AC = "quiet";
PLATFORM_PROFILE_ON_BAT = "quiet";
RADEON_DPM_STATE_ON_AC = "performance";
RADEON_DPM_STATE_ON_BAT = "battery";
RADEON_POWER_PROFILE_ON_AC = "high";
RADEON_POWER_PROFILE_ON_BAT = "low";
INTEL_GPU_MIN_FREQ_ON_AC = 600;
INTEL_GPU_MIN_FREQ_ON_BAT = 600;
};
};
};
}

37
modules/system/users/default.nix Normal file
View file

@ -0,0 +1,37 @@
{ config, lib, inputs, ... }:
{
options = {
systemSettings = {
users = lib.mkOption {
description = "List of desktop users to create on the system";
type = lib.types.listOf lib.types.str;
};
adminUsers = lib.mkOption {
description = "List of desktop users to grant admin (sudo) access on the system";
type = lib.types.listOf lib.types.str;
};
};
};
config = {
users.users = builtins.listToAttrs
(map (user: {
name = user;
value = {
isNormalUser = true;
extraGroups = [ "networkmanager" "input" "dialout" "video" "render" ] ++ (lib.optionals (lib.any (x: x == user) config.systemSettings.adminUsers) [ "wheel" ]);
createHome = true;
};
}) config.systemSettings.users);
home-manager.users = builtins.listToAttrs
(map (user: {
name = user;
value = {
home.username = user;
home.homeDirectory = "/home/"+user;
};
}) config.systemSettings.users);
};
}

26
modules/system/virtualization/docker/default.nix Normal file
View file

@ -0,0 +1,26 @@
{ config, lib, pkgs, ... }:
let
cfg = config.systemSettings.virtualization.docker;
adminUsers = config.systemSettings.adminUsers;
in {
options = {
systemSettings.virtualization.docker = {
enable = lib.mkEnableOption "Enable docker";
};
};
config = {
virtualisation.docker = {
enable = true;
enableOnBoot = true;
autoPrune.enable = true;
};
users.users = builtins.listToAttrs (map (user: { name = user; value = { extraGroups = [ "docker" ];};}) adminUsers);
environment.systemPackages = with pkgs; [
docker
docker-compose
lazydocker
];
};
}

23
modules/system/virtualization/virtual-machines/default.nix Normal file
View file

@ -0,0 +1,23 @@
{ lib, config, pkgs, ... }:
let cfg = config.systemSettings.virtualization.virtualMachines;
in {
options = {
systemSettings.virtualization.virtualMachines = {
enable = lib.mkEnableOption "Enable qemu virtual machines, distrobox, and waydroid";
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = with pkgs; [ virt-manager distrobox ];
virtualisation.libvirtd = {
allowedBridges = [
"nm-bridge"
"virbr0"
];
enable = true;
qemu.runAsRoot = false;
};
virtualisation.waydroid.enable = true;
};
}

8
modules/themes/README.org Normal file
View file

@ -0,0 +1,8 @@
#+title: My Themes
#+author: Emmet
Inside this directory are all of my themes!
Each theme directory stores =default.nix= which is an attribute set containing all the necessary information including both colors and a background image link (which is automatically downloaded by my config).
Look at any of the directories here for more info!

0
themes/alph/README.org → modules/themes/alph/README.org
View file

25
modules/themes/alph/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Alph";
slug = "alph";
author = "LibrePhoenix (https://github.com/librephoenix)";
description = "Flagship light theme of the LibrePhoenix Channel";
polarity = "light";
backgroundUrl = "https://r4.wallpaperflare.com/wallpaper/132/401/75/painting-clouds-sky-landscape-wallpaper-57bfb2f40fd59f8acf4284a1e191c785.jpg";
backgroundSha256 = "sha256-ZM0X0IXsUwAgxdZileDOol8kBANxjW8oGrgha3OFjYE=";
base00 = "fbfbff";
base01 = "D8E4F4";
base02 = "BCCDE1";
base03 = "9FB4D1";
base04 = "667D9F";
base05 = "444452";
base06 = "333349";
base07 = "141229";
base08 = "AD0617";
base09 = "872626";
base0A = "AD6A06";
base0B = "06AD72";
base0C = "06A3AD";
base0D = "0A5D97";
base0E = "5B037A";
base0F = "87267C";
}

