panotaka/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/HEAD'

Browse Source
This commit is contained in:
Thomas Syms
2023-12-06 09:03:28 -04:00
parent a38654b964 3832163f7a
commit f99612bd36
15 changed files with 585 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

230
flake.lock generated
View File

@@ -1,5 +1,135 @@
{ {
"nodes": { "nodes": {
"base16": {
"inputs": {
"fromYaml": "fromYaml"
},
"locked": {
"lastModified": 1689633990,
"narHash": "sha256-iwvQg2Vx0IIDWZaKo8Xmzxlv1YPHg+Kp/QSv8dRv0RY=",
"owner": "SenchoPens",
"repo": "base16.nix",
"rev": "dddf2e1c04845d43c89a8e9e37d574519649a404",
"type": "github"
},
"original": {
"owner": "SenchoPens",
"repo": "base16.nix",
"type": "github"
}
},
"base16-alacritty": {
"flake": false,
"locked": {
"lastModified": 1674275109,
"narHash": "sha256-Adwx9yP70I6mJrjjODOgZJjt4OPPe8gJu7UuBboXO4M=",
"owner": "aarowill",
"repo": "base16-alacritty",
"rev": "63d8ae5dfefe5db825dd4c699d0cdc2fc2c3eaf7",
"type": "github"
},
"original": {
"owner": "aarowill",
"repo": "base16-alacritty",
"type": "github"
}
},
"base16-fish": {
"flake": false,
"locked": {
"lastModified": 1622559957,
"narHash": "sha256-PebymhVYbL8trDVVXxCvZgc0S5VxI7I1Hv4RMSquTpA=",
"owner": "tomyun",
"repo": "base16-fish",
"rev": "2f6dd973a9075dabccd26f1cded09508180bf5fe",
"type": "github"
},
"original": {
"owner": "tomyun",
"repo": "base16-fish",
"type": "github"
}
},
"base16-foot": {
"flake": false,
"locked": {
"lastModified": 1696725948,
"narHash": "sha256-65bz2bUL/yzZ1c8/GQASnoiGwaF8DczlxJtzik1c0AU=",
"owner": "tinted-theming",
"repo": "base16-foot",
"rev": "eedbcfa30de0a4baa03e99f5e3ceb5535c2755ce",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-foot",
"type": "github"
}
},
"base16-helix": {
"flake": false,
"locked": {
"lastModified": 1696727917,
"narHash": "sha256-FVrbPk+NtMra0jtlC5oxyNchbm8FosmvXIatkRbYy1g=",
"owner": "tinted-theming",
"repo": "base16-helix",
"rev": "dbe1480d99fe80f08df7970e471fac24c05f2ddb",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-helix",
"type": "github"
}
},
"base16-kitty": {
"flake": false,
"locked": {
"lastModified": 1665001328,
"narHash": "sha256-aRaizTYPpuWEcvoYE9U+YRX+Wsc8+iG0guQJbvxEdJY=",
"owner": "kdrag0n",
"repo": "base16-kitty",
"rev": "06bb401fa9a0ffb84365905ffbb959ae5bf40805",
"type": "github"
},
"original": {
"owner": "kdrag0n",
"repo": "base16-kitty",
"type": "github"
}
},
"base16-tmux": {
"flake": false,
"locked": {
"lastModified": 1696725902,
"narHash": "sha256-wDPg5elZPcQpu7Df0lI5O8Jv4A3T6jUQIVg63KDU+3Q=",
"owner": "tinted-theming",
"repo": "base16-tmux",
"rev": "c02050bebb60dbb20cb433cd4d8ce668ecc11ba7",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-tmux",
"type": "github"
}
},
"base16-vim": {
"flake": false,
"locked": {
"lastModified": 1663659192,
"narHash": "sha256-uJvaYYDMXvoo0fhBZUhN8WBXeJ87SRgof6GEK2efFT0=",
"owner": "chriskempson",
"repo": "base16-vim",
"rev": "3be3cd82cd31acfcab9a41bad853d9c68d30478d",
"type": "github"
},
"original": {
"owner": "chriskempson",
"repo": "base16-vim",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -20,6 +150,38 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"fromYaml": {
"flake": false,
"locked": {
"lastModified": 1689549921,
"narHash": "sha256-iX0pk/uB019TdBGlaJEWvBCfydT6sRq+eDcGPifVsCM=",
"owner": "SenchoPens",
"repo": "fromYaml",
"rev": "11fbbbfb32e3289d3c631e0134a23854e7865c84",
"type": "github"
},
"original": {
"owner": "SenchoPens",
"repo": "fromYaml",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -40,6 +202,27 @@
"type": "github" "type": "github"
} }
}, },
"home-manager_2": {
"inputs": {
"nixpkgs": [
"stylix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1700847865,
"narHash": "sha256-uWaOIemGl9LF813MW0AEgCBpKwFo2t1Wv3BZc6e5Frw=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "8cedd63eede4c22deb192f1721dd67e7460e1ebe",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1700392353, "lastModified": 1700392353,
@@ -72,12 +255,57 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": {
"locked": {
"lastModified": 1700856099,
"narHash": "sha256-RnEA7iJ36Ay9jI0WwP+/y4zjEhmeN6Cjs9VOFBH7eVQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0bd59c54ef06bc34eca01e37d689f5e46b3fe2f1",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"disko": "disko", "disko": "disko",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs",
"stylix": "stylix"
}
},
"stylix": {
"inputs": {
"base16": "base16",
"base16-alacritty": "base16-alacritty",
"base16-fish": "base16-fish",
"base16-foot": "base16-foot",
"base16-helix": "base16-helix",
"base16-kitty": "base16-kitty",
"base16-tmux": "base16-tmux",
"base16-vim": "base16-vim",
"flake-compat": "flake-compat",
"home-manager": "home-manager_2",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1701532764,
"narHash": "sha256-Jrizp/nITbul2HBIraQRDw5lyJnzTsj0K9wZUFYX2gg=",
"owner": "danth",
"repo": "stylix",
"rev": "17a452c5d58bb90057d49c7e3e613b5e6dc1c0f4",
"type": "github"
},
"original": {
"owner": "danth",
"repo": "stylix",
"type": "github"
} }
} }
}, },

