initial commit

2025-03-01 18:19:19 +01:00 · 2025-03-01 18:19:19 +01:00 · c4dc2e0f36
commit c4dc2e0f36
25 changed files with 558 additions and 0 deletions
--- a/15
+++ b/15
@ -0,0 +1,15 @@
+HOST ?= $(shell hostname)
+HOSTS = solo c2
+
+_all:
+	@true
+.PHONY: _all $(addprefix, _swtich_,${HOSTS}) _swtich_
+.SUFFIXES:
+
+switch: _switch_${HOST}
+
+_switch_:
+	@echo "ERROR: couldn't find hostname"
+	@false
+_switch_%:
+	nixos-rebuild switch --flake .#$*
--- a/README.md
+++ b/README.md
@ -0,0 +1 @@
+# My NixOS Configuration
--- a/flake.lock
+++ b/flake.lock
@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1740560979,
+        "narHash": "sha256-Vr3Qi346M+8CjedtbyUevIGDZW8LcA1fTG0ugPY/Hic=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "5135c59491985879812717f4c9fea69604e7f26f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
--- a/flake.nix
+++ b/flake.nix
@ -0,0 +1,27 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  };
+
+  outputs = { self, nixpkgs } @ inputs: 
+    let lib = nixpkgs.lib; in 
+    let mod = import ./mod { inherit lib; }; in
+    let specialArgs = { inherit inputs mod; }; in
+    {
+      nixosConfigurations = {
+        "solo" = nixpkgs.lib.nixosSystem
+        {
+          system = "x86_64-linux";
+          inherit specialArgs;
+          modules = [ ./host/solo ];
+        };
+
+        "c2" = nixpkgs.lib.nixosSystem
+        {
+          system = "x86_64-linux";
+          inherit specialArgs;
+          modules = [ ./host/c2 ];
+        };
+      };
+    };
+}
--- a/host/c2/default.nix
+++ b/host/c2/default.nix
@ -0,0 +1,13 @@
+{ mod, ... }: {
+  networking.hostName = "c2";
+
+  imports = with mod; [
+    collections.pc-common
+    ./hardware-configuration.nix 
+  ];
+
+  boot.loader.efi.efiSysMountPoint = "/boot/efi";
+
+  # ====== DON'T CHANGE ======
+  system.stateVersion = "25.05";
+}
--- a/host/c2/hardware-configuration.nix
+++ b/host/c2/hardware-configuration.nix
@ -0,0 +1,51 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/0aa43f8a-a6e8-47aa-800d-b02d98f2cb8a";
+      fsType = "btrfs";
+      options = [ "noatime" "compress=zstd:1" "subvol=@" ];
+    };
+
+  fileSystems."/nix" =
+    { device = "/dev/disk/by-uuid/0aa43f8a-a6e8-47aa-800d-b02d98f2cb8a";
+      fsType = "btrfs";
+      options = [ "noatime" "compress=zstd:1" "subvol=@nix" ];
+    };
+
+  fileSystems."/home" =
+    { device = "/dev/disk/by-uuid/0aa43f8a-a6e8-47aa-800d-b02d98f2cb8a";
+      fsType = "btrfs";
+      options = [ "noatime" "compress=zstd:1" "subvol=@home" ];
+    };
+
+  fileSystems."/boot/efi" =
+    { device = "/dev/disk/by-uuid/829B-BDFC";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/host/solo/default.nix
+++ b/host/solo/default.nix
@ -0,0 +1,19 @@
+{ mod, ... }: {
+  networking.hostName = "solo";
+
+  services.xserver.enable = true;
+
+  imports = with mod; [ 
+    collections.pc-common
+    keyboard
+    nvidia-gpu
+    games
+    ./hardware-configuration.nix
+  ];
+
+  powerManagement.enable = true;
+  powerManagement.cpuFreqGovernor = "performance";
+
+  # ====== DON'T CHANGE ======
+  system.stateVersion = "25.05";
+}
--- a/host/solo/hardware-configuration.nix
+++ b/host/solo/hardware-configuration.nix
@ -0,0 +1,42 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/7554858a-648d-47d9-839a-6b66ef2b99d9";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/8040-8FF4";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/9569220a-c151-44ca-a4db-037e63d314be"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.docker0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/mod/audio.nix
+++ b/mod/audio.nix
@ -0,0 +1,14 @@
+{ pkgs, ... }: {
+  environment.systemPackages = with pkgs; [
+    pavucontrol
+    alsa-utils
+  ];
+  
+  services.pulseaudio.enable = false;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+  };
+}
--- a/mod/boot.nix
+++ b/mod/boot.nix
@ -0,0 +1,10 @@
+{ ... }: {
+  boot.loader = {
+    efi.canTouchEfiVariables = true;
+    grub = {
+      enable = true;
+      efiSupport = true;
+      device = "nodev";
+    };
+  };
+}
--- a/mod/collections/pc-common.nix
+++ b/mod/collections/pc-common.nix
@ -0,0 +1,16 @@
+{ mod, ... }: {
+  imports = with mod; [
+    audio
+    boot
+    fonts
+    locale
+    network
+    nix
+    security
+    services
+    shell
+    software
+    users
+    window-manager
+  ];
+}
--- a/mod/default.nix
+++ b/mod/default.nix
@ -0,0 +1,16 @@
+{ lib, ... }:
+
+let
+  walk = path:
+    let dir = builtins.readDir path;
+    in lib.mapAttrs' (name: value: {
+      name = lib.removeSuffix ".nix" name;
+      value = if value == "regular" then
+        import (path + "/${name}")
+      else if value == "directory" then
+        walk (path + "/${name}")
+      else
+        builtins.throw "Cannot handle item of type ${value}";
+    }) dir;
+
+in walk ./.