0
themes/ashes/README.org → modules/themes/ashes/README.org
View file

25
modules/themes/ashes/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Ashes";
slug = "ashes";
author = "Jannik Siebert (https://github.com/janniks)";
description = "Desaturated dark color scheme";
polarity = "dark";
backgroundUrl = "https://images.hdqwalls.com/wallpapers/anime-road-to-city-everlasting-summer-4k-ep.jpg";
backgroundSha256 = "sha256-ul7ecqPw9bSr+JRSd+3OlKwVfB+5378L7ObYydJDsgQ=";
base00 = "1C2023";
base01 = "393F45";
base02 = "565E65";
base03 = "747C84";
base04 = "ADB3BA";
base05 = "C7CCD1";
base06 = "DFE2E5";
base07 = "F3F4F5";
base08 = "C7AE95";
base09 = "C7C795";
base0A = "AEC795";
base0B = "95C7AE";
base0C = "95AEC7";
base0D = "AE95C7";
base0E = "C795AE";
base0F = "C79595";
}

0
themes/atelier-cave/README.org → modules/themes/atelier-cave/README.org
View file

25
modules/themes/atelier-cave/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Atelier Cave";
slug = "atelier-cave";
author = "Bram de Haan (http://atelierbramdehaan.nl)";
description = ''A cool-warm palette; not for the claustrophobic'';
polarity = "dark";
backgroundUrl = "https://images.hdqwalls.com/wallpapers/anime-girl-angel-ring-5k-7c.jpg";
backgroundUrlSha256 = "sha256-AVPJYFLEQr9x1V2yQLkMc1g7GqcBPJiKRFuj8MaKe5c=";
base00 = "19171c";
base01 = "26232a";
base02 = "585260";
base03 = "655f6d";
base04 = "7e7887";
base05 = "8b8792";
base06 = "e2dfe7";
base07 = "efecf4";
base08 = "be4678";
base09 = "aa573c";
base0A = "a06e3b";
base0B = "2a9292";
base0C = "398bc6";
base0D = "576ddb";
base0E = "955ae7";
base0F = "bf40bf";
}

0
themes/atelier-dune/README.org → modules/themes/atelier-dune/README.org
View file

25
modules/themes/atelier-dune/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Atelier Dune";
slug = "atelier-dune";
author = "Bram de Haan (http://atelierbramdehaan.nl)";
description = "A welcoming, soothing friendly but also bright, colorscheme";
polarity = "dark";
backgroundUrl = "https://images.hdqwalls.com/wallpapers/tengen-toppa-gurren-lagann-4k-1m.jpg";
backgroundSha256 = "sha256-wplFIlIIYHTofJMuBLtpSWwrFyzz8ao1Gq4wGqgz7qY=";
base00 = "20201d";
base01 = "292824";
base02 = "6e6b5e";
base03 = "7d7a68";
base04 = "999580";
base05 = "a6a28c";
base06 = "e8e4cf";
base07 = "fefbec";
base08 = "d73737";
base09 = "b65611";
base0A = "ae9513";
base0B = "60ac39";
base0C = "1fad83";
base0D = "6684e1";
base0E = "b854d4";
base0F = "d43552";
}

0
themes/atelier-estuary/README.org → modules/themes/atelier-estuary/README.org
View file