26
flake.nix
View File

@@ -4,13 +4,18 @@
experimental-features = [ "nix-command" "flakes" ]; experimental-features = [ "nix-command" "flakes" ];
}; };
inputs = { inputs = {
# System
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master";
disko.url = "github:nix-community/disko"; disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs"; disko.inputs.nixpkgs.follows = "nixpkgs";
# Home Manager
home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
# Theming
stylix.url = "github:danth/stylix";
}; };
outputs = outputs =
inputs@{ self, nixpkgs, home-manager, ... }: inputs@{ self, nixpkgs, home-manager, ... }:
@@ -20,19 +25,6 @@
in in
{ {
nixosConfigurations = { nixosConfigurations = {
/* nixos-test = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./hosts/nixos-test
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = inputs;
home-manager.users.panotaka = import ./home;
}
];
};*/
Equinox = nixpkgs.lib.nixosSystem Equinox = nixpkgs.lib.nixosSystem
{ {
system = "x86_64-linux"; system = "x86_64-linux";
@@ -54,6 +46,10 @@
]; ];
}; };
} }
# Commenting out for now. Stylix seems to be broken.
/* inputs.stylix.nixosModules.stylix
./themes/targets/all.nix
./themes/sandstone-forest */
]; ];
}; };
}; };

2
home/default.nix
View File

@@ -15,7 +15,7 @@
# You can update Home Manager without changing this value. See # You can update Home Manager without changing this value. See
# the Home Manager release notes for a list of state version # the Home Manager release notes for a list of state version
# changes in each release. # changes in each release.
stateVersion = "23.05"; stateVersion = "23.11";
}; };
# Let Home Manager install and manage itself. # Let Home Manager install and manage itself.

8
home/desktop/common.nix
View File

@@ -3,5 +3,13 @@
# Work-specific programs # Work-specific programs
teams-for-linux teams-for-linux
# Creative tools
blender
inkscape
# Productivity tools
libreoffice-qt
hunspell
hunspellDicts.en_CA
]; ];
} }

16
home/shell/default.nix
View File

@@ -1,19 +1,19 @@
{ config, ... }: { config, ... }:
{ {
imports = [ imports = [
./nushell
./zsh
./fish
./common.nix
./starship.nix
./git.nix
./eza.nix
./atuin.nix ./atuin.nix
./autojump.nix ./autojump.nix
./bat.nix ./bat.nix
./common.nix
./direnv.nix ./direnv.nix
./tldr.nix ./eza.nix
./fish
./git.nix
./nushell
./rmtrash.nix ./rmtrash.nix
./starship.nix
./tldr.nix
./zsh
]; ];
} }

5
home/shell/fish/default.nix
View File

@@ -3,6 +3,11 @@
, ... , ...
}: }:
{ {
home.packages = with pkgs; [
grc
];
programs.fish = { programs.fish = {
enable = true; enable = true;