--- a/mod/fonts.nix
+++ b/mod/fonts.nix
@ -0,0 +1,10 @@
+{ pkgs, ... }: {
+  fonts.packages = with pkgs; [
+    noto-fonts
+    noto-fonts-cjk-sans
+    noto-fonts-emoji
+    nerd-fonts.noto
+  ];
+  fonts.fontDir.enable = true;
+  fonts.fontconfig.defaultFonts.monospace = [ "Noto Nerd Font Mono" ];
+}
--- a/mod/games.nix
+++ b/mod/games.nix
@ -0,0 +1,7 @@
+{ pkgs, ... }: {
+  environment.systemPackages = with pkgs; [
+    runelite
+  ];
+
+  programs.steam.enable = true;
+}
--- a/mod/keyboard.nix
+++ b/mod/keyboard.nix
@ -0,0 +1,5 @@
+{ pkgs, ... }: {
+  # hardware.keyboard.qmk.enable = true;
+  environment.systemPackages = with pkgs; [ vial ];
+  services.udev.packages = with pkgs; [ vial ];
+}
--- a/mod/locale.nix
+++ b/mod/locale.nix
@ -0,0 +1,24 @@
+{ ... }: {
+  time.timeZone = "Europe/Berlin";
+
+  i18n.defaultLocale = "en_US.UTF-8";
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "de_DE.UTF-8";
+    LC_IDENTIFICATION = "de_DE.UTF-8";
+    LC_MEASUREMENT = "de_DE.UTF-8";
+    LC_MONETARY = "de_DE.UTF-8";
+    LC_NAME = "de_DE.UTF-8";
+    LC_NUMERIC = "de_DE.UTF-8";
+    LC_PAPER = "de_DE.UTF-8";
+    LC_TELEPHONE = "de_DE.UTF-8";
+    LC_TIME = "de_DE.UTF-8";
+  };
+
+  console.keyMap = "de";
+
+  # Configure keymap in X11
+  services.xserver.xkb = {
+    layout = "de";
+    variant = "";
+  };
+}
--- a/mod/network.nix
+++ b/mod/network.nix
@ -0,0 +1,84 @@
+{ ... }: {
+  networking.networkmanager.enable = true;
+  networking.networkmanager.wifi.macAddress = "random";
+
+  hardware.bluetooth.enable = true;
+  services.blueman.enable = true;
+
+  services.tailscale = {
+    enable = true;
+    useRoutingFeatures = "client";
+  };
+
+   networking.networkmanager.ensureProfiles.profiles = {
+    "tuda-vpn" = {
+      connection = {
+        autoconnect = "false";
+        id = "tuda-vpn";
+        type = "vpn";
+      };
+      ipv4 = {
+        method = "auto";
+      };
+      ipv6 = {
+        addr-gen-mode = "stable-privacy";
+        method = "auto";
+      };
+      vpn = {
+        authtype = "password";
+        autoconnect-flags = "0";
+        certsigs-flags = "0";
+        cookie-flags = "2";
+        disable_udp = "no";
+        enable_csd_trojan = "no";
+        gateway = "vpn.hrz.tu-darmstadt.de";
+        gateway-flags = "2";
+        gwcert-flags = "2";
+        lasthost-flags = "0";
+        pem_passphrase_fsid = "no";
+        prevent_invalid_cert = "no";
+        protocol = "anyconnect";
+        resolve-flags = "2";
+        service-type = "org.freedesktop.NetworkManager.openconnect";
+        stoken_source = "disabled";
+        xmlconfig-flags = "0";
+        password-flags = 0;
+      };
+    };
+
+    "thielelab" = {
+      connection = {
+        autoconnect = "false";
+        id = "thielelab";
+        type = "vpn";
+      };
+      ipv4 = {
+        method = "auto";
+      };
+      ipv6 = {
+        addr-gen-mode = "stable-privacy";
+        method = "auto";
+      };
+      vpn = {
+        authtype = "password";
+        autoconnect-flags = "0";
+        certsigs-flags = "0";
+        cookie-flags = "2";
+        disable_udp = "no";
+        enable_csd_trojan = "no";
+        gateway = "fwchemie4.net.hrz.tu-darmstadt.de";
+        gateway-flags = "2";
+        gwcert-flags = "2";
+        lasthost-flags = "0";
+        pem_passphrase_fsid = "no";
+        prevent_invalid_cert = "no";
+        protocol = "anyconnect";
+        resolve-flags = "2";
+        service-type = "org.freedesktop.NetworkManager.openconnect";
+        stoken_source = "disabled";
+        xmlconfig-flags = "0";
+        password-flags = 0;
+      };
+    };
+  };
+}
--- a/mod/nix.nix
+++ b/mod/nix.nix
@ -0,0 +1,21 @@
+{ lib, ... }: {
+  nix.settings = {
