diff options
| -rw-r--r-- | flake.lock | 109 | ||||
| -rw-r--r-- | flake.nix | 17 | ||||
| -rw-r--r-- | nixos/boot.nix | 49 | ||||
| -rw-r--r-- | nixos/configuration.nix | 64 | ||||
| -rw-r--r-- | nixos/default.nix | 25 | ||||
| -rw-r--r-- | nixos/desktop.nix | 72 | ||||
| -rw-r--r-- | nixos/environment.nix | 13 | ||||
| -rw-r--r-- | nixos/gui.nix | 23 | ||||
| -rw-r--r-- | nixos/hardware/default.nix | 26 | ||||
| -rw-r--r-- | nixos/hardware/hardware-configuration.nix (renamed from nixos/hardware-configuration.nix) | 37 | ||||
| -rw-r--r-- | nixos/locale.nix | 18 | ||||
| -rw-r--r-- | nixos/networking.nix | 72 | ||||
| -rw-r--r-- | nixos/nix.nix | 18 | ||||
| -rw-r--r-- | nixos/services.nix | 28 | ||||
| -rw-r--r-- | nixos/users.nix | 22 |
15 files changed, 275 insertions, 318 deletions
diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..1c87019 --- /dev/null +++ b/flake.lock @@ -0,0 +1,109 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1675935446, + "narHash": "sha256-WajulTn7QdwC7QuXRBavrANuIXE5z+08EdxdRw1qsNs=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "2dce7f1a55e785a22d61668516df62899278c9e4", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "my-nixpkgs": { + "locked": { + "lastModified": 1676204203, + "narHash": "sha256-EXigtR8D4/sbkIXpx4SD5GV2qQJ+LOC9IwnSFRW4TO8=", + "ref": "refs/heads/master", + "rev": "6ea803da80558e269564c99070e92e285cf977ff", + "revCount": 2, + "type": "git", + "url": "file:///home/qaristote/code/nix/my-nixpkgs" + }, + "original": { + "type": "git", + "url": "file:///home/qaristote/code/nix/my-nixpkgs" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1675933606, + "narHash": "sha256-y427VhPQHOKkYvkc9MMsL/2R7M11rQxzsRdRLM3htx8=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "44ae00e02e8036a66c08f4decdece7e3bbbefee2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1675115703, + "narHash": "sha256-4zetAPSyY0D77x+Ww9QBe8RHn1akvIvHJ/kgg8kGDbk=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "2caf4ef5005ecc68141ecb4aac271079f7371c44", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1676335949, + "narHash": "sha256-mnvvqmFhotH++nSovRiIZX4CW8nbr2bEEnWgymzM4z4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "0a25e2c87e784bf7e06e7833ec0e06d34836959a", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "my-nixpkgs": "my-nixpkgs", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs_2" + } + }, + "utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} @@ -1,11 +1,20 @@ { inputs = { - my-nixpkgs = "git+file:///home/qaristote/code/nix/my-nixpkgs"; + my-nixpkgs.url = "git+file:///home/qaristote/code/nix/my-nixpkgs"; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + home-manager.url = "github:nix-community/home-manager"; }; - outputs = { self, nixpkgs }: { + + outputs = { self, nixpkgs, my-nixpkgs, nixos-hardware, home-manager }: + let system = "x86_64-linux"; in { nixosConfigurations.latitude-7490 = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ ./nixos/configuration.nix ]; + inherit system; + specialArgs = { inherit nixos-hardware home-manager; home.qaristote = import ./home; }; + modules = [ my-nixpkgs.nixosModules.personal ./nixos ]; + }; + homeConfigurations.qaristote = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages."${system}"; + modules = [ ./home ]; }; }; } diff --git a/nixos/boot.nix b/nixos/boot.nix index 1e1f0c0..bbdf1fe 100644 --- a/nixos/boot.nix +++ b/nixos/boot.nix @@ -1,54 +1,7 @@ { config, pkgs, ... }: { - imports = [ # Include the results of the hardware scan. - ./hardware-configuration.nix + personal.boot.grub.enable = true; - <nixos-hardware/dell/latitude/7490> - <nixos-hardware/common/pc/ssd> - ]; - - # Bootloader - boot.loader = { - efi = { canTouchEfiVariables = true; }; - grub = { - enable = true; - version = 2; - efiSupport = true; - enableCryptodisk = true; - device = "nodev"; - # extraEntries = - # # Recovery mode - # # Generate the image with generate-recovery.sh - # '' - # menuentry "NixOS - Recovery" { - # search --set=drive1 -fs-uuid 330B-45DE - # linux ($drive1)//kernels/recovery-linux-bzImage loglevel=4 - # initrd ($drive1)//kernels/recovery-initrd - # } - # ''; - }; - }; - - # Decrypt disk - boot.initrd.luks.devices = { - sda3_crypt = { - name = "sda3_crypt"; - device = "/dev/disk/by-uuid/ba5dc9cd-3a73-4a01-880b-8720844307ae"; - preLVM = true; - }; - }; - - # Kernel - boot.initrd.availableKernelModules = [ "usb_storage" ]; - boot.kernelParams = [ "i915.dc_enable=0" "intel_idle.max_cstate=1" ]; boot.kernelPackages = pkgs.linuxPackages_latest; - - # Hardware - hardware.firmware = with pkgs; [ firmwareLinuxNonfree ]; - ## mcelog - hardware.mcelog.enable = true; - services.udev.extraRules = '' - ACTION=="add", KERNEL=="mcelog", SUBSYSTEM=="misc", TAG+="systemd", ENV{SYSTEMD_WANTS}+="mcelog.service" - ''; } diff --git a/nixos/configuration.nix b/nixos/configuration.nix deleted file mode 100644 index 2143307..0000000 --- a/nixos/configuration.nix +++ /dev/null @@ -1,64 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ lib, config, pkgs, ... }: - -{ - imports = [ - <home-manager/nixos> - - ./boot.nix - ./locale.nix - ./networking.nix - ./desktop.nix - ./users.nix - ./services.nix - ]; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ vim busybox coreutils openssl ]; - nixpkgs.config = { allowUnfree = true; }; - - nix = { - settings = { - auto-optimise-store = true; - experimental-features = [ "nix-command" "flakes" ]; - # Binary Cache for Haskell.nix - trusted-public-keys = [ - "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" - ]; - substituters = [ - "https://cache.iog.io" - ]; - }; - gc = { - automatic = true; - dates = "daily"; - options = "--delete-old"; - }; - }; - system.autoUpgrade = { - enable = true; - flags = [ "--upgrade-all" ]; - }; - systemd.services.nix-gc.after = - lib.mkIf config.system.autoUpgrade.enable [ "nixos-upgrade.service" ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "20.09"; # Did you read the comment? -} diff --git a/nixos/default.nix b/nixos/default.nix new file mode 100644 index 0000000..e6c7a88 --- /dev/null +++ b/nixos/default.nix @@ -0,0 +1,25 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ lib, config, pkgs, ... }: + +{ + imports = [ + ./boot.nix + ./environment.nix + ./gui.nix + ./hardware + ./nix.nix + ./networking.nix + ./users.nix + ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "20.09"; # Did you read the comment? +} diff --git a/nixos/desktop.nix b/nixos/desktop.nix deleted file mode 100644 index f241b49..0000000 --- a/nixos/desktop.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ config, pkgs, nixpkgs, ... }: - -let - # background-image = builtins.path { - # name = "background-image"; - # path = /home/qaristote/.background-image; - # }; - background-image = config.home-manager.users.qaristote.home.wallpaper; -in { - # Configure keymap in X11 - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - sound.enable = true; - hardware.pulseaudio = { - enable = true; - support32Bit = true; - package = pkgs.pulseaudioFull; - extraConfig = '' - load-module module-dbus-protocol - ''; - }; - nixpkgs.config.pulseaudio = true; - - # Enable X server - services.xserver = { - enable = true; - desktopManager.xfce = { - enable = true; - noDesktop = true; - enableXfwm = false; - }; - windowManager.i3.enable = true; - displayManager = { - lightdm = { - enable = true; - background = background-image; - greeters.gtk = { - enable = true; - extraConfig = '' - user-background = false - ''; - theme = { - name = "Arc-Dark"; - package = pkgs.arc-theme; - }; - iconTheme = { - name = "Breeze-dark"; - package = pkgs.breeze-icons; - }; - }; - }; - defaultSession = "xfce+i3"; - }; - # Hardware - libinput.enable = true; - layout = "fr"; - autoRepeatDelay = 200; - }; - - programs.steam.enable = true; - - # Allow all users to change hardware settings (brightness, backlight) - services.udev.extraRules = '' - ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness" - ACTION=="add", SUBSYSTEM=="leds", KERNEL=="dell::kbd_backlight", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/leds/%k/brightness" - ''; -} diff --git a/nixos/environment.nix b/nixos/environment.nix new file mode 100644 index 0000000..a266ca0 --- /dev/null +++ b/nixos/environment.