commit c4dc2e0f362a87c2b8095003e98958707959bc39 Author: Henri Dohmen Date: Sat Mar 1 18:19:19 2025 +0100 initial commit diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..21187ce --- /dev/null +++ b/Makefile @@ -0,0 +1,15 @@ +HOST ?= $(shell hostname) +HOSTS = solo c2 + +_all: + @true +.PHONY: _all $(addprefix, _swtich_,${HOSTS}) _swtich_ +.SUFFIXES: + +switch: _switch_${HOST} + +_switch_: + @echo "ERROR: couldn't find hostname" + @false +_switch_%: + nixos-rebuild switch --flake .#$* \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..8cdeab5 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +# My NixOS Configuration diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..febb998 --- /dev/null +++ b/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1740560979, + "narHash": "sha256-Vr3Qi346M+8CjedtbyUevIGDZW8LcA1fTG0ugPY/Hic=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5135c59491985879812717f4c9fea69604e7f26f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..9d74520 --- /dev/null +++ b/flake.nix @@ -0,0 +1,27 @@ +{ + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + }; + + outputs = { self, nixpkgs } @ inputs: + let lib = nixpkgs.lib; in + let mod = import ./mod { inherit lib; }; in + let specialArgs = { inherit inputs mod; }; in + { + nixosConfigurations = { + "solo" = nixpkgs.lib.nixosSystem + { + system = "x86_64-linux"; + inherit specialArgs; + modules = [ ./host/solo ]; + }; + + "c2" = nixpkgs.lib.nixosSystem + { + system = "x86_64-linux"; + inherit specialArgs; + modules = [ ./host/c2 ]; + }; + }; + }; +} diff --git a/host/c2/default.nix b/host/c2/default.nix new file mode 100644 index 0000000..73d3ac3 --- /dev/null +++ b/host/c2/default.nix @@ -0,0 +1,13 @@ +{ mod, ... }: { + networking.hostName = "c2"; + + imports = with mod; [ + collections.pc-common + ./hardware-configuration.nix + ]; + + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + + # ====== DON'T CHANGE ====== + system.stateVersion = "25.05"; +} diff --git a/host/c2/hardware-configuration.nix b/host/c2/hardware-configuration.nix new file mode 100644 index 0000000..f88bc2f --- /dev/null +++ b/host/c2/hardware-configuration.nix @@ -0,0 +1,51 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/0aa43f8a-a6e8-47aa-800d-b02d98f2cb8a"; + fsType = "btrfs"; + options = [ "noatime" "compress=zstd:1" "subvol=@" ]; + }; + + fileSystems."/nix" = + { device = "/dev/disk/by-uuid/0aa43f8a-a6e8-47aa-800d-b02d98f2cb8a"; + fsType = "btrfs"; + options = [ "noatime" "compress=zstd:1" "subvol=@nix" ]; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/0aa43f8a-a6e8-47aa-800d-b02d98f2cb8a"; + fsType = "btrfs"; + options = [ "noatime" "compress=zstd:1" "subvol=@home" ]; + }; + + fileSystems."/boot/efi" = + { device = "/dev/disk/by-uuid/829B-BDFC"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/host/solo/default.nix b/host/solo/default.nix new file mode 100644 index 0000000..d41caa6 --- /dev/null +++ b/host/solo/default.nix @@ -0,0 +1,19 @@ +{ mod, ... }: { + networking.hostName = "solo"; + + services.xserver.enable = true; + + imports = with mod; [ + collections.pc-common + keyboard + nvidia-gpu + games + ./hardware-configuration.nix + ]; + + powerManagement.enable = true; + powerManagement.cpuFreqGovernor = "performance"; + + # ====== DON'T CHANGE ====== + system.stateVersion = "25.05"; +} diff --git a/host/solo/hardware-configuration.nix b/host/solo/hardware-configuration.nix new file mode 100644 index 0000000..59e3331 --- /dev/null +++ b/host/solo/hardware-configuration.nix @@ -0,0 +1,42 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/7554858a-648d-47d9-839a-6b66ef2b99d9"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/8040-8FF4"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/9569220a-c151-44ca-a4db-037e63d314be"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.docker0.useDHCP = lib.mkDefault true; + # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/mod/audio.nix b/mod/audio.nix new file mode 100644 index 0000000..b1a106f --- /dev/null +++ b/mod/audio.