transcaffeine/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: initial commit

Browse Source
This commit is contained in:
transcaffeine 2024-11-23 21:35:39 +01:00
commit 28590f35e1
Signed by: transcaffeine
GPG Key ID: 03624C433676E465
11 changed files with 273 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
result

27
flake.lock generated Normal file
View File

@ -0,0 +1,27 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1731755305,
"narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

15
flake.nix Normal file
View File

@ -0,0 +1,15 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
};
outputs = inputs @ { self, nixpkgs }: {
nixosConfigurations.affogato = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./hosts/affogato
];
specialArgs = { inherit inputs; };
};
};
}

51
hosts/affogato/default.nix Normal file
View File

@ -0,0 +1,51 @@
{ pkgs, ... }: {
imports = [
./hardware-configuration.nix
./n100.nix
../../profiles/base
../../profiles/graphical
../../profiles/kde
../../users/transcaffeine
../../users/leona
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
#boot.kernelPackages = pkgs.linuxPackages_6_6;
boot.kernelParams = [
"fbcon=rotate:1"
# disable panel self refresh for i915
# "i915.enable_psr=0"
# set max cstate to 2 (suspend?)
# "intel_idle.max_cstate=2"
"nvme.noacpi=1"
];
hardware.enableRedistributableFirmware = true;
networking.hostName = "affogato";
networking.hosts = {
"78.94.116.221" = [
"git.finally.coffee"
"chat.finallycoffee.eu"
"cloud.finallycoffee.eu"
];
};
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Network
networking.networkmanager.enable = true;
systemd.services.ModemManager.enable = true;
services.printing.enable = true;
services.avahi.enable = true;
services.tailscale.enable = true;
services.blueman.enable = true;
# TODO: delete this later
system.stateVersion = "23.05"; # Did you read the comment?
}

56
hosts/affogato/hardware-configuration.nix Normal file
View File

@ -0,0 +1,56 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/34d0b26e-8d69-4388-bf94-67e44669cdd8";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/3B4B-0489";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/22e2d822-7f26-4246-a28e-b10a116f2818"; }
];
boot.initrd.luks.devices."coffee".device = "/dev/disk/by-uuid/e24d653d-df2d-472b-97c3-653ee3169b1c";
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s20f0u1u3.useDHCP = lib.mkDefault true;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.bluetooth.enable = true;
hardware.bluetooth.settings = {
General = {
JustWorksRepairing = "always";
FastConnectable = true;
Class = "0x000100";
};
Policy = {
AutoEnable = true;
};
};
# Enable WWAN over USB (also sets up usb-modeswitch for LTE sticks)
hardware.usb-modeswitch.enable = true;
}

14
hosts/affogato/n100.nix Normal file
View File

@ -0,0 +1,14 @@
{ lib, pkgs, ... }: {
boot.extraModprobeConfig = ''
options iwlwifi disable_11ax=true
'';
hardware.firmware = let
intelfirmware = (pkgs.runCommandNoCC "n100-firmware" {} ''
mkdir -p $out/lib/firmware/intel/
cp ${pkgs.linux-firmware}/lib/firmware/intel/ibt-1040-4150.ddc $out/lib/firmware/intel/ibt-1040-1050.ddc
cp ${pkgs.linux-firmware}/lib/firmware/intel/ibt-1040-4150.sfi $out/lib/firmware/intel/ibt-1040-1050.sfi
cp ${pkgs.linux-firmware}/lib/firmware/intel/ibt-1040-4150.ddc $out/lib/firmware/intel/ibt-0040-1050.ddc
cp ${pkgs.linux-firmware}/lib/firmware/intel/ibt-1040-4150.sfi $out/lib/firmware/intel/ibt-0040-1050.sfi
''); #// { meta.priority = 8; };
in lib.mkBefore [ intelfirmware ];
}

39
profiles/base/default.nix Normal file
View File

@ -0,0 +1,39 @@
{ inputs, pkgs, ...}: {
nixpkgs.config.allowUnfree = true;
nix.settings.trusted-users = [ "root" "@wheel" ];
nix.registry.nixpkgs.flake = inputs.nixpkgs;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
nix.gc = {
automatic = true;
options = "--delete-older-than 21d";
};
security.sudo.wheelNeedsPassword = false;
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "prohibit-password";
};
};
environment.systemPackages = with pkgs; [
python3
vim
tmux
jq
yq
tree
git
bind.dnsutils
openssl
curl
htop
pinentry
gnupg
sequoia
];
}

25
profiles/graphical/default.nix Normal file
View File

@ -0,0 +1,25 @@
{ pkgs, ...}: {
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
environment.systemPackages = with pkgs; [
firefox
thunderbird
vlc
usbutils
pciutils
pinentry-qt
wl-clipboard
usb-modeswitch
usb-modeswitch-data
modemmanager
xdg-desktop-portal
xdg-desktop-portal-kde
grim
wireguard-tools
];
}

11
profiles/kde/default.nix Normal file
View File

@ -0,0 +1,11 @@
{ pkgs, ...}: {
# Plasma
services.xserver.enable = true;
services.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;
environment.systemPackages = with pkgs; [
xdg-desktop-portal
xdg-desktop-portal-kde
];
}

9
users/leona/default.nix Normal file
View File

@ -0,0 +1,9 @@
{ pkgs, ... }: {
users.users.leona = {
isNormalUser = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOkvy9P1Qweq1kykgn3IWIBWe/v/dTNAx+hd9i2aKe1O openpgp:0xCACA6CB6"
];
};
}

25
users/transcaffeine/default.nix Normal file
View File

@ -0,0 +1,25 @@
{ pkgs, ... }: {
users.users.transcaffeine = {
isNormalUser = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCnjrKWYc0bcIsTkdpyC+yAsxSeY9M1WxVDNm3I/R3BYqyvfFuzJMQyh5APhM52yKGMN9UOuJPNPz0C4P6EY3iC3ZqUHFJ6ILrZZxdLZBVxdy2F19Xv6XcZkZxLpRKWapVFECF5z/Bi0rg1uzNRyrHjfZWcHfHIvlqxUYiitvvTbbSMQKqEV8wlnshSzBoYzaKtV1+crwlgz6wCnXq8HIupEeWfUc9kc+zunpYnuHnU5Z3HhzQGBuIiPoVritDjOo7qYREftV4qQ15xFWdezsMZlR15edwZeyNdAEx044QgaGddC8uEMoi5cp4APIqH1cEkIvSU6Y+esdgZ4CHU6M5G5ub5PTT2TaKoUMLLFtpW6QImjVApixFTHWR7tUhqInplWWLqvviS4MoI1ppxgcDUg/bgPdeDBsoRkbESr2uT8ResNi9DlPlN2rlUjlb28awzHm7agFhwfPQZ1afnFSUh0tTFz1WeR7xIGhxR1xXc8sapJhgLnYYWpR2NaJzbYYdk7CWW/3rgEsJem7Kvll6HevnFgRP/uVhEyGZl9hw+tECzvwB/LEmQ/4raDMxqOB9XO9kusJX/jTnQIObrFubfKn3ToXlYbQxZX9+QobANvQ8huILz1bBeH8aKjf9RXu+j4VNyoCKhzU/v0MIdRCsgVWgjuYXMGRo0MFMFyMqQiw== transcaffeine-openpgp:0x353A3E5B"
];
packages = with pkgs; [
pass
spotify
gimp-with-plugins
qlcplus
ola
helvum
nmap
ansible
alacritty
tcpdump
virtualenv
wget
nix-output-monitor
nix-diff
];
};
}