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: + +{ + personal.environment = { + enable = true; + locale.enable = true; + }; + + location = { + latitude = 48.856614; + longitude = 2.3522219; + }; +} diff --git a/nixos/gui.nix b/nixos/gui.nix new file mode 100644 index 0000000..82a1328 --- /dev/null +++ b/nixos/gui.nix @@ -0,0 +1,23 @@ +{ config, pkgs, nixpkgs, ... }: + +let background-image = config.home-manager.users.qaristote.home.wallpaper; +in { + personal.gui = { + enable = true; + xserver.enable = true; + i3.enable = true; + }; + + services.xserver = { + displayManager.lightdm = { + background = background-image; + greeters.gtk = { + extraConfig = '' + user-background = false + ''; + }; + }; + }; + + programs.steam.enable = true; +} diff --git a/nixos/hardware/default.nix b/nixos/hardware/default.nix new file mode 100644 index 0000000..0e8dc15 --- /dev/null +++ b/nixos/hardware/default.nix @@ -0,0 +1,26 @@ +{ nixos-hardware, ... }: + +{ + imports = [ # Include the results of the hardware scan. + ./hardware-configuration.nix + + # Community-curated hardware configuration + nixos-hardware.nixosModules.dell-latitude-7490 + nixos-hardware.nixosModules.common-pc-ssd + ]; + + personal.hardware = { + usb.enable = true; + disks.crypted = "/dev/disk/by-uuid/ba5dc9cd-3a73-4a01-880b-8720844307ae"; + firmwareNonFree.enable = true; + keyboard.keyMap = "fr"; + backlights = { + screen = "intel_backlight"; + keyboard = "dell::kbd_backlight"; + }; + sound.enable = true; + }; + + # faulty Intel CPU + boot.kernelParams = [ "i915.dc_enable=0" "intel_idle.max_cstate=1" ]; +} diff --git a/nixos/hardware-configuration.nix b/nixos/hardware/hardware-configuration.nix index b7f076e..77f7942 100644 --- a/nixos/hardware-configuration.nix +++ b/nixos/hardware/hardware-configuration.nix @@ -4,33 +4,31 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "sd_mod" "rtsx_pci_sdmmc" ]; boot.initrd.kernelModules = [ "dm-snapshot" ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/f5809224-8478-474f-b25d-dde1ada37957"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/f5809224-8478-474f-b25d-dde1ada37957"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/330B-45DE"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/330B-45DE"; + fsType = "vfat"; + }; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/8a6efcde-2361-40d5-a341-62188c014618"; - fsType = "ext4"; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/8a6efcde-2361-40d5-a341-62188c014618"; + fsType = "ext4"; + }; swapDevices = - [ { device = "/dev/disk/by-uuid/0cf1b50c-670c-4dc6-bb91-fc45d6148028"; } - ]; + [{ device = "/dev/disk/by-uuid/0cf1b50c-670c-4dc6-bb91-fc45d6148028"; }]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's @@ -43,5 +41,6 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/nixos/locale.nix b/nixos/locale.nix deleted file mode 100644 index a206259..0000000 --- a/nixos/locale.