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: { + environment.systemPackages = with pkgs; [ + pavucontrol + alsa-utils + ]; + + services.pulseaudio.enable = false; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; +} \ No newline at end of file diff --git a/mod/boot.nix b/mod/boot.nix new file mode 100644 index 0000000..7076284 --- /dev/null +++ b/mod/boot.nix @@ -0,0 +1,10 @@ +{ ... }: { + boot.loader = { + efi.canTouchEfiVariables = true; + grub = { + enable = true; + efiSupport = true; + device = "nodev"; + }; + }; +} \ No newline at end of file diff --git a/mod/collections/pc-common.nix b/mod/collections/pc-common.nix new file mode 100644 index 0000000..e28672c --- /dev/null +++ b/mod/collections/pc-common.nix @@ -0,0 +1,16 @@ +{ mod, ... }: { + imports = with mod; [ + audio + boot + fonts + locale + network + nix + security + services + shell + software + users + window-manager + ]; +} \ No newline at end of file diff --git a/mod/default.nix b/mod/default.nix new file mode 100644 index 0000000..063100e --- /dev/null +++ b/mod/default.nix @@ -0,0 +1,16 @@ +{ lib, ... }: + +let + walk = path: + let dir = builtins.readDir path; + in lib.mapAttrs' (name: value: { + name = lib.removeSuffix ".nix" name; + value = if value == "regular" then + import (path + "/${name}") + else if value == "directory" then + walk (path + "/${name}") + else + builtins.throw "Cannot handle item of type ${value}"; + }) dir; + +in walk ./. diff --git a/mod/fonts.nix b/mod/fonts.nix new file mode 100644 index 0000000..999bd2a --- /dev/null +++ b/mod/fonts.nix @@ -0,0 +1,10 @@ +{ pkgs, ... }: { + fonts.packages = with pkgs; [ + noto-fonts + noto-fonts-cjk-sans + noto-fonts-emoji + nerd-fonts.noto + ]; + fonts.fontDir.enable = true; + fonts.fontconfig.defaultFonts.monospace = [ "Noto Nerd Font Mono" ]; +} \ No newline at end of file diff --git a/mod/games.nix b/mod/games.nix new file mode 100644 index 0000000..1023d3f --- /dev/null +++ b/mod/games.nix @@ -0,0 +1,7 @@ +{ pkgs, ... }: { + environment.systemPackages = with pkgs; [ + runelite + ]; + + programs.steam.enable = true; +} \ No newline at end of file diff --git a/mod/keyboard.nix b/mod/keyboard.nix new file mode 100644 index 0000000..7b547db --- /dev/null +++ b/mod/keyboard.nix @@ -0,0 +1,5 @@ +{ pkgs, ... }: { + # hardware.keyboard.qmk.enable = true; + environment.systemPackages = with pkgs; [ vial ]; + services.udev.packages = with pkgs; [ vial ]; +} diff --git a/mod/locale.nix b/mod/locale.nix new file mode 100644 index 0000000..b6aeb34 --- /dev/null +++ b/mod/locale.nix @@ -0,0 +1,24 @@ +{ ... }: { + time.timeZone = "Europe/Berlin"; + + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "de_DE.UTF-8"; + LC_IDENTIFICATION = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "de_DE.UTF-8"; + LC_PAPER = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + }; + + console.keyMap = "de"; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "de"; + variant = ""; + }; +} \ No newline at end of file diff --git a/mod/network.nix b/mod/network.nix new file mode 100644 index 0000000..a1dbd8e --- /dev/null +++ b/mod/network.nix @@ -0,0 +1,84 @@ +{ ... }: { + networking.networkmanager.enable = true; + networking.networkmanager.wifi.macAddress = "random"; + + hardware.bluetooth.enable = true; + services.blueman.enable = true; + + services.tailscale = { + enable = true; + useRoutingFeatures = "client"; + }; + + networking.networkmanager.ensureProfiles.profiles = { + "tuda-vpn" = { + connection = { + autoconnect = "false"; + id = "tuda-vpn"; + type = "vpn"; + }; + ipv4 = { + method = "auto"; + }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + method = "auto"; + }; + vpn = { + authtype = "password"; + autoconnect-flags = "0"; + certsigs-flags = "0"; + cookie-flags = "2"; + disable_udp = "no"; + enable_csd_trojan = "no"; + gateway = "vpn.hrz.tu-darmstadt.de"; + gateway-flags = "2"; + gwcert-flags = "2"; + lasthost-flags = "0"; + pem_passphrase_fsid = "no"; + prevent_invalid_cert = "no"; + protocol = "anyconnect"; + resolve-flags = "2"; + service-type = "org.freedesktop.NetworkManager.openconnect"; + stoken_source = "disabled"; + xmlconfig-flags = "0"; + password-flags = 0; + }; + }; + + "thielelab" = { + connection = { + autoconnect = "false"; + id = "thielelab"; + type = "vpn"; + }; + ipv4 = { + method = "auto"; + }; + ipv6 = { + addr-gen-mode = "stable-privacy"; + method = "auto"; + }; + vpn = { + authtype = "password"; + autoconnect-flags = "0"; + certsigs-flags = "0"; + cookie-flags = "2"; + disable_udp = "no"; + enable_csd_trojan = "no"; + gateway = "fwchemie4.net.hrz.tu-darmstadt.de"; + gateway-flags = "2"; + gwcert-flags = "2"; + lasthost-flags = "0"; + pem_passphrase_fsid = "no"; + prevent_invalid_cert = "no"; + protocol = "anyconnect"; + resolve-flags = "2"; + service-type = "org.freedesktop.NetworkManager.openconnect"; + stoken_source = "disabled"; + xmlconfig-flags = "0"; + password-flags = 0; + }; + }; + }; +} \ No newline at end of file diff --git a/mod/nix.nix b/mod/nix.nix new file mode 100644 index 0000000..7a17c53 --- /dev/null +++ b/mod/nix.nix @@ -0,0 +1,21 @@ +{ lib, ... }: { + nix.settings = { + experimental-features = [ "nix-command" "flakes" ]; + trusted-users = [ "root" "@wheel" ]; + auto-optimise-store = true; + }; + + programs.nix-ld.enable = true; + + nixpkgs.config.allowUnfree = false; + nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ + "nvidia-x11" + "nvidia-settings" + "vscode" + "obsidian" + "steam" + "steam-unwrapped" + "gateway" # jetbrains + "rust-rover" + ]; +} \ No newline at end of file diff --git a/mod/nvidia-gpu.nix b/mod/nvidia-gpu.nix new file mode 100644 index 0000000..cb7172f --- /dev/null +++ b/mod/nvidia-gpu.nix @@ -0,0 +1,26 @@ +{ config, ... }: { + services.xserver.videoDrivers = [ "nvidia" ]; + + hardware.graphics = { + enable = true; + enable32Bit = true; + }; + + hardware.nvidia = { + package = config.boot.kernelPackages.nvidiaPackages.stable; + + modesetting.enable = true; + nvidiaSettings = true; + + open = false; + powerManagement = { + enable = true; + finegrained = false; + }; + }; + + boot.kernelParams = [ + "nvidia-drm.fbdev=1" + "nvidia-drm.modeset=1" + ]; +} diff --git a/mod/security.nix b/mod/security.nix new file mode 100644 index 0000000..0834041 --- /dev/null +++ b/mod/security.nix @@ -0,0 +1,3 @@ +{ ... }: { + security.rtkit.enable = true; +} diff --git a/mod/services.nix b/mod/services.nix new file mode 100644 index 0000000..06c6890 --- /dev/null +++ b/mod/services.nix @@ -0,0 +1,9 @@ +{ ... }: { + systemd.services.NetworkManager-wait-online.enable = false; + services.printing.enable = true; + services.avahi = { + enable = true; + nssmdns4 = true; + openFirewall = true; + }; +} \ No newline at end of file diff --git a/mod/shell.nix b/mod/shell.nix new file mode 100644 index 0000000..71ac907 --- /dev/null +++ b/mod/shell.nix @@ -0,0 +1,45 @@ +{ pkgs, ... }: { + environment.shells = with pkgs; [ + fish + bashInteractive + ]; + + environment.systemPackages = with pkgs; [ + wget + htop + bc + gh + gnumake + killall + stow + docker-compose + starship + unzip + ]; + + programs = { + fish.enable = true; + git.enable = true; + tmux = { + enable = true; + clock24 = true; + }; + neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + }; + }; + + # --- Excludes --- + programs.nano.enable = false; + + # Enabled by fish but takes soooo long. + # This is apparently used by some of fish's + # autocomplete features. + documentation.man.generateCaches = false; + + # To stop the annoying error on entering wrong commands + programs.command-not-found.enable = false; +} diff --git a/mod/software.nix b/mod/software.nix new file mode 100644 index 0000000..d1e0ce2 --- /dev/null +++ b/mod/software.nix @@ -0,0 +1,56 @@ +{ pkgs, ... }: { + + environment.systemPackages = let + editors = with pkgs; [ + vscode + jetbrains.gateway + jetbrains.rust-rover + ]; + + messengers = with pkgs; [ + signal-desktop + element-desktop + zulip + vesktop + ]; + + util = with pkgs; [ + wireguard-tools + bitwarden + kitty + ]; + + media = with pkgs; [ + vlc + ]; + + productivity = with pkgs; [ + zotero + obsidian + ]; + + dev = with pkgs; [ + rustup + python313 + gcc + binutils + ]; + + in editors + ++ messengers + ++ util + ++ media + ++ productivity + ++ dev; + + virtualisation = { + docker.enable = true; + }; + + programs = { + firefox.enable = true; + }; + + # Some excludes + services.xserver.excludePackages = [ pkgs.xterm ]; +} diff --git a/mod/users.nix b/mod/users.nix new file mode 100644 index 0000000..55f3c8b --- /dev/null +++ b/mod/users.nix @@ -0,0 +1,9 @@ +{ pkgs, ... }: { + users.users.hd = { + description = "Henri"; + isNormalUser = true; + extraGroups = [ "networkmanager" "wheel" ]; + shell = pkgs.fish; + packages = []; + }; +} \ No newline at end of file diff --git a/mod/window-manager.nix b/mod/window-manager.nix new file mode 100644 index 0000000..c00d32e --- /dev/null +++ b/mod/window-manager.nix @@ -0,0 +1,8 @@ +{ pkgs, ... }: { + # Enable the KDE Plasma Desktop Environment. + services.displayManager.sddm = { + enable = true; + wayland.enable = true; + }; + services.desktopManager.plasma6.enable = true; +} \ No newline at end of file