patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

WIP

Browse source
This commit is contained in:
Patrick 2023-09-05 21:00:29 +02:00
parent 87178a11e9
commit adf3ceb9cb
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
10 changed files with 364 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

190
flake.lock
View file

@ -151,6 +151,21 @@
}
},
"flake-compat_2": {
"locked": {
"lastModified": 1688025799,
"narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1673956053,
@ -166,6 +181,28 @@
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nixpkgs-wayland",
"nix-eval-jobs",
"nixpkgs"
]
},
"locked": {
"lastModified": 1693611461,
"narHash": "sha256-aPODl8vAgGQ0ZYFIRisxYG5MOGSkIczvu2Cd8Gb9+1Y=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "7f53fdb7bdc5bb237da7fefef12d099e4fd611ca",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": [
@ -186,6 +223,24 @@
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1692799911,
"narHash": "sha256-3eihraek4qL744EvQXsK1Ha6C3CR7nnT8X2qWap4RNk=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "f9e7cf818399d17d347f847525c5a5a8032e4e44",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
@ -242,6 +297,45 @@
"type": "github"
}
},
"lib-aggregate": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1693844549,
"narHash": "sha256-q37gKJEJ8H+bvcQRuZpbGTDU/GvyrpMtaejhFvS8mSc=",
"owner": "nix-community",
"repo": "lib-aggregate",
"rev": "80552e56920ed1acc248596a13d8f0b4932138d3",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "lib-aggregate",
"type": "github"
}
},
"nix-eval-jobs": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_2",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1693869646,
"narHash": "sha256-OJ29WUwSr1tcNSkf+L3dJYIHdcFtYPkKIGSUY3aFJYg=",
"owner": "nix-community",
"repo": "nix-eval-jobs",
"rev": "ff16969e651bc8ccf3d21c16f249368bc63817df",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nix-eval-jobs",
"type": "github"
}
},
"nixlib": {
"locked": {
"lastModified": 1689469483,
@ -309,6 +403,21 @@
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1693701915,
"narHash": "sha256-waHPLdDYUOHSEtMKKabcKIMhlUOHPOOPQ9UyFeEoovs=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "f5af57d3ef9947a70ac86e42695231ac1ad00c25",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1685801374,
@ -325,9 +434,48 @@
"type": "github"
}
},
"pre-commit-hooks": {
"nixpkgs-wayland": {
"inputs": {
"flake-compat": "flake-compat_2",
"lib-aggregate": "lib-aggregate",
"nix-eval-jobs": "nix-eval-jobs",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1693930781,
"narHash": "sha256-EmW1yeitBJBzBLxoUE1Od5KEt5C+YbXshP0KT2+ldxg=",
"owner": "nix-community",
"repo": "nixpkgs-wayland",
"rev": "fe49408835c7f426097311ae7b9cbbae4af03074",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs-wayland",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1693785888,
"narHash": "sha256-RTJnFrFaLsQGzg0VwiGfR+aNbhcIaP267C92YC2i3mE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f53ec4f6d815f80f7ee6a490a946b1b2b4f9cb09",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixpkgs",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat_3",
"flake-utils": [
"flake-utils"
],
@ -364,8 +512,9 @@
"nixos-generators": "nixos-generators",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"nixpkgs-wayland": "nixpkgs-wayland",
"pre-commit-hooks": "pre-commit-hooks",
"systems": "systems",
"systems": "systems_2",
"templates": "templates"
}
},
@ -400,6 +549,21 @@
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"templates": {
"locked": {
"lastModified": 1685790891,
@ -414,6 +578,28 @@
"type": "git",
"url": "https://git.lel.lol/patrick/nix-templates.git"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs-wayland",
"nix-eval-jobs",
"nixpkgs"
]
},
"locked": {
"lastModified": 1693689099,
"narHash": "sha256-NuilTRYMH+DDR/uBWQjDbX5mWCA05lwo2Sg9iTkkEs4=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "e3e0f9f6d47f8fc68aff15150eda1224fb46f4d4",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},
"root": "root",

10
flake.nix
View file

@ -2,6 +2,10 @@
description = "patricks tolle nix config";
inputs = {
nixpkgs-wayland = {
url = "github:nix-community/nixpkgs-wayland";
inputs.nixpkgs.follows = "nixpkgs";
};
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
# to prevent multiple instances of systems
@ -106,7 +110,11 @@
}
// flake-utils.lib.eachDefaultSystem (system: rec {
pkgs = import nixpkgs {
overlays = import ./lib inputs;
overlays =
import ./lib inputs
++ [
inputs.nixpkgs-wayland.overlay
];
inherit system;
# TODO fix this to only allow specific unfree packages
config.allowUnfree = true;

1
modules/config/default.nix
View file

@ -15,6 +15,7 @@
../secrets.nix
../meta.nix
../smb-mounts.nix
inputs.home-manager.nixosModules.default
inputs.impermanence.nixosModules.impermanence

4
modules/config/nix.nix
View file

@ -13,11 +13,15 @@
"https://nix-config.cachix.org"
"https://nix-community.cachix.org"
"https://colmena.cachix.org"
"https://cache.nixos.org"
"https://nixpkgs-wayland.cachix.org"
];
trusted-public-keys = [
"nix-config.cachix.org-1:Vd6raEuldeIZpttVQfrUbLvXJHzzzkS0pezXCVVjDG4="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
];
cores = 0;
max-jobs = "auto";