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ config, ... }: - -{ - time.timeZone = "Europe/Paris"; - location = { - latitude = 48.856614; - longitude = 2.3522219; - }; - - i18n = { - defaultLocale = "fr_FR.utf8"; - extraLocaleSettings.LANG = "en_US.utf8"; - }; - console = { - font = "Lat2-Terminus16"; - keyMap = "fr"; - }; -} diff --git a/nixos/networking.nix b/nixos/networking.nix index 27b92ea..be4f223 100644 --- a/nixos/networking.nix +++ b/nixos/networking.nix @@ -1,30 +1,32 @@ { config, pkgs, ... }: { - networking.hostName = "latitude-7490"; - - # NetworkManager - environment.systemPackages = with pkgs; [ networkmanager ]; - networking.networkmanager = { + personal.networking = { enable = true; - unmanaged = [ "interface-name:ve-*" ]; + bluetooth.enable = true; + networkmanager.enable = true; + firewall = { + syncthing = true; + kdeconnect = true; + }; }; - # Hosts - networking.hosts = { - "10.3.141.1" = [ "raspberrypi.local" ]; - "192.168.1.10" = [ "dionysos.local" ]; - # "10.233.1.2" = [ "searx.aristote.fr" "quentin.aristote.fr" "aristote.fr" ]; - }; + networking = { + hostName = "latitude-7490"; + hosts = { + "10.3.141.1" = [ "raspberrypi.local" ]; + "192.168.1.10" = [ "dionysos.local" ]; + # "10.233.1.2" = [ "searx.aristote.fr" "quentin.aristote.fr" "aristote.fr" ]; + }; - # DHCP - networking.interfaces.enp0s31f6.useDHCP = true; - networking.interfaces.wlp2s0.useDHCP = true; + interfaces = { + enp0s31f6.useDHCP = true; + wlp2s0.useDHCP = true; + }; + }; # NAT - boot.kernel.sysctl = { - "net.ipv4.ip_forward" = 1; - }; + boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1; }; networking = { nat = { enable = true; @@ -32,38 +34,4 @@ externalInterface = "tun0"; }; }; - - # Firewall - networking.firewall = { - enable = true; - allowedTCPPorts = [ - # Syncthing - 22000 - ]; - allowedTCPPortRanges = [ - # KDEConnect - { - from = 1714; - to = 1764; - } - ]; - allowedUDPPorts = [ - # Syncthing - 22000 - 21027 - # Wireguard - # 51820 - ]; - allowedUDPPortRanges = [ - # KDE Connect - { - from = 1714; - to = 1764; - } - ]; - }; - - # Bluetooth - hardware.bluetooth.enable = true; - services.blueman.enable = true; } diff --git a/nixos/nix.nix b/nixos/nix.nix new file mode 100644 index 0000000..01f86e7 --- /dev/null +++ b/nixos/nix.nix @@ -0,0 +1,18 @@ +{ ... }: + +{ + personal.nix = { + enable = true; + autoUpgrade = true; + flake = "git+file:///home/qaristote/code/nix/machines/latitude-7490"; + gc.enable = true; + }; + + system.autoUpgrade.flags = + let update-input = input: [ "--update-input" input ]; + in update-input "home-manager" ++ update-input "nixos-hardware" + ++ [ "--impure" ]; + + # make auto-upgrade service lightweight + systemd.services.nixos-upgrade.unitConfig = { CPUWeight = 1; }; +} diff --git a/nixos/services.nix b/nixos/services.nix deleted file mode 100644 index 908913c..0000000 --- a/nixos/services.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ lib, config, pkgs, ... }: - -{ - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - systemd.services = { - nix-gc-remove-dead-roots = { - enable = true; - description = "Remove dead symlinks in /nix/var/nix/gcroots"; - - serviceConfig.Type = "oneshot"; - - script = "find /nix/var/nix/gcroots -xtype l -delete"; - - before = lib.mkIf config.nix.gc.automatic [ "nix-gc.service" ]; - wantedBy = lib.mkIf config.nix.gc.automatic [ "nix-gc.service" ]; - }; - - nixos-upgrade.unitConfig = { - CPUWeight = 1; - }; - }; - - # virtualisation.docker.enable = true; -} diff --git a/nixos/users.nix b/nixos/users.nix index 2b1a630..b7512e8 100644 --- a/nixos/users.nix +++ b/nixos/users.nix @@ -1,20 +1,16 @@ -{ config, lib, ... }: +{ home, home-manager, ... }: -let cfg = config.users.users; -in { - users.users.qaristote = { - isNormalUser = true; - extraGroups = [ - "wheel" # Enable ‘sudo’ for the user. - "audio" - "networkmanager" - "docker" - ]; +{ + imports = [ home-manager.nixosModules.home-manager ]; + + personal.user = { + enable = true; + name = "qaristote"; }; home-manager = { - users.qaristote = (import (/home/qaristote/.config/nixpkgs)); + users.qaristote = home.qaristote; useGlobalPkgs = false; - useUserPackages = true; # to enable fontconfig inside home-manager + useUserPackages = true; }; } |