25
modules/themes/atelier-estuary/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Atelier Estuary";
slug = "atelier-estuary";
author = "Bram de Haan (http://atelierbramdehaan.nl)";
description = "A bit of a poisonous colorscheme, be aware of the crocodiles , theyre hiding in there";
polarity = "dark";
backgroundUrl = "https://r4.wallpaperflare.com/wallpaper/352/194/322/digital-art-artwork-dragon-skeleton-wallpaper-15f339ed090d16293ff528ba738d87f9.jpg";
backgroundUrlSha256 = "sha256-f97njdnllbsnnIjZnz/j0l2qIFWbEsGF2QtV1JTF2Yg=";
base00 = "22221b";
base01 = "302f27";
base02 = "5f5e4e";
base03 = "6c6b5a";
base04 = "878573";
base05 = "929181";
base06 = "e7e6df";
base07 = "f4f3ec";
base08 = "ba6236";
base09 = "ae7313";
base0A = "a5980d";
base0B = "7d9726";
base0C = "5b9d48";
base0D = "36a166";
base0E = "5f9182";
base0F = "9d6c7c";
}

0
themes/atelier-forest/README.org → modules/themes/atelier-forest/README.org
View file

25
modules/themes/atelier-forest/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Atelier Forest";
slug = "atelier-forest";
author = "Bram de Haan (http://atelierbramdehaan.nl)";
description = ''A colorscheme like Birds of Paradise, but a bit muddier on the browns, less red and more greyed out, like clay'';
polarity = "dark";
backgroundUrl = "https://w.wallhaven.cc/full/72/wallhaven-72p97v.jpg";
backgroundSha256 = "sha256-+ayGF3G14PfZwZnIeqCpnV/awnwdpue3OBmJYTirb2U=";
base00 = "1b1918";
base01 = "2c2421";
base02 = "68615e";
base03 = "766e6b";
base04 = "9c9491";
base05 = "a8a19f";
base06 = "e6e2e0";
base07 = "f1efee";
base08 = "f22c40";
base09 = "df5320";
base0A = "c38418";
base0B = "7b9726";
base0C = "3d97b8";
base0D = "407ee7";
base0E = "6666ea";
base0F = "c33ff3";
}

0
themes/atelier-heath/README.org → modules/themes/atelier-heath/README.org
View file

25
modules/themes/atelier-heath/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Atelier Heath";
slug = "atelier-heath";
author = "Bram de Haan (http://atelierbramdehaan.nl)";
description = "Here the background-colors have these cool-red colors for the background, but then obviously toned down quite a bit";
polarity = "dark";
backgroundUrl = "https://r4.wallpaperflare.com/wallpaper/861/102/512/moonlight-fantasy-landscape-moon-full-moon-wallpaper-0960b8dd31ca4d2b96b7684fd021067d.jpg";
backgroundSha256 = "sha256-KuPdCD5IT0/LJghqQKuAFiFtztp+FyRJRdsjdrAzPI8=";
base00 = "1b181b";
base01 = "292329";
base02 = "695d69";
base03 = "776977";
base04 = "9e8f9e";
base05 = "ab9bab";
base06 = "d8cad8";
base07 = "f7f3f7";
base08 = "ca402b";
base09 = "a65926";
base0A = "bb8a35";
base0B = "918b3b";
base0C = "159393";
base0D = "516aec";
base0E = "7b59c0";
base0F = "cc33cc";
}

0
themes/atelier-lakeside/README.org → modules/themes/atelier-lakeside/README.org
View file

25
modules/themes/atelier-lakeside/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Atelier Lakeside";
slug = "atelier-lakeside";
author = "Bram de Haan (http://atelierbramdehaan.nl)";
description = "Coolest colorscheme of the (Atelier) bunch";
polarity = "dark";
backgroundUrl = "https://r4.wallpaperflare.com/wallpaper/410/867/750/vector-forest-sunset-forest-sunset-forest-wallpaper-b3abc35d0d699b056fa6b247589b18a8.jpg";
backgroundSha256 = "sha256-8ytn00rZUiJxgtjXqTxtR7qusokxjY68u+UiWuwD8Bs=";
base00 = "161b1d";
base01 = "1f292e";
base02 = "516d7b";
base03 = "5a7b8c";
base04 = "7195a8";
base05 = "7ea2b4";
base06 = "c1e4f6";
base07 = "ebf8ff";
base08 = "d22d72";
base09 = "935c25";
base0A = "8a8a0f";
base0B = "568c3b";
base0C = "2d8f6f";
base0D = "257fad";
base0E = "6b6bb8";
base0F = "b72dd2";
}

