summaryrefslogtreecommitdiff
path: root/nixos
diff options
context:
space:
mode:
Diffstat (limited to 'nixos')
-rw-r--r--nixos/boot.nix38
-rw-r--r--nixos/configuration.nix51
-rw-r--r--nixos/desktop.nix63
-rw-r--r--nixos/hardware-configuration.nix33
-rw-r--r--nixos/locale.nix15
-rw-r--r--nixos/networking.nix68
-rw-r--r--nixos/services.nix19
-rw-r--r--nixos/users.nix18
8 files changed, 305 insertions, 0 deletions
diff --git a/nixos/boot.nix b/nixos/boot.nix
new file mode 100644
index 0000000..8c7b28c
--- /dev/null
+++ b/nixos/boot.nix
@@ -0,0 +1,38 @@
+{ config, ... }:
+
+{
+ imports = [ # Include the results of the hardware scan.
+ ./hardware-configuration.nix
+ ];
+
+ boot.loader = {
+ systemd-boot.enable = true;
+ efi = { canTouchEfiVariables = true; };
+ grub = {
+ enable = true;
+ version = 2;
+ efiSupport = true;
+ enableCryptodisk = true;
+ device = "nodev";
+ # extraEntries =
+ # # Recovery mode
+ # # Generate the image with generate-recovery.sh
+ # ''
+ # menuentry "NixOS - Recovery" {
+ # search --set=drive1 -fs-uuid 330B-45DE
+ # linux ($drive1)//kernels/recovery-linux-bzImage loglevel=4
+ # initrd ($drive1)//kernels/recovery-initrd
+ # }
+ # '';
+ };
+ };
+
+ # Decrypt disk
+ boot.initrd.luks.devices = {
+ sda3_crypt = {
+ name = "sda3_crypt";
+ device = "/dev/disk/by-uuid/ba5dc9cd-3a73-4a01-880b-8720844307ae";
+ preLVM = true;
+ };
+ };
+}
diff --git a/nixos/configuration.nix b/nixos/configuration.nix
new file mode 100644
index 0000000..85f432e
--- /dev/null
+++ b/nixos/configuration.nix
@@ -0,0 +1,51 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+ imports = [
+ <home-manager/nixos>
+
+ ./boot.nix
+ ./locale.nix
+ ./networking.nix
+ ./desktop.nix
+ ./users.nix
+ ./services.nix
+ ];
+
+ # List packages installed in system profile. To search, run:
+ # $ nix search wget
+ environment.systemPackages = with pkgs; [ vim busybox coreutils openssl ];
+ nixpkgs.config = { allowUnfree = true; };
+
+ nix = {
+ # package = pkgs.nixUnstable;
+ # extraOptions = ''
+ # experimental-features = nix-command flakes
+ # '';
+ autoOptimiseStore = true;
+ gc = {
+ automatic = false;
+ dates = "weekly";
+ };
+ };
+
+ # Some programs need SUID wrappers, can be configured further or are
+ # started in user sessions.
+ # programs.mtr.enable = true;
+ # programs.gnupg.agent = {
+ # enable = true;
+ # enableSSHSupport = true;
+ # };
+
+ # This value determines the NixOS release from which the default
+ # settings for stateful data, like file locations and database versions
+ # on your system were taken. It‘s perfectly fine and recommended to leave
+ # this value at the release version of the first install of this system.
+ # Before changing this value read the documentation for this option
+ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+ system.stateVersion = "20.09"; # Did you read the comment?
+}
diff --git a/nixos/desktop.nix b/nixos/desktop.nix
new file mode 100644
index 0000000..bf9909f
--- /dev/null
+++ b/nixos/desktop.nix
@@ -0,0 +1,63 @@
+{ config, pkgs, nixpkgs, ... }:
+
+let
+ # background-image = builtins.path {
+ # name = "background-image";
+ # path = /home/qaristote/.background-image;
+ # };
+ background-image = config.home-manager.users.qaristote.home.wallpaper;
+in {
+ # Configure keymap in X11
+ # services.xserver.layout = "us";
+ # services.xserver.xkbOptions = "eurosign:e";
+
+ # Enable CUPS to print documents.
+ # services.printing.enable = true;
+
+ # Enable sound.
