commit 7248fbd4ad348cd1159da69270235998885c64af Author: Aly Raffauf Date: Thu Feb 29 17:06:55 2024 -0500 initial commit diff --git a/Makefile b/Makefile new file mode 100644 index 00000000..12cf0803 --- /dev/null +++ b/Makefile @@ -0,0 +1,3 @@ +install: + cp -r * /etc/nixos/ + echo "You may need to update your configuration.nix now." diff --git a/desktop/default.nix b/desktop/default.nix new file mode 100644 index 00000000..7dd54587 --- /dev/null +++ b/desktop/default.nix @@ -0,0 +1,15 @@ +{ config, pkgs, ... }: + +{ + # Enable the X11 windowing system. + services.xserver.enable = true; + services.xserver.excludePackages = with pkgs; [ + xterm + ]; + + # Configure keymap in X11 + services.xserver = { + layout = "us"; + xkbVariant = ""; + }; +} diff --git a/desktop/gnome/default.nix b/desktop/gnome/default.nix new file mode 100644 index 00000000..c0cc4b13 --- /dev/null +++ b/desktop/gnome/default.nix @@ -0,0 +1,92 @@ +{ config, pkgs, ... }: + +{ + imports = + [ # Include X settings. + ../. + ]; + + # Enable Gnome and GDM. + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + + security.pam.services.gdm.enableKwallet = true; + + services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + + environment.systemPackages = with pkgs; [ + gnome.gnome-software + gnomeExtensions.appindicator + gnomeExtensions.blur-my-shell + gnomeExtensions.gsconnect + gnomeExtensions.night-theme-switcher + gnomeExtensions.noannoyance-fork + gnomeExtensions.tailscale-status + gnomeExtensions.tiling-assistant + # pkgs.libsForQt5.kwalletmanager + ]; + + # Prefer baset set of gnome apps from Flatpaks. + environment.gnome.excludePackages = (with pkgs; [ + baobab + epiphany + evince + gnome-connections + gnome-photos + gnome-text-editor + gnome-tour + loupe + snapshot # webcam tool + ]) ++ (with pkgs.gnome; [ + geary # email reader + gnome-calculator + # gnome-calendar + gnome-characters + gnome-clocks + gnome-contacts + gnome-logs + gnome-music + gnome-weather + sushi + totem # video player + ]); + + services.flatpak.packages = [ + "org.gnome.baobab" + "org.gnome.Builder" + "org.gnome.Calculator" + # "org.gnome.Calendar" + "org.gnome.Characters" + "org.gnome.clocks" + "org.gnome.Connections" + "org.gnome.Contacts" + "org.gnome.Epiphany" + "org.gnome.Evince" + "org.gnome.Fractal" + "org.gnome.Geary" + "org.gnome.Logs" + "org.gnome.Loupe" + "org.gnome.Music" + "org.gnome.NautilusPreviewer" + "org.gnome.Photos" + "org.gnome.Snapshot" + "org.gnome.TextEditor" + "org.gnome.Totem" + "org.gnome.Weather" + ]; + + nixpkgs.overlays = [ + (final: prev: { + gnome = prev.gnome.overrideScope' (gnomeFinal: gnomePrev: { + mutter = gnomePrev.mutter.overrideAttrs ( old: { + src = pkgs.fetchgit { + url = "https://gitlab.gnome.org/vanvugt/mutter.git"; + # GNOME 45: triple-buffering-v4-45 + rev = "0b896518b2028d9c4d6ea44806d093fd33793689"; + sha256 = "sha256-mzNy5GPlB2qkI2KEAErJQzO//uo8yO0kPQUwvGDwR4w="; + }; + } ); + }); + }) + ]; +} diff --git a/desktop/kde/default.nix b/desktop/kde/default.nix new file mode 100644 index 00000000..6bdfadf2 --- /dev/null +++ b/desktop/kde/default.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: + +{ + # Enable the KDE Plasma Desktop Environment. + services.xserver.displayManager.sddm.enable = true; + services.xserver.desktopManager.plasma6.enable = true; + + environment.systemPackages = with pkgs; [ + kate + yakuake + libsForQt5.kio-gdrive + libsForQt5.kimageformats + libsForQt5.discover + ]; + + programs.kdeconnect.enable = true; +# nixpkgs.config.firefox.enablePlasmaBrowserIntegration = true; +# nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland --enable-features=WaylandWindowDecorations --ozone-platform-hint=auto"; + services.gnome.gnome-keyring.enable = true; + security.pam.services.sddm.enableGnomeKeyring = true; + services.packagekit.enable = true; +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 00000000..2093d3f7 --- /dev/null +++ b/flake.lock @@ -0,0 +1,82 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1706981411, + "narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "652fda4ca6dafeb090943422c34ae9145787af37", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-23.11", + "repo": "home-manager", + "type": "github" + } + }, + "nix-flatpak": { + "locked": { + "lastModified": 