0
themes/atelier-plateau/README.org → modules/themes/atelier-plateau/README.org
View file

25
modules/themes/atelier-plateau/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Atelier Plateau";
slug = "atelier-plateau";
author = "Bram de Haan (http://atelierbramdehaan.nl)";
description = "A warm palette; no real green in here";
polarity = "dark";
backgroundUrl = "https://r4.wallpaperflare.com/wallpaper/428/434/322/art-computer-digital-art-concept-art-wallpaper-b9a0c85d016a9d0b66a7b84f509116ad.jpg";
backgroundSha256 = "sha256-GL4QjCZFLAgsMM05cLqAx9Sd293NfU79azFhuzBGhW0=";
base00 = "1b1818";
base01 = "292424";
base02 = "585050";
base03 = "655d5d";
base04 = "7e7777";
base05 = "8a8585";
base06 = "e7dfdf";
base07 = "f4ecec";
base08 = "ca4949";
base09 = "b45a3c";
base0A = "a06e3b";
base0B = "4b8b8b";
base0C = "5485b6";
base0D = "7272ca";
base0E = "8464c4";
base0F = "bd5187";
}

0
themes/atelier-savanna/README.org → modules/themes/atelier-savanna/README.org
View file

25
modules/themes/atelier-savanna/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Atelier Savanna";
slug = "atelier-savanna";
author = "Bram de Haan (http://atelierbramdehaan.nl)";
description = ''Color-wheel colors are desaturated considerably, giving this colorscheme a rather understated appeal and, dear I say it, a natural look and feel'';
polarity = "dark";
backgroundUrl = "https://r4.wallpaperflare.com/wallpaper/760/955/638/artwork-landscape-sky-mountains-wallpaper-78664db880d01c78404c214e28e2847a.jpg";
backgroundSha256 = "sha256-0ubzlyIj3Uz9vQa+qvz/+q/1trgbNUEpQysqtEFs54g=";
base00 = "171c19";
base01 = "232a25";
base02 = "526057";
base03 = "5f6d64";
base04 = "78877d";
base05 = "87928a";
base06 = "dfe7e2";
base07 = "ecf4ee";
base08 = "b16139";
base09 = "9f713c";
base0A = "a07e3b";
base0B = "489963";
base0C = "1c9aa0";
base0D = "478c90";
base0E = "55859b";
base0F = "867469";
}

0
themes/atelier-seaside/README.org → modules/themes/atelier-seaside/README.org
View file

25
modules/themes/atelier-seaside/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Atelier Seaside";
slug = "atelier-seaside";
author = "Bram de Haan (http://atelierbramdehaan.nl)";
description = "Very saturated color-palette; comes popping at you";
polarity = "dark";
backgroundUrl = "https://r4.wallpaperflare.com/wallpaper/714/495/609/landscape-artwork-digital-art-fantasy-art-wallpaper-9960e89d112afd2ba6e738ff70b1e63d.jpg";
backgroundSha256 = "sha256-GcHU4qYRGFubobNENwp8prpd/da4tzHwRyN+rsH2dYA=";
base00 = "131513";
base01 = "242924";
base02 = "5e6e5e";
base03 = "687d68";
base04 = "809980";
base05 = "8ca68c";
base06 = "cfe8cf";
base07 = "f4fbf4";
base08 = "e6193c";
base09 = "87711d";
base0A = "98981b";
base0B = "29a329";
base0C = "1999b3";
base0D = "3d62f5";
base0E = "ad2bee";
base0F = "e619c3";
}

0
themes/atelier-sulphurpool/README.org → modules/themes/atelier-sulphurpool/README.org
View file