42
modules/optional/smb-mounts.nix
View file

@ -1,42 +0,0 @@
userName: {
pkgs,
config,
...
}: let
options = [
"noauto"
"x-systemd.idle-timeout=60"
"x-systemd.device-timeout=5s"
"x-systemd.mount-timeout=5s"
"credentials=${config.age.secrets.smb-creds.path}"
"uid=${builtins.toString config.users.users.${userName}.uid}"
"gid=${builtins.toString config.users.groups.${userName}.gid}"
];
in {
environment.systemPackages = [pkgs.cifs-utils];
age.secrets.smb-creds.rekeyFile = ../../secrets/smb.cred.age;
fileSystems = let
home = "/home/${userName}";
in {
"${home}/smb/patri-data" = {
device = "//192.168.178.2/patri-data";
fsType = "cifs";
inherit options;
};
"${home}/smb/ggr-data" = {
device = "//192.168.178.2/patri-paperless";
fsType = "cifs";
inherit options;
};
"${home}/smb/media" = {
device = "//192.168.178.2/media";
fsType = "cifs";
inherit options;
};
"${home}/smb/patri-paperless" = {
device = "//192.168.178.2/patri-paperless";
fsType = "cifs";
inherit options;
};
};
}

96
modules/smb-mounts.nix Normal file
View file

@ -0,0 +1,96 @@
{
pkgs,
config,
lib,
...
}: let
inherit
(lib)
mkOption
types
flip
attrNames
toString
flatten
;
baseOptions = [
"x-systemd.idle-timeout=60"
"x-systemd.device-timeout=5s"
"x-systemd.mount-timeout=5s"
];
in {
# Give users the ability to add their own smb shares
home-manager.sharedModules = [
{
options.home.smb = mkOption {
description = "Samba shares to be mountable under $HOME/smb";
default = {};
type = types.listOf types.submodule {
options = {
localPath = mkOption {
description = "The path under which the share will be mounted. Defaults to the remotePath";
type = types.str;
default = null;
};
address = mkOption {
description = "The remote share address";
type = types.str;
example = "10.1.2.5";
};
remotePath = mkOption {
description = "The remote share path";
type = types.str;
example = "data-10";
};
credentials = mkOption {
description = "A smb credential file to access the remote share";
type = types.path;
};
automatic = mkOption {
description = "Whether this share should be automatically mounted on boot";
default = false;
type = types.boolean;
};
};
};
};
}
];
imports = flatten (
flip
map
(attrNames config.home-manager.users)
(
user: let
parentPath = "${config.home-manager.users.${user}.homeDir}/smb";
cfg = config.home-manager.users.user.smb;
in
flip map cfg (
cfg: {
environment.systemPackages = [pkgs.cifs-utils];
fileSystems = {
"${parentPath}/${cfg.localpath or cfg.remotePath}" = let
options =
baseOptions
++ [
"uid=${toString config.users.users.${user}.uid}"
"gid=${toString config.users.groups.${user}.gid}"
"credentials=${cfg.credentials}"
"${
if cfg.automatic
then ""
else "noauto"
}"
];
in {
inherit options;
device = "//${cfg.address}/${cfg.remotePath}";
fsType = "cifs";
};
};
}
)
)
);
}

6
users/common/graphical/firefox.nix
View file

@ -7,6 +7,12 @@
"MOZ_WEBRENDER" = 1;
};
};
xdg.mimeApps.defaultApplications = {
"text/html" = ["firefox.desktop"];
"text/xml" = ["firefox.desktop"];
"x-scheme-handler/http" = ["firefox.desktop"];
"x-scheme-handler/https" = ["firefox.desktop"];
};
programs.firefox = {
enable = true;
profiles.patrick = {

8
users/common/graphical/sway/default.nix
View file

@ -104,7 +104,8 @@
"${cfg.modifier}+Shift+9" = "move container to workspace number 9";
};
}
// lib.optionalAttrs (nixosConfig.networking.hostName == "desktopnix") {
// {
desktopnix = {
output = {
DVI-D-1 = {
mode = "1920x1080@60Hz";
@ -134,10 +135,15 @@
}
];
};
}
.${nixosConfig.node.name}
or {};
};
# Cursor invisible
home.sessionVariables = {
WLR_NO_HARDWARE_CURSORS = 1;
NIXOS_OZONE_WL = 1;
# opengl backend flickers, also vulkan is love.
WLR_RENDERER = "vulkan";
};
}

2
users/patrick/default.nix
View file

@ -7,7 +7,6 @@
imports = [
../../modules/graphical/wayland.nix
../../modules/graphical/steam.nix
(import ../../modules/optional/smb-mounts.nix "patrick")
./impermanence.nix
];
@ -31,6 +30,7 @@
imports = [
./patrick.nix
./ssh.nix
./smb.nix
../common
../common/impermanence.nix
../common/interactive.nix

25
users/patrick/smb.nix Normal file
View file

@ -0,0 +1,25 @@
{config, ...}: {
age.secrets.smb-creds.rekeyFile = ../../secrets/smb.cred.age;
home.smb = let
address = "192.168.178.2";
credentials = config.age.secrets.smb-creds.path;
in [
{
inherit address credentials;
remotePath = "patri-data";
automatic = true;
}
{
inherit address credentials;
remotePath = "ggr-data";
}
{
inherit address credentials;
remotePath = "patri-paperless";
}
{
inherit address credentials;
remotePath = "media";
}
];
}