+ sound.enable = true;
+ hardware.pulseaudio = {
+ enable = true;
+ support32Bit = true;
+ package = pkgs.pulseaudioFull;
+ extraConfig = ''
+ load-module module-dbus-protocol
+ '';
+ };
+ nixpkgs.config.pulseaudio = true;
+
+ # Enable X server
+ services.xserver = {
+ enable = true;
+ desktopManager.xfce.enable = true;
+ windowManager.i3.enable = true;
+ displayManager = {
+ lightdm = {
+ enable = true;
+ background = background-image;
+ greeters.gtk = {
+ enable = true;
+ theme = {
+ name = "Arc-Dark";
+ package = pkgs.arc-theme;
+ };
+ iconTheme = {
+ name = "Breeze-dark";
+ package = pkgs.breeze-icons;
+ };
+ };
+ };
+ defaultSession = "xfce+i3";
+ };
+ # Hardware
+ libinput.enable = true;
+ layout = "fr";
+ autoRepeatDelay = 200;
+ };
+
+ # Enable all users to change hardware settings (brightness, backlight)
+ services.udev.extraRules = ''
+ ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness"
+ ACTION=="add", SUBSYSTEM=="leds", KERNEL=="dell::kbd_backlight", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/leds/%k/brightness"
+ '';
+}
diff --git a/nixos/hardware-configuration.nix b/nixos/hardware-configuration.nix
new file mode 100644
index 0000000..b308ee1
--- /dev/null
+++ b/nixos/hardware-configuration.nix
@@ -0,0 +1,33 @@
+{ lib, pkgs, modulesPath, ... }:
+
+{
+ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+
+ boot.initrd.availableKernelModules =
+ [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+ boot.initrd.kernelModules = [ "dm-snapshot" ];
+ boot.kernelModules = [ "kvm-intel" ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" = {
+ device = "/dev/disk/by-uuid/f5809224-8478-474f-b25d-dde1ada37957";
+ fsType = "ext4";
+ };
+
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/330B-45DE";
+ fsType = "vfat";
+ };
+
+ fileSystems."/home" = {
+ device = "/dev/disk/by-uuid/8a6efcde-2361-40d5-a341-62188c014618";
+ fsType = "ext4";
+ };
+
+ swapDevices =
+ [{ device = "/dev/disk/by-uuid/0cf1b50c-670c-4dc6-bb91-fc45d6148028"; }];
+
+ hardware.firmware = with pkgs; [ firmwareLinuxNonfree ];
+ powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+ programs.steam.enable = true;
+}
diff --git a/nixos/locale.nix b/nixos/locale.nix
new file mode 100644
index 0000000..1c79541
--- /dev/null
+++ b/nixos/locale.nix
@@ -0,0 +1,15 @@
+{ config, ... }:
+
+{
+ time.timeZone = "Europe/Paris";
+ location = {
+ latitude = 48.856614;
+ longitude = 2.3522219;
+ };
+
+ i18n.defaultLocale = "en_US.UTF-8";
+ console = {
+ font = "Lat2-Terminus16";
+ keyMap = "fr";
+ };
+}
diff --git a/nixos/networking.nix b/nixos/networking.nix
new file mode 100644
index 0000000..92111a1
--- /dev/null
+++ b/nixos/networking.nix
@@ -0,0 +1,68 @@
+{ config, pkgs, ... }:
+
+{
+ networking.hostName = "latitude-7490";
+
+ # NetworkManager
+ environment.systemPackages = with pkgs; [ networkmanager ];
+ networking.networkmanager = {
+ enable = true;
+ unmanaged = [ "interface-name:ve-*" ];
+ };
+
+ # Hosts
+ networking.hosts = {
+ "10.3.141.1" = [ "raspberrypi.local" ];
+ "10.233.1.2" = [ "searx.aristote.fr" "quentin.aristote.fr" "aristote.fr" ];
+ };
+
+ # DHCP
+ networking.interfaces.enp0s31f6.useDHCP = true;
+ networking.interfaces.wlp2s0.useDHCP = true;
+
+ # NAT
+ boot.kernel.sysctl = {
+ "net.ipv4.ip_forward" = 1;
+ };
+ networking = {
+ nat = {
+ enable = true;
+ internalInterfaces = [ "ve-+" ];
+ externalInterface = "tun0";
+ };
+ };
+
+ # Firewall
+ networking.firewall = {
+ enable = true;
+ allowedTCPPorts = [
+ # Syncthing
+ 22000
+ ];
+ allowedTCPPortRanges = [
+ # KDEConnect
+ {
+ from = 1714;
+ to = 1764;
+ }
+ ];
+ allowedUDPPorts = [
+ # Syncthing
+ 22000
+ 21027
+ # Wireguard
+ # 51820
+ ];
+ allowedUDPPortRanges = [
+ # KDE Connect
+ {
+ from = 1714;
+ to = 1764;
+ }
+ ];
+ };
+
+ # Bluetooth
+ hardware.bluetooth.enable = true;
+ services.blueman.enable = true;
+}
diff --git a/nixos/services.nix b/nixos/services.nix
new file mode 100644
index 0000000..720bf2b
--- /dev/null
+++ b/nixos/services.nix
@@ -0,0 +1,19 @@
+{ pkgs, config, ... }:
+
+{
+ # List services that you want to enable:
+
+ # Enable the OpenSSH daemon.
+ # services.openssh.enable = true;
+
+ services = {
+ fcron = {
+ enable = true;
+ allow = [ "qaristote" ];
+ systab = ''
+ # Update the system.
+ @daily root sudo ${pkgs.nix}/bin/nix-channel --update; sudo ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch
+ '';
+ };
+ };
+}
diff --git a/nixos/users.nix b/nixos/users.nix
new file mode 100644
index 0000000..04265e0
--- /dev/null
+++ b/nixos/users.nix
@@ -0,0 +1,18 @@
+{ ... }:
+
+{
+ users.users.qaristote = {
+ isNormalUser = true;
+ extraGroups = [
+ "wheel" # Enable ‘sudo’ for the user.
+ "audio"
+ "networkmanager"
+ ];
+ };
+
+ home-manager = {
+ users.qaristote = import /home/qaristote/.config/nixpkgs;
+ useGlobalPkgs = false;
+ useUserPackages = true; # to enable fontconfig inside home-manager
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-19 07:58:05 +0000