diff options
Diffstat (limited to 'modules')
43 files changed, 421 insertions, 107 deletions
diff --git a/modules/home/default.nix b/modules/home/default.nix index b44f360..9abf1b5 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -1,12 +1,11 @@ -{ lib, userDetails, ... }: { +{ lib, userDetails, homeStateVersion, ... }: { home = { username = userDetails.username; - homeDirectory = userDetails.home.root; - stateVersion = "24.05"; + homeDirectory = userDetails.home; + stateVersion = homeStateVersion; }; imports = [ - ./alacritty.nix #./chrome.nix ./firefox.nix ./git.nix @@ -14,11 +13,13 @@ ./htop.nix ./initial-home-setup.nix ./pcmanfm.nix # TODO mk name changeable & doesn't seem to work right now + ./theme-st.nix ./theme.nix + ./userdirs.nix ./wallpapers.nix ]; - alacritty.enable = lib.mkDefault true; + theme.st.enable = lib.mkDefault false; theme.mint.enable = lib.mkDefault true; wallpapers.enable = lib.mkDefault false; } diff --git a/modules/home/firefox.nix b/modules/home/firefox.nix index 5e015ff..30fd08a 100644 --- a/modules/home/firefox.nix +++ b/modules/home/firefox.nix @@ -1,29 +1,33 @@ { pkgs, userDetails, ... }: { programs.firefox = { - # TODO see if there is way to login to moz account in profile enable = true; - arkenfox = { - enable = true; - }; + arkenfox.enable = true; profiles = let search = { engines = { "Timmy Search" = { - urls = [{ template = "https://search.tjkeller.xyz/search?q={searchTerms}"; }]; # Don't know how to do w/ POST but I prefer GET anyways + urls = [{ + template = "https://search.tjkeller.xyz/search"; + params = [ { name = "q"; value = "{searchTerms}"; } ]; + }]; iconURI = "https://search.tjkeller.xyz/static/themes/simple/img/favicon.svg"; # TODO doesn't seem to work }; "Nix Packages" = { urls = [{ template = "https://search.nixos.org/packages"; - params = [ - { name = "type"; value = "packages"; } - { name = "query"; value = "{searchTerms}"; } - ]; + params = [ { name = "query"; value = "{searchTerms}"; } ]; }]; - icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; definedAliases = [ "@np" ]; }; + "NixOS Options" = { + urls = [{ + template = "https://search.nixos.org/options"; + params = [ { name = "query"; value = "{searchTerms}"; } ]; + }]; + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = [ "@no" ]; + }; }; default = "Timmy Search"; privateDefault = "Timmy Search"; @@ -36,7 +40,7 @@ "0100"."0102"."browser.startup.page".value = 3; # 0=blank, 1=home, 2=last visited page, 3=resume previous session "0100"."0103"."browser.startup.homepage".enable = false; "0100"."0104"."browser.newtabpage.enabled".enable = false; - "2800"."2811"."privacy.clearOnShutdown.history".enable = false; + #"2800"."2811"."privacy.clearOnShutdown.history".enable = false; }; settings = { "browser.compactmode.show" = true; @@ -46,7 +50,7 @@ "app.normandy.first_run" = false; "browser.aboutConfig.showWarning" = false; # arkenfox does - "browser.download.dir" = userDetails.home.downloads; # FF will create this dir if it doesn't exist + #"browser.download.dir" = userDetails.userDirs.downloads; "browser.newtabpage.activity-stream.feeds.section.topstories" = false; "browser.newtabpage.activity-stream.feeds.topsites" = false; "browser.urlbar.suggest.topsites" = false; @@ -54,7 +58,6 @@ "dom.push.enabled" = false; # "extensions.pocket.enabled" = false; "general.smoothScroll" = false; - #identity.fxaccounts.account.device.name = "timmy’s Firefox on nixos"; # HOSTNAME }; workSettings = settings // { "extensions.activeThemeID" = "firefox-compact-dark@mozilla.org"; # Use builtin dark theme instead of system theme diff --git a/modules/home/gtk-bookmarks.nix b/modules/home/gtk-bookmarks.nix index 067543d..24c6563 100644 --- a/modules/home/gtk-bookmarks.nix +++ b/modules/home/gtk-bookmarks.nix @@ -8,10 +8,10 @@ }; config = { - gtk.gtk3.bookmarks = with userDetails; [ - "file://${home.downloads} Downloads" - "file://${home.documents} Documents" - "file://${home.pictures} Pictures" - ] ++ config.additional-gtk-bookmarks; + gtk.gtk3.bookmarks = ( + lib.mapAttrsToList (name: path: + "file://${path} ${lib.toUpper (lib.substring 0 1 name)}${lib.substring 1 (-1) name}" + ) userDetails.userDirs + ) ++ config.additional-gtk-bookmarks; }; } diff --git a/modules/home/initial-home-setup.nix b/modules/home/initial-home-setup.nix index 046f5a5..4132386 100644 --- a/modules/home/initial-home-setup.nix +++ b/modules/home/initial-home-setup.nix @@ -16,7 +16,7 @@ run mimewiz -i # already verbose ''; createDirs = lib.hm.dag.entryAfter ["writeBoundary"] '' - run mkdir -p $VERBOSE_ARG "${userDetails.home.downloads}" + run mkdir -p $VERBOSE_ARG ${ lib.concatStringsSep " " (lib.attrValues userDetails.userDirs) } ''; }; } diff --git a/modules/home/resources/activation-scripts/clone-repos.sh b/modules/home/resources/activation-scripts/clone-repos.sh index 887968b..eaee4dc 100644 --- a/modules/home/resources/activation-scripts/clone-repos.sh +++ b/modules/home/resources/activation-scripts/clone-repos.sh @@ -3,8 +3,14 @@ server="https://git.tjkeller.xyz/" clonemissing() { + # pull and return if already existing + if [ -d "$2"/.git ]; then + run cd $VERBOSE_ARG "$2" + run git pull $VERBOSE_ARG || echo "$2: failed to pull from remote" + return + fi + # clone to $2 - [ -d "$2"/.git ] && return run mkdir -p $VERBOSE_ARG "$2" run git clone $VERBOSE_ARG "$server$1" "$2" diff --git a/modules/home/resources/firefox/userChrome.css b/modules/home/resources/firefox/userChrome.css index de0e112..624ab26 100644 --- a/modules/home/resources/firefox/userChrome.css +++ b/modules/home/resources/firefox/userChrome.css @@ -14,6 +14,17 @@ background: var(--toolbar-field-border-color) !important; } +/* Change background color of bookmarks toolbar */ +#PersonalToolbar { + background: var(--toolbox-bgcolor) !important; +} + +/* Adjust spacing of toolbar items */ +#PlacesToolbarItems { + gap: .35rem; + margin-block: .2rem; +} + /* Fix vertical spacing of tabs */ #TabsToolbar { margin-top: -1px; diff --git a/modules/home/theme-st.nix b/modules/home/theme-st.nix new file mode 100644 index 0000000..bc22791 --- /dev/null +++ b/modules/home/theme-st.nix @@ -0,0 +1,22 @@ +{ config, lib, pkgs, ... }: { + options = { + theme.st = { + enable = lib.mkEnableOption "enables theming st with home manager"; + font = lib.mkOption { + type = lib.types.str; + default = "JetBrainsMonoNL Nerd Font Mono:size=12:antialias=true:autohint=true"; + }; + }; + }; + config = let + themed-st = pkgs.st.overrideAttrs (old: { + buildInputs = old.buildInputs or [] ++ [ pkgs.makeWrapper ]; + postInstall = old.postInstall or "" + '' + wrapProgram $out/bin/st \ + --add-flags '-f${config.theme.st.font}' + ''; + }); + in { + home.packages = [ themed-st ]; + }; +} diff --git a/modules/home/theme.nix b/modules/home/theme.nix index a1c4f9b..2288610 100644 --- a/modules/home/theme.nix +++ b/modules/home/theme.nix @@ -40,6 +40,30 @@ in { default = "CommitMono"; description = "default monospace font"; }; + gtk = { + name = lib.mkOption { + type = lib.types.str; + default = "sans-serif"; + description = "default gtk font"; + }; + size = lib.mkOption { + type = with lib.types; nullOr int; + default = null; + description = "default gtk font size"; + }; + }; + }; + theme.cursor = { + name = lib.mkOption { + type = lib.types.str; + default = "Adwaita"; + description = "gtk cursor theme"; + }; + size = lib.mkOption { + type = with lib.types; nullOr int; + default = null; + description = "gtk cursor size"; + }; }; }; @@ -55,10 +79,12 @@ in { name = transformColorValue config.theme.mint.icons.color; }; font = { - name = config.theme.font.sansSerif; + name = config.theme.font.gtk.name; + size = config.theme.font.gtk.size; }; cursorTheme = { - name = "Adwaita"; + name = config.theme.cursor.name; + size = config.theme.cursor.size; }; gtk2.configLocation = "${config.xdg.configHome}/gtk-2.0/gtkrc"; }; diff --git a/modules/home/userdirs.nix b/modules/home/userdirs.nix new file mode 100644 index 0000000..58c1d59 --- /dev/null +++ b/modules/home/userdirs.nix @@ -0,0 +1,5 @@ +{ userDetails, ... }: { + xdg.userDirs = { + enable = true; + } // userDetails.userDirs; +} diff --git a/modules/hosts/T430/configuration.nix b/modules/hosts/T430/configuration.nix index 282515d..7910275 100644 --- a/modules/hosts/T430/configuration.nix +++ b/modules/hosts/T430/configuration.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; - networking.hostName = "T430"; # TODO this does not function #boot.initrd.systemd.extraBin = { diff --git a/modules/hosts/T430/home.nix b/modules/hosts/T430/home.nix index 9885a06..15df79a 100644 --- a/modules/hosts/T430/home.nix +++ b/modules/hosts/T430/home.nix @@ -1,6 +1,5 @@ { ... }: { imports = [ ../../home ]; - alacritty.font.size = 9; wallpapers.enable = true; } diff --git a/modules/hosts/T495/configuration.nix b/modules/hosts/T495/configuration.nix index 526b7bb..6ee62e9 100644 --- a/modules/hosts/T495/configuration.nix +++ b/modules/hosts/T495/configuration.nix @@ -2,11 +2,9 @@ imports = [ ./hardware-configuration.nix ./games.nix - ./input-leap.nix + #./input-leap.nix ./wg.nix ]; - networking.hostName = "T495"; - bootloader.mode = "efi"; # Enable extra software pkgs @@ -27,10 +25,6 @@ nas.office.enable = true; nas.office.automount = false; - networking.hosts = { - "192.168.77.3" = [ "devel" ]; - }; - # Use amdgpu driver for x11 services.xserver.videoDrivers = [ "amdgpu" ]; diff --git a/modules/hosts/T495/home.nix b/modules/hosts/T495/home.nix index 817b0c0..4fac32b 100644 --- a/modules/hosts/T495/home.nix +++ b/modules/hosts/T495/home.nix @@ -1,8 +1,14 @@ { ... }: { imports = [ ../../home ]; - theme.mint.theme.color = "Dark-Purple"; - theme.mint.icons.color = "Purple"; + theme = { + mint.theme.color = "Dark-Purple"; + mint.icons.color = "Purple"; + st = { + enable = true; + font = "Tamzen:pixelsize=20"; + }; + }; wallpapers.enable = true; home.file.input-leap-config = { diff --git a/modules/hosts/X230/configuration.nix b/modules/hosts/X230/configuration.nix new file mode 100644 index 0000000..9a8e6b4 --- /dev/null +++ b/modules/hosts/X230/configuration.nix @@ -0,0 +1,15 @@ +{ config, lib, pkgs, ... }: { + imports = [ + ./hardware-configuration.nix + ]; + bootloader.mode = "efi"; + + # Enable extra software pkgs + software.desktop = { + crypto.enable = true; + graphics.enable = true; + office.enable = true; + }; + + system.stateVersion = "24.05"; +} diff --git a/modules/hosts/X230/hardware-configuration.nix b/modules/hosts/X230/hardware-configuration.nix new file mode 100644 index 0000000..0791585 --- /dev/null +++ b/modules/hosts/X230/hardware-configuration.nix @@ -0,0 +1,48 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/41036740-73bc-4004-a302-01233b4d83b8"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/6019772f-4a1c-4abd-9c70-b1d71cc2de65"; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/41036740-73bc-4004-a302-01233b4d83b8"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/72D4-F66A"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s25.