317
home/shell/starship.nix
View File

@@ -4,73 +4,280 @@
enable = true; enable = true;
settings = { settings = {
add_newline = false; add_newline = false;
format = lib.concatStrings [ character = {
"[](blue)" success_symbol = "[>](bold green)";
"[$username:$hostname](bold white bg:blue)" error_symbol = "[x](bold red)";
"[](bg:#769ff0 fg:blue)" vimcmd_symbol = "[<](bold green)";
"$directory"
"[](fg:#769ff0 bg:#394260)"
"$git_branch"
"$git_status"
"[](fg:#394260 bg:#212736)"
"[](fg:#212736 bg:#1d2230)"
"$time"
"[ ](fg:#1d2230)"
" $character"
];
command_timeout = 5000;
# Disable the blank line at the start of the prompt
# add_newline = false
# You can also replace your username with a neat symbol like  to save some space
username = {
show_always = true;
format = "$user";
}; };
hostname = { git_commit = {
ssh_only = false; tag_symbol = " tag ";
format = "$hostname"; };
disabled = false;
git_status = {
ahead = ">";
behind = "<";
diverged = "<>";
renamed = "r";
deleted = "x";
};
aws = {
symbol = "aws ";
};
azure = {
symbol = "az ";
};
bun = {
symbol = "bun ";
};
c = {
symbol = "C ";
};
cobol = {
symbol = "cobol ";
};
conda = {
symbol = "conda ";
};
crystal = {
symbol = "cr ";
};
cmake = {
symbol = "cmake ";
};
daml = {
symbol = "daml ";
};
dart = {
symbol = "dart ";
};
deno = {
symbol = "deno ";
};
dotnet = {
symbol = ".NET ";
}; };
directory = { directory = {
style = "fg:#e3e5e5 bg:#769ff0"; read_only = " ro";
format = "[ $path ]($style)";
truncation_length = 3;
truncation_symbol = "/";
}; };
# Here is how you can shorten some long paths by text replacement docker_context = {
# similar to mapped_locations in Oh My Posh: symbol = "docker ";
directory.substitutions = {
"Documents" = "󰈙 ";
"Downloads" = " ";
"Music" = " ";
"Pictures" = " ";
}; };
# Keep in mind that the order matters. For ezample:
# "Important Documents" = "  " elixir = {
# will not be replaced, because "Documents" was already substituted before. symbol = "exs ";
# So either put "Important Documents" before "Documents" or use the substituted version: };
# "Important  " = "  "
elm = {
symbol = "elm ";
};
fennel = {
symbol = "fnl ";
};
fossil_branch = {
symbol = "fossil ";
};
gcloud = {
symbol = "gcp ";
};
git_branch = { git_branch = {
symbol = ""; symbol = "git ";
style = "bg:#4C566A";
format = "[ $symbol $branch ]($style)";
}; };
git_status = {
style = "bg:#394260"; golang = {
format = symbol = "go ";
"[[($all_status$ahead_behind )](fg:#769ff0 bg:#394260)]($style)";
}; };
time = {
disabled = false; gradle = {
time_format = "%R"; symbol = "gradle ";
style = "bg:#33658A";
format = "[ $time ]($style)";
}; };
guix_shell = {
symbol = "guix ";
};
hg_branch = {
symbol = "hg ";
};
java = {
symbol = "java ";
};
julia = {
symbol = "jl ";
};
kotlin = {
symbol = "kt ";
};
lua = {
symbol = "lua ";
};
nodejs = {
symbol = "nodejs ";
};
memory_usage = {
symbol = "memory ";
};
meson = {
symbol = "meson ";
};
nim = {
symbol = "nim ";
};
nix_shell = {
symbol = "nix ";
};
ocaml = {
symbol = "ml ";
};
opa = {
symbol = "opa ";
};
os.symbols = {
Alpaquita = "alq ";
Alpine = "alp ";
Amazon = "amz ";
Android = "andr ";
Arch = "rch ";
Artix = "atx ";
CentOS = "cent ";
Debian = "deb ";
DragonFly = "dfbsd ";
Emscripten = "emsc ";
EndeavourOS = "ndev ";
Fedora = "fed ";
FreeBSD = "fbsd ";
Garuda = "garu ";
Gentoo = "gent ";
HardenedBSD = "hbsd ";
Illumos = "lum ";
Linux = "lnx ";
Mabox = "mbox ";
Macos = "mac ";
Manjaro = "mjo ";
Mariner = "mrn ";
MidnightBSD = "mid ";
Mint = "mint ";
NetBSD = "nbsd ";
NixOS = "nix ";
OpenBSD = "obsd ";
OpenCloudOS = "ocos ";
openEuler = "oeul ";
openSUSE = "osuse ";
OracleLinux = "orac ";
Pop = "pop ";
Raspbian = "rasp ";
Redhat = "rhl ";
RedHatEnterprise = "rhel ";
Redox = "redox ";
Solus = "sol ";
SUSE = "suse ";
Ubuntu = "ubnt ";
Unknown = "unk ";
Windows = "win ";
};
package = {
symbol = "pkg ";
};
perl = {
symbol = "pl ";
};
php = {
symbol = "php ";
};
pijul_channel = {
symbol = "pijul ";
};
pulumi = {
symbol = "pulumi ";
};
purescript = {
symbol = "purs ";
};
python = {
symbol = "py ";
};
raku = {
symbol = "raku ";
};
ruby = {
symbol = "rb ";
};
rust = {
symbol = "rs ";
};
scala = {
symbol = "scala ";
};
spack = {
symbol = "spack ";
};
solidity = {
symbol = "solidity ";
};
status = {
symbol = "x = {(bold red) ";
};
sudo = {
symbol = "sudo ";
};
swift = {
symbol = "swift ";
};
terraform = {
symbol = "terraform ";
};
zig = {
symbol = "zig ";
};
}; };
}; };
} }