25
modules/themes/atelier-sulphurpool/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Atelier Sulphurpool";
slug = "atelier-sulphurpool";
author = "Bram de Haan (http://atelierbramdehaan.nl)";
description = "Purple base color; easy on the eye";
polarity = "dark";
backgroundUrl = "https://r4.wallpaperflare.com/wallpaper/13/960/9/digital-art-fantasy-art-colorful-space-art-wallpaper-99330d2ae61a6c661d5ea4793fc17511.jpg";
backgroundSha256 = "sha256-mnh2uKy3PO0otUdTw4Bv4JDnMYj/m7Gt7P7XDJb2+c0=";
base00 = "202746";
base01 = "293256";
base02 = "5e6687";
base03 = "6b7394";
base04 = "898ea4";
base05 = "979db4";
base06 = "dfe2f1";
base07 = "f5f7ff";
base08 = "c94922";
base09 = "c76b29";
base0A = "c08b30";
base0B = "ac9739";
base0C = "22a2c9";
base0D = "3d8fd1";
base0E = "6679cc";
base0F = "9c637a";
}

0
themes/ayu-dark/README.org → modules/themes/ayu-dark/README.org
View file

25
modules/themes/ayu-dark/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Ayu Dark";
slug = "ayu-dark";
author = "Khue Nguyen <Z5483Y@gmail.com>";
description = "Simple, bright and elegant theme";
polarity = "dark";
backgroundUrl = "https://w.wallhaven.cc/full/zy/wallhaven-zy8wwo.jpg";
backgroundSha256 = "sha256-0BiSjEZnwh6KnWuNau+9lf1PVBYRnq228l4OA/nm5YI=";
base00 = "0F1419";
base01 = "131721";
base02 = "272D38";
base03 = "3E4B59";
base04 = "BFBDB6";
base05 = "E6E1CF";
base06 = "E6E1CF";
base07 = "F3F4F5";
base08 = "F07178";
base09 = "FF8F40";
base0A = "FFB454";
base0B = "B8CC52";
base0C = "95E6CB";
base0D = "59C2FF";
base0E = "D2A6FF";
base0F = "E6B673";
}

2
themes/background-test.sh → modules/themes/background-test.sh
View file

@ -1,7 +1,7 @@
#!/bin/sh
for i in $(ls -d */);
do
if curl --output /dev/null --silent --head --fail $(cat $i/backgroundurl.txt); then
if curl --output /dev/null --silent --head --fail $(cat $i/default.nix | grep "backgroundUrl" | cut -d'"' -f 2); then
echo "$i background successfully downloads";
else
echo -e "\033[0;31m$i background download fails\033[0m"

0
themes/bespin/README.org → modules/themes/bespin/README.org
View file

25
modules/themes/bespin/default.nix Normal file
View file

@ -0,0 +1,25 @@
{
scheme = "Bespin";
slug = "bespin";
author = "Jan T. Sott (https://github.com/idleberg)";
description = "Port of the Bespin theme from Sublime Text 2/3";
polarity = "dark";
backgroundUrl = "https://r4.wallpaperflare.com/wallpaper/597/635/621/sword-fantasy-forest-twilight-river-hd-wallpaper-f98078cd21caad7b46d7b83fb021566d.jpg";
backgroundSha256 = "sha256-uVPfyCXyyBVSfgbiQy5rhngNjuAmxk89btary3Iiwq0=";
base00 = "28211c";
base01 = "36312e";
base02 = "5e5d5c";
base03 = "666666";
base04 = "797977";
base05 = "8a8986";
base06 = "9d9b97";
base07 = "baae9e";
base08 = "cf6a4c";
base09 = "cf7d34";
base0A = "f9ee98";
base0B = "54be0d";
base0C = "afc4db";
base0D = "5ea6ea";
base0E = "9b859d";
base0F = "937121";
}

0
themes/caret/README.org → modules/themes/caret/README.org
View file

Some files were not shown because too many files have changed in this diff Show more