diff --git a/flake.lock b/flake.lock index 7609277..bddcdd6 100644 --- a/flake.lock +++ b/flake.lock @@ -60,6 +60,26 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1706302763, + "narHash": "sha256-Le1wk75qlzOSfzDk8vqYxSdoEyr/ORIbMhziltVNGYw=", + "owner": "nix-community", + "repo": "disko", + "rev": "f7424625dc1f2e4eceac3009cbd1203d566feebc", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, "emacs": { "inputs": { "flake-utils": "flake-utils", @@ -424,6 +444,7 @@ "root": { "inputs": { "agenix": "agenix", + "disko": "disko", "emacs": "emacs", "home-manager": "home-manager_2", "home-manager-unstable": "home-manager-unstable", diff --git a/flake.nix b/flake.nix index 63069cd..aea3c4a 100644 --- a/flake.nix +++ b/flake.nix @@ -40,6 +40,9 @@ url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; + + disko.url = "github:nix-community/disko"; + disko.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = { home-manager, nixpkgs, nixpkgs-unstable, ... }@inputs: { @@ -75,6 +78,12 @@ }; homeConfigurations = import ./outputs/homeConfigurations inputs; + nixosConfigurations."igor" = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ ./hosts/igor ]; + }; + nixOnDroidConfigurations.default = with inputs; nix-on-droid.lib.nixOnDroidConfiguration { modules = [ diff --git a/hosts/dregil/configuration.nix b/hosts/dregil/configuration.nix index a2a7861..51fe3f9 100644 --- a/hosts/dregil/configuration.nix +++ b/hosts/dregil/configuration.nix @@ -16,6 +16,8 @@ in { # Include the results of the hardware scan. ./hardware-configuration.nix # + ../../modules/wm/x.nix + ../../modules/wm/xmonad.nix ]; # Use the systemd-boot EFI boot loader. @@ -36,10 +38,6 @@ in { 127.0.0.1 localhost dregil.localdomain dregil ''; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - i18n = { extraLocaleSettings = { TIME_STYLE = "iso"; }; supportedLocales = @@ -48,40 +46,9 @@ in { console = { font = "Lat2-Terminus16"; - #useXkbConfig = true; # use xkbOptions in tty. keyMap = "dvorak"; }; - # Enable the X11 windowing system. - services.xserver = { - enable = true; - exportConfiguration = true; - - # Configure keymap in X11 - layout = "us"; - - xkbOptions = "terminate:ctrl_alt_bksp,caps:escape,compose:ralt"; - - videoDrivers = [ "nvidia" ]; # "modesetting" ]; - - displayManager.lightdm = { - enable = true; - greeters.slick.enable = true; - }; - - desktopManager.xfce.enable = true; - desktopManager.gnome.enable = true; - - # Enable touchpad support (enabled default in most desktopManager). - libinput = { - enable = true; - touchpad.disableWhileTyping = true; - touchpad.naturalScrolling = true; - mouse.naturalScrolling = - config.services.xserver.libinput.touchpad.naturalScrolling; - }; - }; - fonts = { enableDefaultPackages = true; packages = with pkgs; [ @@ -147,6 +114,8 @@ in { # Enable the OpenSSH daemon. services.openssh.enable = true; + services.blueman.enable = true; + # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; diff --git a/hosts/dregil/hardware-configuration.nix b/hosts/dregil/hardware-configuration.nix index c21e13f..8aba9e8 100644 --- a/hosts/dregil/hardware-configuration.nix +++ b/hosts/dregil/hardware-configuration.nix @@ -4,12 +4,19 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "usbhid" "sd_mod" ]; - boot.initrd.kernelModules = [ "dm-snapshot" "uas" "usbcore" "usb_storage" "vfat" "nls_cp437" "nls_iso8859_1" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ + "dm-snapshot" + "uas" + "usbcore" + "usb_storage" + "vfat" + "nls_cp437" + "nls_iso8859_1" + ]; boot.initrd.luks.devices = { root = { device = "/dev/disk/by-uuid/bebf96d1-2a2b-412c-a5f0-f9ed5730a05f"; @@ -24,33 +31,31 @@ boot.extraModulePackages = [ pkgs.linuxPackages.nvidia_x11 ]; boot.kernelParams = [ "module_blacklist=i915" ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; - fsType = "btrfs"; - options = [ "subvol=root" "compress=zstd" ]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; + fsType = "btrfs"; + options = [ "subvol=root" "compress=zstd" ]; + }; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; - fsType = "btrfs"; - options = [ "subvol=home" "compress=zstd" ]; - }; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; + fsType = "btrfs"; + options = [ "subvol=home" "compress=zstd" ]; + }; - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; - fsType = "btrfs"; - options = [ "subvol=nix" "compress=zstd" "noatime" ]; - }; + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/a88ac058-e704-419e-ba7d-1d0ff4b6f654"; + fsType = "btrfs"; + options = [ "subvol=nix" "compress=zstd" "noatime" ]; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/786D-42D7"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/786D-42D7"; + fsType = "vfat"; + }; swapDevices = - [ { device = "/dev/disk/by-uuid/b8c224ad-095e-4a48-b5b2-a19451fdeb95"; - } - ]; + [{ device = "/dev/disk/by-uuid/b8c224ad-095e-4a48-b5b2-a19451fdeb95"; }]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's @@ -62,22 +67,23 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.nvidia = { - nvidiaSettings = true; - nvidiaPersistenced = true; + nvidiaSettings = true; + nvidiaPersistenced = true; -# modesetting.enable = true; - package = config.boot.kernelPackages.nvidiaPackages.beta; -# prime = { -# offload.enable = true; -# -# intelBusId = "PCI:1:0:0"; -# nvidiaBusId = "PCI:1:0:0"; -# intelBusId = "0@0:2:0"; -# nvidiaBusId = "1@1:0:0"; -# }; + # modesetting.enable = true; + package = config.boot.kernelPackages.nvidiaPackages.beta; + # prime = { + # offload.enable = true; + # + # intelBusId = "PCI:1:0:0"; + # nvidiaBusId = "PCI:1:0:0"; + # intelBusId = "0@0:2:0"; + # nvidiaBusId = "1@1:0:0"; + # }; }; hardware.opengl = { @@ -87,4 +93,5 @@ }; hardware.keyboard.uhk.enable = true; + hardware.bluetooth.enable = true; } diff --git a/hosts/igor/default.nix b/hosts/igor/default.nix new file mode 100644 index 0000000..02d17e9 --- /dev/null +++ b/hosts/igor/default.nix @@ -0,0 +1,65 @@ +{ config, inputs, lib, pkgs, ... }: + +{ + imports = [ + inputs.disko.nixosModules.disko + ../../modules/security.nix + ../../modules/nix-config.nix + ../../modules/iohk.nix + ../../modules/timezone.nix + ../../modules/keybase.nix + ../../modules/ssh.nix + ./disko-config.nix + ]; + + networking = let extIface = "ens3"; + in { + hostName = "igor"; + domain = "failco.de"; + wireless.enable = false; + useDHCP = false; + enableIPv6 = false; + interfaces.${extIface} = { + ipv4.addresses = [{ + address = "192.168.0.2"; + prefixLength = 24; + }]; + }; + defaultGateway = "192.168.0.1"; + nameservers = [ "1.1.1.1" "8.8.8.8" ]; + firewall = { + allowedTCPPorts = [ 22 80 443 ]; + allowedUDPPorts = [ ]; + }; + }; + + security.sudo = { + enable = true; + execWheelOnly = true; + }; + + # Select internationalization properties. + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "dvorak"; + }; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.me = { + isNormalUser = true; + extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + shell = pkgs.zsh; + }; + + programs.neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + }; + + programs.zsh.enable = true; + + system.stateVersion = "23.11"; +} diff --git a/hosts/igor/disko-config.nix b/hosts/igor/disko-config.nix new file mode 100644 index 0000000..cd3c4aa --- /dev/null +++ b/hosts/igor/disko-config.nix @@ -0,0 +1,49 @@ +{ + disko.devices = { + disk.main = { + type = "disk"; + device = "/dev/mmcblk0"; + content = { + type = "gpt"; + partitions = { + ESP = { + priority = 1; + name = "ESP"; + start = "1M"; + end = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + + root = { + size = "100%"; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; + + subvolumes = { + "/rootfs" = { mountpoint = "/"; }; + "/home" = { + mountOptions = [ "compress=zstd" ]; + mountpoint = "/home"; + }; + "/nix" = { + mountOptions = [ "compress=zstd" "noatime" ]; + mountpoint = "/nix"; + }; + "/swap" = { + mountpoint = "/.swapvol"; + swap = { swapfile.size = "2G"; }; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/modules/wm/gnome.nix b/modules/wm/gnome.nix new file mode 100644 index 0000000..865d469 --- /dev/null +++ b/modules/wm/gnome.nix @@ -0,0 +1,5 @@ +{ config, lib, pkgs, ... }: + +{ + +} diff --git a/modules/wm/x.nix b/modules/wm/x.nix new file mode 100644 index 0000000..58e31d9 --- /dev/null +++ b/modules/wm/x.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +{ + # Enable the X11 windowing system. + services = { + dbus = { enable = true; }; + + xserver = { + enable = true; + exportConfiguration = true; + + # Configure keymap in X11 + layout = "us"; + + xkbOptions = "terminate:ctrl_alt_bksp,caps:escape,compose:ralt"; + + videoDrivers = [ "nvidia" ]; # "modesetting" ]; + + displayManager.lightdm = { + enable = true; + greeters.slick.enable = true; + }; + + desktopManager.xfce.enable = true; + desktopManager.gnome.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + libinput = { + enable = true; + touchpad.disableWhileTyping = true; + mouse.naturalScrolling = + config.services.xserver.libinput.touchpad.naturalScrolling; + }; + }; + }; +} diff --git a/modules/wm/xmonad.nix b/modules/wm/xmonad.nix new file mode 100644 index 0000000..392b324 --- /dev/null +++ b/modules/wm/xmonad.nix @@ -0,0 +1,17 @@ +{ config, lib, pkgs, ... }: + +{ + services = { + gnome.gnome-keyring.enable = true; + upower.enable = true; + + xserver = { + windowManager.xmonad = { + enable = true; + enableContribAndExtras = true; + }; + }; + }; + + systemd.services.upower.enable = true; +}