1708781964, + "narHash": "sha256-qbEZgB1mNuMADLmM64EtcRjDHXR3UFL4xVmoanv9wZU=", + "owner": "gmodena", + "repo": "nix-flatpak", + "rev": "09d07c73b4d9771f527a168e0b1b6d8a1f39de28", + "type": "github" + }, + "original": { + "owner": "gmodena", + "repo": "nix-flatpak", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1709147990, + "narHash": "sha256-vpXMWoaCtMYJ7lisJedCRhQG9BSsInEyZnnG5GfY9tQ=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "33a97b5814d36ddd65ad678ad07ce43b1a67f159", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1709128929, + "narHash": "sha256-GWrv9a+AgGhG4/eI/CyVVIIygia7cEy68Huv3P8oyaw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c8e74c2f83fe12b4e5a8bd1abbc090575b0f7611", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nix-flatpak": "nix-flatpak", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 00000000..ab4e2625 --- /dev/null +++ b/flake.nix @@ -0,0 +1,77 @@ +{ + description = "Aly's NixOS configuration."; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11"; + # handles flatpaks + nix-flatpak.url = "github:gmodena/nix-flatpak"; # unstable branch. Use github:gmodena/nix-flatpak/?ref= to pin releases. + # home-manager, used for managing user configuration + home-manager = { + url = "github:nix-community/home-manager/release-23.11"; + # The `follows` keyword in inputs is used for inheritance. + # Here, `inputs.nixpkgs` of home-manager is kept consistent with + # the `inputs.nixpkgs` of the current flake, + # to avoid problems caused by different versions of nixpkgs. + inputs.nixpkgs.follows = "nixpkgs"; + }; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + }; + + outputs = inputs@{ nixpkgs, nix-flatpak, home-manager, nixos-hardware, ... }: { + nixosConfigurations = { + # TODO please change the hostname to your own + rustboro = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + nix-flatpak.nixosModules.nix-flatpak + ./hosts/rustboro + ./nix + ./flatpak + ./hardware/sound + ./network + ./desktop/gnome + ./hardware/qmk + ./hardware/steam + + # make home-manager as a module of nixos + # so that home-manager configuration will be deployed automatically when executing `nixos-rebuild switch` + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + + # TODO replace aly with your own username + home-manager.users.aly = import ./home/aly; + + # Optionally, use home-manager.extraSpecialArgs to pass arguments to home.nix + } + # nixos-hardware configuration for t440p + nixos-hardware.nixosModules.lenovo-thinkpad-t440p + ]; + }; + aly-yoga9i = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + nix-flatpak.nixosModules.nix-flatpak + ./configuration.nix + ./nix + ./flatpak + ./hardware/sound + ./network + ./desktop/gnome + + # make home-manager as a module of nixos + # so that home-manager configuration will be deployed automatically when executing `nixos-rebuild switch` + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + + home-manager.users.aly = import ./users/aly.nix; + + } + ]; + }; + }; + }; +} \ No newline at end of file diff --git a/flatpak/default.nix b/flatpak/default.nix new file mode 100644 index 00000000..548fe57a --- /dev/null +++ b/flatpak/default.nix @@ -0,0 +1,57 @@ +{ config, pkgs, ... }: + +{ + xdg.portal.enable = true; + + services.flatpak.enable = true; + services.flatpak.packages = [ + { appId = "com.brave.Browser"; origin = "flathub"; } + "com.valvesoftware.Steam" + "org.mozilla.firefox" + "com.github.tchx84.Flatseal" + ]; + services.flatpak.overrides = { + global = { + # Force Wayland by default + # Context.sockets = ["wayland" "!x11" "!fallback-x11"]; + + # Environment = { + # # Fix un-themed cursor in some Wayland apps + # XCURSOR_PATH = "/run/host/user-share/icons:/run/host/share/icons"; + + # # # Force correct theme for some GTK apps + # # GTK_THEME = "Adwaita:dark"; + # }; + }; + + "com.visualstudio.code".Context = { + filesystems = [ + "xdg-config/git:ro" # Expose user Git config + "/run/current-system/sw/bin:ro" # Expose NixOS managed software + ]; + sockets = [ + "gpg-agent" # Expose GPG agent + "pcsc" # Expose smart cards (i.e. YubiKey) + ]; + }; + + "org.onlyoffice.desktopeditors".Context.sockets = ["x11"]; # No Wayland support + }; + system.fsPackages = [ pkgs.bindfs ]; + fileSystems = let + mkRoSymBind = path: { + device = path; + fsType = "fuse.bindfs"; + options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ]; + }; + aggregatedFonts = pkgs.buildEnv { + name = "system-fonts"; + paths = config.fonts.fonts; + pathsToLink = [ "/share/fonts" ]; + }; + in { + # Create an FHS mount to support flatpak host icons/fonts + "/usr/share/icons" = mkRoSymBind (config.system.path + "/share/icons"); + "/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts"); + }; +} diff --git a/gaming/default.nix b/gaming/default.nix new file mode 100644 index 00000000..fe61b557 --- /dev/null +++ b/gaming/default.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: + +{ + # List packages installed in system profile. To search, run: + # $ nix search wget +# environment.systemPackages = with pkgs; [ +# ]; + + # users.users.aly.packages = with pkgs; [ + # #heroic + # # openrct2 + # ]; + programs.steam = { + enable = true; + remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play + dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server + }; +} diff --git a/hardware/qmk/default.nix b/hardware/qmk/default.nix new file mode 100644 index 00000000..b95190ec --- /dev/null +++ b/hardware/qmk/default.nix @@ -0,0 +1,5 @@ +{ config, pkgs, ... }: + +{ + hardware.keyboard.qmk.enable= true; +} diff --git a/hardware/sound/default.nix b/hardware/sound/default.nix new file mode 100644 index 00000000..4fc6880d --- /dev/null +++ b/hardware/sound/default.nix @@ -0,0 +1,24 @@ +{ config, pkgs, lib, ... }: + +{ + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio = { + enable = false; + # Enables extra codecs like aptx. + package = pkgs.pulseaudioFull; + }; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; +} \ No newline at end of file diff --git a/hardware/steam/default.nix b/hardware/steam/default.nix new file mode 100644 index 00000000..3eaff602 --- /dev/null +++ b/hardware/steam/default.nix @@ -0,0 +1,5 @@ +{ config, pkgs, ... }: + +{ + hardware.steam-hardware.enable = true; +} diff --git a/home/aly/default.nix b/home/aly/default.nix new file mode 100644 index 00000000..d69bf923 --- /dev/null +++ b/home/aly/default.nix @@ -0,0 +1,71 @@ +{ config, pkgs, ... }: + +{ + # TODO please change the username & home directory to your own + home.username = "aly"; + home.homeDirectory = "/home/aly"; + + # Packages that should be installed to the user profile. + home.packages = with pkgs; [ + # here is some command line tools I use frequently + # feel free to add your own or remove some of them + + neofetch + nnn # terminal file manager + + # utils + eza # A modern replacement for ‘ls’ + fzf # A command-line fuzzy finder + ]; + + # basic configuration of git, please change to your own + programs.git = { + enable = true; + userName = "Aly Raffauf"; + userEmail = "alychace@gmail.com"; + }; + + programs.bash = { + enable = true; + enableCompletion = true; + }; + + dconf = { + enable = true; + settings."org/gnome/desktop/interface".clock-format = "12h"; + settings."org/gnome/mutter".edge-tiling = true; + settings."org/gnome/mutter".dynamic-workspaces = true; + settings."org/gnome/desktop/interface".enable-hot-corners = true; + settings."org/gnome/desktop/datetime".automatic-timezone = true; + settings."org/gtk/settings/file-chooser".sort-directories-first = true; + settings."org/gtk/gtk4/settings/file-chooser".sort-directories-first = true; + settings."org/gnome/shell/extensions/blur-my-shell/panel".customize = true; + settings."org/gnome/shell/extensions/blur-my-shell/panel".override-background-dynamically = "true"; + settings."org/gnome/shell/extensions/blur-my-shell/panel".unblur-in-overview = true; + settings."org/gnome/shell/extensions/blur-my-shell/overview".style-components = 3; + settings."org/gnome/system/location".enabled = true; + settings."org/gnome/desktop/wm/preferences".auto-raise = true; + settings."org/gnome/desktop/search-providers".enabled = "['org.gnome.Calendar.desktop', 'org.gnome.Weather.desktop', 'org.gnome.Contacts.desktop', 'org.gnome.Calculator.desktop', 'org.gnome.Characters.desktop', 'org.gnome.clocks.desktop']"; + settings."org/gnome/shell".enabled-extensions = [ + "appindicatorsupport@rgcjonas.gmail.com" + "gsconnect@andyholmes.github.io" + "tailscale-status@maxgallup.github.com" + "nightthemeswitcher@romainvigier.fr" + "tiling-assistant@leleat-on-github" + "blur-my-shell@aunetx" + "noannoyance-fork@vrba.dev" + ]; + }; + # This value determines the home Manager release that your + # configuration is compatible with. This helps avoid breakage + # when a new home Manager release introduces backwards + # incompatible changes. + # + # You can update home Manager without changing this value. See + # the home Manager release notes for a list of state version + # changes in each release. + home.stateVersion = "23.11"; + + # Let home Manager install and manage itself. + programs.home-manager.enable = true; +} \ No newline at end of file diff --git a/hosts/rustboro/default.nix b/hosts/rustboro/default.nix new file mode 100644 index 00000000..ba384983 --- /dev/null +++ b/hosts/rustboro/default.nix @@ -0,0 +1,72 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # Bootloader. + boot.loader.grub.enable = true; + boot.loader.grub.device = "/dev/sda"; + boot.loader.grub.useOSProber = true; + + networking.hostName = "rustboro"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Enable networking + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "America/New_York"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.aly = { + isNormalUser = true; + description = "Aly Raffauf"; + extraGroups = [ "networkmanager" "wheel" "docker" ]; + }; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + git + wget + curl + vim + firefox + vscode + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.11"; # Did you read the comment? +} diff --git a/hosts/rustboro/hardware-configuration.nix b/hosts/rustboro/hardware-configuration.nix new file mode 100644 index 00000000..2afecf4d --- /dev/null +++ b/hosts/rustboro/hardware-configuration.nix @@ -0,0 +1,34 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sr_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/ac40bf74-91e3-4387-8125-6037b7fcd0d6"; + fsType = "ext4"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s25.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wwp0s20u10c2i12.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/network/default.nix b/network/default.nix new file mode 100644 index 00000000..a79041e2 --- /dev/null +++ b/network/default.nix @@ -0,0 +1,46 @@ +{ config, pkgs, ... }: + +{ + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Enable avahi. + services.avahi.enable = true; + services.avahi.nssmdns = true; + services.avahi.publish.enable = true; + services.avahi.publish.addresses = true; + services.avahi.publish.workstation = true; + # for a WiFi printer + services.avahi.openFirewall = true; + + hardware.bluetooth.enable = true; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # Set up syncthing to run as aly. + services = { + syncthing = { + enable = true; + user = "aly"; + dataDir = "/home/aly"; # Default folder for new synced folders + configDir = "/home/aly/.config/syncthing"; # Folder for Syncthing's settings and keys + }; + }; +} + diff --git a/network/sshd/default.nix b/network/sshd/default.nix new file mode 100644 index 00000000..b6811543 --- /dev/null +++ b/network/sshd/default.nix @@ -0,0 +1,13 @@ +{ config, pkgs, ... }: + +{ + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + # List services that you want to enable: + # Enable the OpenSSH daemon. + services.openssh.enable = true; + networking.firewall.allowedTCPPorts = [ 22 ]; +} diff --git a/nix/default.nix b/nix/default.nix new file mode 100644 index 00000000..64a71091 --- /dev/null +++ b/nix/default.nix @@ -0,0 +1,27 @@ +{ config, pkgs, ... }: + +{ + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + system.autoUpgrade.enable = false; + system.autoUpgrade.allowReboot = false; + + # Delete generations older than 2 days. + nix.gc = { + automatic = true; + dates = "daily"; + options = "--delete-older-than 7d"; + }; + + # Automatically optimize the Nix store in the background. + nix.settings.auto-optimise-store = true; + + # Run GC when there is less than 100MiB left. + nix.extraOptions = '' + min-free = ${toString (100 * 1024 * 1024)} + max-free = ${toString (1024 * 1024 * 1024)} + ''; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; +}