3
hosts/Equinox/default.nix
View File

@@ -7,7 +7,7 @@ in
# System version # System version
system.stateVersion = "23.05"; system.stateVersion = "23.11";
imports = [ imports = [
@@ -20,6 +20,7 @@ in
# Import system configuration # Import system configuration
../../modules/system.nix ../../modules/system.nix
../../modules/harden.nix
../../modules/kde.nix ../../modules/kde.nix
]; ];

53
hosts/nixos-test/default.nix
View File

@@ -1,53 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports =
[
../../modules/system.nix
../../modules/i3.nix
# Include the results of the hardware scan.
./hardware-configuration.nix
];
# Bootloader.
boot.loader = {
# efi = {
# canTouchEfiVariables = true;
# efiSysMountPoint = "/boot/efi"; # ← use the same mount point here.
# };
grub = {
enable = true;
device = "/dev/sda"; # "nodev"
efiSupport = false;
useOSProber = true;
#efiInstallAsRemovable = true; # in case canTouchEfiVariables doesn't work for your system
};
};
networking.hostName = "nixos-test"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
networking.defaultGateway = "192.168.5.201";
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

34
hosts/nixos-test/hardware-configuration.nix
View File

@@ -1,34 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-uuid/b779eb19-e43d-4f07-a91f-eb08bd8e1202";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens18.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

23
modules/harden.nix Normal file
View File

@@ -0,0 +1,23 @@
{
networking.firewall.enable = true;
security.sudo.execWheelOnly = true;
security.sudo.wheelNeedsPassword = true;
security.auditd.enable = true;
security.audit.enable = true;
services = {
openssh = {
enable = true;
settings.PermitRootLogin = "no"; # distributed-build.nix requires it
settings.PasswordAuthentication = false;
allowSFTP = false;
};
fail2ban = {
enable = true;
};
};
nix.settings.allowed-users = [ "root" "@users" ];
}

12
modules/system.nix
View File

@@ -1,15 +1,9 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
# Enable CUPS to print documents. # Enable CUPS to print documents.
services.printing.enable = true; services.printing.enable = true;
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = false;
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh = { services.openssh = {
enable = true; enable = true;
@@ -24,15 +18,19 @@
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# Add system packages
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
git
]; ];
# Enable fish shell
programs.fish.enable = true;
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
users.users.panotaka = { users.users.panotaka = {
isNormalUser = true; isNormalUser = true;
description = "panotaka"; description = "panotaka";
extraGroups = [ "networkmanager" "wheel" ]; extraGroups = [ "networkmanager" "wheel" ];
shell = pkgs.fish;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
]; ];
}; };

28
themes/sandstone-forest/default.nix Normal file
View File

@@ -0,0 +1,28 @@
{ config, pkgs, ... }:
{
stylix.image = ./wallpaper.jpg;
stylix.polarity = "dark";
stylix.fonts = {
serif = {
package = pkgs.dejavu_fonts;
name = "DejaVu Serif";
};
sansSerif = {
package = pkgs.dejavu_fonts;
name = "DejaVu Sans";
};
monospace = {
package = pkgs.nerdfonts.override { fonts = [ "JetBrainsMono" ]; };
name = "JetBrainsMono Nerd Font";
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
};
}

BIN
themes/sandstone-forest/wallpaper.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.3 MiB

3
themes/targets/all.nix Normal file
View File

@@ -0,0 +1,3 @@
{
stylix.autoEnable = true;
}