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/hosts/X230/home.nix b/modules/hosts/X230/home.nix new file mode 100644 index 0000000..87a16ea --- /dev/null +++ b/modules/hosts/X230/home.nix @@ -0,0 +1,18 @@ +{ ... }: { + imports = [ ../../home ]; + + theme = { + mint.theme.color = "Dark-Teal"; + mint.icons.color = "Teal"; + font = { + monospace = "Tamzen"; + gtk.name = "monospace"; + gtk.size = 8; + }; + cursor.size = 24; + st = { + enable = true; + font = "Tamzen:pixelsize=14"; + }; + }; +} diff --git a/modules/hosts/hp-envy-office/configuration.nix b/modules/hosts/hp-envy-office/configuration.nix index 9a7a43a..fdff4f0 100644 --- a/modules/hosts/hp-envy-office/configuration.nix +++ b/modules/hosts/hp-envy-office/configuration.nix @@ -1,8 +1,5 @@ { config, lib, pkgs, ... }: { - imports = [ - ./hardware-configuration.nix - ]; - networking.hostName = "hp-envy-office"; + imports = [ ./hardware-configuration.nix ]; # Enable extra software pkgs software.desktop = { diff --git a/modules/hosts/hp-envy-office/home.nix b/modules/hosts/hp-envy-office/home.nix index ed02130..2e4f61f 100644 --- a/modules/hosts/hp-envy-office/home.nix +++ b/modules/hosts/hp-envy-office/home.nix @@ -5,8 +5,8 @@ theme.mint.icons.color = "Green"; wallpapers.enable = true; - additional-gtk-bookmarks = with userDetails; [ - "file://${home.documents}/src/sites/admin Admin" + additional-gtk-bookmarks = with userDetails.userDirs; [ + "file://${documents}/src/sites/admin Admin" "file:///media/chexx/chexx cHEXx" ]; } diff --git a/modules/hosts/libreX60/bios-flashing.nix b/modules/hosts/libreX60/bios-flashing.nix new file mode 100644 index 0000000..6117813 --- /dev/null +++ b/modules/hosts/libreX60/bios-flashing.nix @@ -0,0 +1,8 @@ +# https://libreboot.org/docs/install/#thinkpad-t60x60x60tabletx60s + +{ pkgs, ... }: { + environment.systemPackages = [ pkgs.flashprog ]; + + boot.kernelParams = [ "iomem=relaxed" ]; +} + diff --git a/modules/hosts/libreX60/configuration.nix b/modules/hosts/libreX60/configuration.nix index 942793d..55f1774 100644 --- a/modules/hosts/libreX60/configuration.nix +++ b/modules/hosts/libreX60/configuration.nix @@ -1,14 +1,26 @@ { config, lib, pkgs, ... }: { - imports = [ ./hardware-configuration.nix ]; - networking.hostName = "libreX60"; + imports = [ + ./hardware-configuration.nix + ./powertop-auto-tune.nix + # Uncomment this module and reboot to enable bios flashing + #./bios-flashing.nix + ]; - # Enable extra software pkgs - software.desktop = { - office.enable = true; + # Use grub + bootloader = { + loader = "grub"; + mode = "bios"; + grub.biosDevice = "/dev/sda"; }; + # Use bootloader + boot.kernelPackages = pkgs.linuxPackages-libre; + # Enable network drives nas.enable = true; + # i915 Gpu requires intel driver + services.xserver.videoDrivers = [ "intel" ]; + system.stateVersion = "24.11"; } diff --git a/modules/hosts/libreX60/hardware-configuration.nix b/modules/hosts/libreX60/hardware-configuration.nix new file mode 100644 index 0000000..b0a7868 --- /dev/null +++ b/modules/hosts/libreX60/hardware-configuration.nix @@ -0,0 +1,46 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ata_piix" "ahci" "firewire_ohci" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/91572803-436d-4f43-b41f-dfba2103752e"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/91572803-436d-4f43-b41f-dfba2103752e"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/F618-D6C2"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. + networking.useDHCP = lib.mkDefault true; + networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/hosts/libreX60/home.nix b/modules/hosts/libreX60/home.nix index 453bfd6..5b35457 100644 --- a/modules/hosts/libreX60/home.nix +++ b/modules/hosts/libreX60/home.nix @@ -1,8 +1,18 @@ { ... }: { imports = [ ../../home ]; - theme.mint.theme.color = "Dark-Red"; - theme.mint.icons.color = "Red"; - theme.font.sansSerif = "Tamzen"; - theme.font.monospace = "Tamzen"; + theme = { + mint.theme.color = "Dark-Red"; + mint.icons.color = "Red"; + font = { + monospace = "Tamzen"; + gtk.name = "monospace"; + gtk.size = 8; + }; + cursor.size = 24; + st = { + enable = true; + font = "Tamzen:pixelsize=14"; + }; + }; } diff --git a/modules/hosts/libreX60/powertop-auto-tune.nix b/modules/hosts/libreX60/powertop-auto-tune.nix new file mode 100644 index 0000000..0eb9578 --- /dev/null +++ b/modules/hosts/libreX60/powertop-auto-tune.nix @@ -0,0 +1,17 @@ +# https://en.wikibooks.org/wiki/Libreboot/ThinkPad_X60#Remove_High_Pitched_Whining_Noise +# TLDR; running `powertop --auto-tune` is supposed to kill the high pitched noises produced by the X60 + +{ pkgs, ... }: { + environment.systemPackages = [ pkgs.powertop ]; + + # Create systemd service + systemd.services.powertop-autotune = { + description = "Powertop Auto-Tune"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.powertop}/bin/powertop --auto-tune"; + }; + }; +} diff --git a/modules/hosts/optiplex/configuration.nix b/modules/hosts/optiplex/configuration.nix index cbde612..16ba475 100644 --- a/modules/hosts/optiplex/configuration.nix +++ b/modules/hosts/optiplex/configuration.nix @@ -1,9 +1,5 @@ { config, lib, pkgs, ... }: { - imports = [ - ./hardware-configuration.nix - ]; - networking.hostName = "optiplex"; - + imports = [ ./hardware-configuration.nix ]; bootloader.mode = "efi"; # Allow unfree for nvidia + others @@ -18,6 +14,9 @@ office.enable = true; utilities.enable = true; }; + software.development = { + docker.enable = true; + }; # Install more programs environment.systemPackages = with pkgs; [ @@ -32,10 +31,6 @@ # Disable wifi wifi.enable = false; - networking.hosts = { - "192.168.77.3" = [ "devel" ]; - }; - # Use nvidia driver services.xserver.videoDrivers = [ "nvidia" ]; hardware.nvidia = { @@ -44,7 +39,11 @@ nvidiaSettings = true; open = false; # Not compatible w/ GTX-1050 package = config.boot.kernelPackages.nvidiaPackages.stable; # Still good for 1050 + forceFullCompositionPipeline = true; # Enables vsync }; + # Disable suspend + suspend.enable = false; + system.stateVersion = "24.11"; } diff --git a/modules/root/bluetooth.nix b/modules/root/bluetooth.nix index d55eade..1f41c7e 100644 --- a/modules/root/bluetooth.nix +++ b/modules/root/bluetooth.nix @@ -3,7 +3,7 @@ bluetooth.enable = lib.mkEnableOption "enables bluetooth support"; }; - config = { + config = lib.mkIf config.bluetooth.enable { hardware.bluetooth.enable = true; services.blueman.enable = true; }; diff --git a/modules/root/default.nix b/modules/root/default.nix index e108318..7f647b5 100644 --- a/modules/root/default.nix +++ b/modules/root/default.nix @@ -5,6 +5,7 @@ ./bluetooth.nix ./bootloader.nix ./doas.nix + ./firewall.nix ./fonts.nix ./home-manager.nix ./hosts.nix @@ -17,7 +18,9 @@ ./printing.nix ./secrets.nix ./ssh.nix + ./suspend.nix ./tlp.nix + ./udev.nix ./wifi.nix ./x11.nix ./zsh.nix @@ -44,6 +47,7 @@ printing.enable = lib.mkDefault true; tlp.enable = lib.mkDefault true; scanning.enable = lib.mkDefault true; + suspend.enable = lib.mkDefault true; wifi.enable = lib.mkDefault true; xserver.enable = lib.mkDefault true; zsh.enable = lib.mkDefault true; diff --git a/modules/root/firewall.nix b/modules/root/firewall.nix new file mode 100644 index 0000000..e038cbe --- /dev/null +++ b/modules/root/firewall.nix @@ -0,0 +1,7 @@ +{ + networking.firewall = { + allowedTCPPorts = [ + 8080 + ]; + }; +} diff --git a/modules/root/fonts.nix b/modules/root/fonts.nix index 3ae8eef..256e1ab 100644 --- a/modules/root/fonts.nix +++ b/modules/root/fonts.nix @@ -7,10 +7,8 @@ fonts.packages = with pkgs; [ commit-mono inter + nerd-fonts.jetbrains-mono tamzen - (nerdfonts.override { - fonts = [ "JetBrainsMono" ]; - }) ]; }; } diff --git a/modules/root/hosts.nix b/modules/root/hosts.nix index 14daaf1..cb526f2 100644 --- a/modules/root/hosts.nix +++ b/modules/root/hosts.nix @@ -1,10 +1,12 @@ -{ +{ hostname, ... }: { + networking.hostName = hostname; # From flake.nix networking.hosts = { "192.168.1.9" = [ "optiplex" ]; "192.168.1.30" = [ "localgit" ]; "192.168.1.11" = [ "truenas-home" ]; "192.168.77.11" = [ "truenas-office" ]; "192.168.77.8" = [ "publicgit" "tjkeller" ]; + "192.168.77.3" = [ "devel" ]; "173.9.253.3" = [ "git.tjkeller.xyz" "piped.tjkeller.xyz" @@ -12,4 +14,5 @@ "tjkeller.xyz" ]; }; + environment.etc.hosts.mode = "0644"; # Allow temporary imperative modifications } diff --git a/modules/root/normaluser.nix b/modules/root/normaluser.nix index fc243ea..88eb338 100644 --- a/modules/root/normaluser.nix +++ b/modules/root/normaluser.nix @@ -4,9 +4,14 @@ }; users.users.${userDetails.username} = { description = userDetails.fullname; - #home = userDetails.home.root; + #home = userDetails.home; isNormalUser = true; hashedPasswordFile = config.sops.secrets.hashed-root-password.path; - extraGroups = [ "wheel" "nixbld" ]; + extraGroups = [ + "i2c" + "nixbld" + "video" + "wheel" + ]; }; } diff --git a/modules/root/printing.nix b/modules/root/printing.nix index 69ff573..f0d0dd8 100644 --- a/modules/root/printing.nix +++ b/modules/root/printing.nix @@ -10,6 +10,7 @@ enable = true; drivers = [ pkgs.epson-escpr2 + pkgs.workcentre-7800-series ]; }; diff --git a/modules/root/resources/secrets/secrets.yaml b/modules/root/resources/secrets/secrets.yaml index 03f9517..fcba4a6 100644 --- a/modules/root/resources/secrets/secrets.yaml +++ b/modules/root/resources/secrets/secrets.yaml @@ -1,10 +1,6 @@ -wpa_supplicant-conf: ENC[AES256_GCM,data:0FI1Re1PbiJmtsqb5Ddj1g/e22FkSOxHtbhchybFJAn1Q6PBYpMM/myMUQqZDqCNDhR8f+b2LYcrFx+c9g+yDsR9VcgVe/NK1U5jvep5go3JIibR0NmtfPVZNMvThmVnzO+6aGtggjN8PTx4nm+GKzf7YZPV/buYRdWExJRf0loXgNM8iLtjnu1QGZjWNBtFGbTRHeiax1QhvPrawp76PNrdpzD3EkY26HZ2TRfXFP8ta93T43sac9iVj+U3ggn9MTNvLDGiOF1lAN/W69EeCnyzw3sbxCsuSYFQ4GKkggaehje58VpsG7rZMIHYhI6PQcctO6WUupBi80KcBCnQQKy0Pir7GUPwhw1NPKuOgTX9Otz1dXxJgNk+gA4NTmyCWh2LO0utW0bjAAoqhn5sti5TssxqT2q+bw8KiAqRMZKyj8JDKg4cpMCVUbSH4fcIK1ADXa0OzItgVZnhEKJeD0SYqScXoRlExiDxHG/yrYuJYKtUQSrYJXjJJcTreTyMXWUh1E/nvS7egnXFMYYxDdTvJ5bQ/Zp94FI+twhNfMxKF5qo2gcGUHjQu/M=,iv:LKr6fcQ2emSjQmEt1HgyLpFLg4ZxDOVgJEfkm4nQzbY=,tag:M+oo8dpWclIRaPyW17Ldwg==,type:str] +wpa_supplicant-conf: ENC[AES256_GCM,data:fvYez82qSJ1LXiOVtgGiJuwzFC++V5rNJ3x5zK1PDUf0ohwpOVrC+P3A0Rob5LURBZL0KFSIBIbJ5Iq/bRtsAD6ZgIwsKQxi3fLRanUbx2PM6JFpDYWgKlvxWMPtNp0hlicdZny7ayRXXA3Y4FOFScLPfl+5perzw8+6M3YRoeTAeDQAlhkA9BzOmg3UHZsZgKvuNYhSO2oQubEyYRhBMN5opACyyC8E96lPIplZytuvB7L4LH4VQHnqryUqXdVjXv/UIhZx4QU+jkTR5KHG0M9oG9pcWi/gpQD69hesQhOhKF+K71Bg507F29rM6WK2m6mdg5xA2BX3WQeddxc1m/hkBpQBDUk1SC58z4fQ4feITy4pAJLYzHyvMVm7CSDv0mSgfOAS/i4GdMArHG2FYSPnJ0/pfOpOQgH73PuDqgjMyRepiwUC6DILsqvmjMEXp3DZrYxvuGTbhahd/EHUzuNrOe9Wcw5NH+vucmdDzihsJ6UO56mQ7Dr+/4QFiQ8MHA+wm63MvS16YG3bDOJXIt7mTPREdFGG2YtXJfnZLLYXzsnNJGihwyCXkC0QFJRRPZyr6bYpxdEWyDnNXFzkajYlP/+EqC8RbIFYAYz3aJogjCPtp5P5JI7dqmJ8ALkFFBY=,iv:b5hJnjKOJx1I13QCNJsKGDbQ7g+27eX1XkSVaGcJhA4=,tag:6QumSrB7myeS/SU5bEAKRQ==,type:str] hashed-root-password: ENC[AES256_GCM,data:KUoB8Z0ifh7lE9ir9AqkiMRHfw6rusXw3KC1dLIRd4YpbTiNI+cAdC474LR721+LNWoj5ZytSdDsVyS+t3o076rV4sgWgL17jPPf+H2KE5FOmQKYTUiHfSBsLKyyhpie4tpFJWv/3cCW8Q==,iv:0sZPz3V7IqTGbF3Fnm+FbgBS3GTnHsRx0OzIoAE1H64=,tag:H6CQlANfiD6ZuQhONKyMAQ==,type:str] sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] age: - recipient: age1w80rc0dnuu8nw99gw64c596qqetm78jdnsqajr0u7ephykekr39qfz8vnv enc: | @@ -15,8 +11,7 @@ sops: UkJ1SGJrWXNtbmlmc2c4M1IxdUpVOWMKjaakq+n8ZijGjaNVM8/dQApaVFp9+q3K nhvon4p5KUFE+myABnEknaSZ5UcvW6ZLff9AB7l35NZhGXAhv+y6HA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-01-09T16:42:38Z" - mac: ENC[AES256_GCM,data:LUBRGB/NdT2Lvrecb4w3Xbq4ulMyhHwNjuGyH/fjFJOcNfOCNmwaxIRN59CBi65UxGe93mgYYKJtbCKUZA9JhEfC81e+wkD0ZpEaNBu2YAYetf6hE9LqlYO05QIf/qwXySkCXRKdDl5afcmBVXTj+6qDEljkGtWX7CPLlodvuSQ=,iv:EfYL215e52Ir3SSTba7WGFSTQHgtqzyfWUWTBS+lwrU=,tag:VjE1o7WCT/PWIxk2/b/eow==,type:str] - pgp: [] + lastmodified: "2025-07-10T02:39:52Z" + mac: ENC[AES256_GCM,data:dn9v2ur5/sIrQL4HrQvTYcXpja+JwE2TMheT/AasZlhcYHI2NhLNwgpcDzITQbnnf+WAWYz3vjyEnP8tYuxO1Bggu+dDjAHMV8AfceYHnqJFPK4L9Kb8hBK93+7uOE38kjfsV3fZ3JS7dU3DkpNV6Geqa8cQ0u2bN3Yiz8YnaiQ=,iv:GGoDCZ/l4s7atWmRsbopq/WgxhQipaKHhSVQWi0TK8U=,tag:gkYht8PMOcTFhHOABKj4Ig==,type:str] unencrypted_suffix: _unencrypted - version: 3.9.2 + version: 3.10.2 diff --git a/modules/root/resources/x11/xinit-startx-xdg.patch b/modules/root/resources/x11/xinit-startx-xdg.patch deleted file mode 100644 index c1bca97..0000000 --- a/modules/root/resources/x11/xinit-startx-xdg.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff --git a/startx.cpp b/startx.cpp -index dfbebe1..472a1b0 100644 ---- a/startx.cpp -+++ b/startx.cpp -@@ -272,7 +272,7 @@ if [ x"$enable_xauth" = x1 ] ; then - dummy=0 - - XCOMM create a file with auth information for the server. ':0' is a dummy. -- xserverauthfile=$HOME/.serverauth.$$ -+ xserverauthfile="${XAUTHORITY:-$HOME/.Xauthority}" - trap "rm -f '$xserverauthfile'" HUP INT QUIT ILL TRAP BUS TERM - xauth -q -f "$xserverauthfile" << EOF - add :$dummy . $mcookie - diff --git a/modules/root/secrets.nix b/modules/root/secrets.nix index 47262fd..045e3f4 100644 --- a/modules/root/secrets.nix +++ b/modules/root/secrets.nix @@ -4,7 +4,7 @@ sops = { defaultSopsFile = ./resources/secrets/secrets.yaml; defaultSopsFormat = "yaml"; - age.keyFile = "${userDetails.home.root}/.config/sops/age/keys.txt"; + age.keyFile = "${userDetails.home}/.config/sops/age/keys.txt"; secrets = { wpa_supplicant-conf = { }; diff --git a/modules/root/software/default.nix b/modules/root/software/default.nix index 8d1e987..5f6494d 100644 --- a/modules/root/software/default.nix +++ b/modules/root/software/default.nix @@ -5,6 +5,7 @@ ./desktop.nix ./development.nix ./docker.nix + ./overlays.nix ./system.nix ./utilities.nix ./virtualisation.nix diff --git a/modules/root/software/desktop.nix b/modules/root/software/desktop.nix index 88101d8..b8cd1e7 100644 --- a/modules/root/software/desktop.nix +++ b/modules/root/software/desktop.nix @@ -30,10 +30,10 @@ pcmanfm redshift scrot + st sxiv wpa_supplicant_gui zathura - (callPackage ./derivations/st {}) ] ++ pkgs.lib.optionals config.software.desktop.chromium.enable [ # Chrome config.software.desktop.chromium.package @@ -44,17 +44,16 @@ prusa-slicer ] ++ pkgs.lib.optionals config.software.desktop.crypto.enable [ # Crypto Wallets - bisq2 - electrum - monero-gui + sparrow ] ++ pkgs.lib.optionals config.software.desktop.graphics.enable [ # Graphics blender geeqie - gimp + gimp3 inkscape ] ++ pkgs.lib.optionals config.software.desktop.office.enable [ # Office + kdePackages.okular libreoffice pdfchain thunderbird diff --git a/modules/root/software/development.nix b/modules/root/software/development.nix index 2a4dfba..af8a8a7 100644 --- a/modules/root/software/development.nix +++ b/modules/root/software/development.nix @@ -5,7 +5,7 @@ config = lib.mkIf config.software.development.enable { environment.systemPackages = with pkgs; [ - adb-sync + #adb-sync android-tools gcc git @@ -14,5 +14,10 @@ lua pkg-config ]; + + # Open 1313 for hugo serve + networking.firewall.allowedTCPPorts = [ + 1313 + ]; }; } diff --git a/modules/root/software/overlays.nix b/modules/root/software/overlays.nix new file mode 100644 index 0000000..bdb23fd --- /dev/null +++ b/modules/root/software/overlays.nix @@ -0,0 +1,20 @@ +{ pkgs, ... }: { + nixpkgs.overlays = with pkgs; [ + (final: prev: { + crazydiskinfo = (callPackage ./derivations/crazydiskinfo {}); + lowbat = (callPackage ./derivations/lowbat {}); + workcentre-7800-series = (callPackage ./derivations/xerox-workcentre-7800-series-driver {}); + + # Use my vimv-rs until pr gets merged + vimv-rs = prev.vimv-rs.overrideAttrs (oldAttrs: { + src = fetchFromGitHub { + owner = "tjkeller-xyz"; + repo = "vimv-rs"; + rev = "5deb76fb81dd4acf3c4809087ff3a1d846ab4769"; + sha256 = "sha256-XMn+5mIxSEHaR31ixMi6o7PSkN1iYjDT4aOiQkfEwpA="; + }; + }); + }) + (import ./derivations/st/overrides.nix) + ]; +} diff --git a/modules/root/software/system.nix b/modules/root/software/system.nix index f0a31f2..4c81596 100644 --- a/modules/root/software/system.nix +++ b/modules/root/software/system.nix @@ -5,6 +5,7 @@ dash # TODO should be default /bin/sh exfat git # Needed for home-manager + ntfs3g python3 sops # Secrets ]; diff --git a/modules/root/software/utilities.nix b/modules/root/software/utilities.nix index dabf163..79285a1 100644 --- a/modules/root/software/utilities.nix +++ b/modules/root/software/utilities.nix @@ -1,5 +1,6 @@ { pkgs, ... }: { environment.systemPackages = with pkgs; [ + crazydiskinfo entr fastfetch ffmpeg @@ -7,11 +8,13 @@ jq light lm_sensors + lowbat mediainfo neovim nmap openssl p7zip + pavolctld powertop pv rsync @@ -22,11 +25,10 @@ testdisk tmux uhubctl + vimv-rs wget wireguard-tools xxHash yt-dlp - (callPackage ./derivations/lowbat {}) - (callPackage ./derivations/pavolctld {}) ]; } diff --git a/modules/root/suspend.nix b/modules/root/suspend.nix new file mode 100644 index 0000000..814ae95 --- /dev/null +++ b/modules/root/suspend.nix @@ -0,0 +1,16 @@ +{ lib, config, ... }: { + options = { + suspend.enable = lib.mkEnableOption "enables suspend"; + }; + + config = lib.mkIf (! config.suspend.enable) { + # Disable suspend targets + systemd.targets = builtins.listToAttrs (map (name: { + inherit name; + value = { + enable = false; + unitConfig.DefaultDependencies = "no"; + }; + }) ["sleep" "suspend" "hibernate" "hybrid-sleep"]); + }; +} diff --git a/modules/root/udev.nix b/modules/root/udev.nix new file mode 100644 index 0000000..17ed204 --- /dev/null +++ b/modules/root/udev.nix @@ -0,0 +1,5 @@ +{ pkgs, ... }: { + services.udev.extraRules = '' + SUBSYSTEM=="backlight", ACTION=="add", RUN+="${pkgs.coreutils}/bin/chgrp video /sys/class/backlight/%k/brightness", RUN+="${pkgs.coreutils}/bin/chmod g+w /sys/class/backlight/%k/brightness" + ''; +} diff --git a/modules/root/x11.nix b/modules/root/x11.nix index fd15c52..f5a07b4 100644 --- a/modules/root/x11.nix +++ b/modules/root/x11.nix @@ -8,6 +8,30 @@ services.xserver.displayManager.startx.enable = true; services.libinput.enable = true; # Enable touchpad support + # Apply startx patch to create serverauth file in /tmp instead of home directory + nixpkgs.overlays = with pkgs; [ + (final: prev: { + xorg = prev.xorg // { + xinit = (prev.xorg.xinit.overrideAttrs (finalAttrs: previousAttrs: { + version = "1.4.4"; + patchtag = "${finalAttrs.version}-1"; # Archlinux xinit package tagged release to fetch patch from + # Override src since is hardcoded to 1.4.2 + src = prev.fetchurl { + url = "mirror://xorg/individual/app/xinit-${finalAttrs.version}.tar.xz"; + sha256 = "sha256-QKR8ehZMf5gc43h7Szf35BH7QyMdzeVD1wCUB12s/vk="; + }; + patches = [ + (prev.fetchpatch { + url = "https://gitlab.archlinux.org/archlinux/packaging/packages/xorg-xinit/-/raw/${finalAttrs.patchtag}/06_move_serverauthfile_into_tmp.diff"; + sha256 = "1whzs5bw7ph12r3abs1g9fydibkr291jh56a0zp17d4x070jnkda"; + }) + ]; + })); + }; + }) + ]; + + # Install basic X utilities environment.systemPackages = with pkgs; [ unclutter xcape @@ -19,12 +43,12 @@ xorg.xrandr xorg.xset xwallpaper - # Patch startx to be compliant with xdg base dir spec - (xorg.xinit.overrideAttrs (old: rec { - patches = [ - ./resources/x11/xinit-startx-xdg.patch - ]; - })) ]; + + # Enable TearFree option by default + # Not all video drivers support this option + services.xserver.deviceSection = '' + Option "TearFree" "true" + ''; }; } |