+    experimental-features = [ "nix-command" "flakes" ];
+    trusted-users = [ "root" "@wheel" ];
+    auto-optimise-store = true;
+  };
+  
+  programs.nix-ld.enable = true;
+
+  nixpkgs.config.allowUnfree = false;
+  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+    "nvidia-x11"
+    "nvidia-settings"
+    "vscode"
+    "obsidian"
+    "steam"
+    "steam-unwrapped"
+    "gateway" # jetbrains
+    "rust-rover"
+  ];
+}
--- a/mod/nvidia-gpu.nix
+++ b/mod/nvidia-gpu.nix
@ -0,0 +1,26 @@
+{ config, ... }: {
+  services.xserver.videoDrivers = [ "nvidia" ];
+  
+  hardware.graphics = {
+    enable = true;
+    enable32Bit = true;
+  };
+
+  hardware.nvidia = {
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+    
+    modesetting.enable = true;
+    nvidiaSettings = true;
+
+    open = false;
+    powerManagement = {
+      enable = true;
+      finegrained = false;
+    };    
+  };
+
+  boot.kernelParams = [
+    "nvidia-drm.fbdev=1"
+    "nvidia-drm.modeset=1"
+  ];
+}
--- a/mod/security.nix
+++ b/mod/security.nix
@ -0,0 +1,3 @@
+{ ... }: {
+  security.rtkit.enable = true;
+}
--- a/mod/services.nix
+++ b/mod/services.nix
@ -0,0 +1,9 @@
+{ ... }: {
+  systemd.services.NetworkManager-wait-online.enable = false;
+  services.printing.enable = true;
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    openFirewall = true;
+  };
+}
--- a/mod/shell.nix
+++ b/mod/shell.nix
@ -0,0 +1,45 @@
+{ pkgs, ... }: {
+  environment.shells = with pkgs; [ 
+    fish
+    bashInteractive
+  ];
+
+  environment.systemPackages = with pkgs; [
+    wget
+    htop
+    bc
+    gh
+    gnumake
+    killall
+    stow
+    docker-compose
+    starship
+    unzip
+  ];
+
+  programs = {
+    fish.enable = true;
+    git.enable = true;
+    tmux = {
+      enable = true;
+      clock24 = true;
+    };
+    neovim = {
+      enable = true;
+      defaultEditor = true;
+      viAlias = true;
+      vimAlias = true;
+    };
+  };
+
+  # --- Excludes ---
+  programs.nano.enable = false;
+
+  # Enabled by fish but takes soooo long.
+  # This is apparently used by some of fish's
+  # autocomplete features.
+  documentation.man.generateCaches = false;
+
+  # To stop the annoying error on entering wrong commands
+  programs.command-not-found.enable = false;
+}
--- a/mod/software.nix
+++ b/mod/software.nix
@ -0,0 +1,56 @@
+{ pkgs, ... }: {
+
+  environment.systemPackages = let
+    editors = with pkgs; [
+      vscode
+      jetbrains.gateway
+      jetbrains.rust-rover
+    ];
+
+    messengers = with pkgs; [
+      signal-desktop
+      element-desktop
+      zulip
+      vesktop
+    ];
+
+    util = with pkgs; [
+      wireguard-tools
+      bitwarden
+      kitty
+    ];
+
+    media = with pkgs; [
+      vlc
+    ];
+
+    productivity = with pkgs; [
+      zotero
+      obsidian
+    ];
+
+    dev = with pkgs; [
+      rustup
+      python313
+      gcc
+      binutils
+    ];
+
+  in editors
+    ++ messengers
+    ++ util
+    ++ media
+    ++ productivity
+    ++ dev;
+
+  virtualisation = {
+    docker.enable = true;
+  };
+
+  programs = {
+    firefox.enable = true;
+  };
+
+  # Some excludes
+  services.xserver.excludePackages = [ pkgs.xterm ];
+}
--- a/mod/users.nix
+++ b/mod/users.nix
@ -0,0 +1,9 @@
+{ pkgs, ... }: {
+  users.users.hd = {
+    description = "Henri";
+    isNormalUser = true;
+    extraGroups = [ "networkmanager" "wheel" ];
+    shell = pkgs.fish;
+    packages = [];
+  };
+}
--- a/mod/window-manager.nix
+++ b/mod/window-manager.nix
@ -0,0 +1,8 @@
+{ pkgs, ... }: {
+  # Enable the KDE Plasma Desktop Environment.
+  services.displayManager.sddm = {
+    enable = true;
+    wayland.enable = true;
+  };
+  services.desktopManager.plasma6.enable = true;
+}