Jimbo/NixOS-Config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Move and rename some stuff whatever

Browse source
This commit is contained in:
Jimbo 2024-12-09 23:07:20 -05:00
parent a0cc623c4b
commit 7c5ff0253e
38 changed files with 53 additions and 127 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
hosts/tower/filesystems/default.nix
View file

@ -37,7 +37,7 @@
"/home/jimbo/JimboNFS" = { "/home/jimbo/JimboNFS" = {
device = "${config.ips.server}:/export/JimboNFS"; device = "${config.ips.server}:/export/JimboNFS";
fsType = "nfs4"; fsType = "nfs4";
options = [ "x-systemd.automount" "noauto" ]; options = [ "x-systemd.automount" "noauto" "soft" "_netdev" ];
}; };
}; };
} }

16
modules/home/files/default.nix
View file

@ -1,16 +1,8 @@
{ pkgs, ... }: { { pkgs, ... }: {
home.file = { home.file = {
".face" = { ".face".source = ./assets/pfp.png;
source = ./assets/pfp.png; ".assets/wallpapers".source = ./assets/wallpapers;
}; ".assets/lockscreen".source = ./assets/lockscreen;
".assets/wallpapers" = { ".alsoftrc".text = ''drivers=pulse'';
source = ./assets/wallpapers;
};
".assets/lockscreen" = {
source = ./assets/lockscreen;
};
".alsoftrc" = {
text = ''drivers=pulse'';
};
}; };
} }

1
modules/home/options/default.nix
View file

@ -3,6 +3,5 @@ with lib; {
options.home.desktop.enable = mkOption { options.home.desktop.enable = mkOption {
type = types.bool; type = types.bool;
default = true; default = true;
description = "Enable desktop apps and services, but home-manager";
}; };
} }

2
modules/home/programs/gui/librewolf/default.nix
View file

@ -207,7 +207,7 @@ in {
"urlclassifier.features.socialtracking.skipURLs" = "*.instagram.com, *.twitter.com, *.twimg.com"; "urlclassifier.features.socialtracking.skipURLs" = "*.instagram.com, *.twitter.com, *.twimg.com";
"network.trr.mode" = 3; "network.trr.mode" = 3;
"network.trr.uri" = "https://doh.libredns.gr/noads"; "network.trr.uri" = "https://wikimedia-dns.org/dns-query";
"network.cookie.cookieBehavior" = 1; "network.cookie.cookieBehavior" = 1;
"network.cookie.sameSite.noneRequiresSecure" = true; "network.cookie.sameSite.noneRequiresSecure" = true;
"network.http.referer.XOriginPolicy" = 2; "network.http.referer.XOriginPolicy" = 2;

4
modules/home/programs/gui/pcmanfm/default.nix
View file

@ -38,9 +38,9 @@
".config/libfm/libfm.conf".text = '' ".config/libfm/libfm.conf".text = ''
[config] [config]
single_click=0 single_click=0
use_trash=0 use_trash=1
confirm_del=1 confirm_del=1
confirm_trash=0 confirm_trash=1
advanced_mode=1 advanced_mode=1
si_unit=0 si_unit=0
force_startup_notify=1 force_startup_notify=1

1
modules/home/programs/terminal/default.nix
View file

@ -6,6 +6,7 @@
./git ./git
./ncmpcpp ./ncmpcpp
./neovim ./neovim
./nh
./ranger ./ranger
./tmux ./tmux
./zsh ./zsh

1
modules/system/programs/nh/default.nix → modules/home/programs/terminal/nh/default.nix
View file

@ -2,7 +2,6 @@
{ {
programs.nh = { programs.nh = {
enable = true; enable = true;
clean.enable = true;
flake = "/etc/nixos"; flake = "/etc/nixos";
}; };
} }

10
modules/home/programs/terminal/zsh/default.nix
View file

@ -11,14 +11,14 @@
}; };
shellAliases = { shellAliases = {
# NixOS # NixOS
flakedate = "sudo nix flake update --flake /etc/nixos"; flakedate = "doas nix flake update --flake /etc/nixos";
nhs = "sudo nh os switch -R /etc/nixos"; nhs = "doas nh os switch -R /etc/nixos";
nhu = "flakedate && nhs"; nhu = "flakedate && nhs";
ns = "nix-shell -p"; ns = "nix-shell -p";
nixclean = "sudo nix-store --gc; nix-collect-garbage -d"; nixclean = "doas nix-store --gc; nix-collect-garbage -d";
nixpurge = "sudo nix-collect-garbage --delete-old"; nixpurge = "doas nix-collect-garbage --delete-old";
nixoptimize = "sudo nix store optimise"; nixoptimize = "doas nix store optimise";
nixscrub = "nixclean; nixpurge; nixoptimize"; nixscrub = "nixclean; nixpurge; nixoptimize";
# Shortcuts # Shortcuts

6
modules/system/accounts/groups/admin/default.nix
View file

@ -1,6 +0,0 @@
{ ... }:
{
users.groups.admin = {
gid = 515;
};
}

5
modules/system/accounts/groups/default.nix
View file

@ -1,7 +1,4 @@
{ ... }: { ... }:
{ {
imports = [ imports = [ ./nfsShare ];
./admin
./nfsShare
];
} }

5
modules/system/accounts/users/default.nix
View file

@ -8,8 +8,5 @@
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
]; ];
users = { users.mutableUsers = false;
mutableUsers = false;
allowNoPasswordLogin = true;
};
} }

2
modules/system/accounts/users/jimbo/default.nix
View file

@ -19,7 +19,7 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9"
]; ];
extraGroups = [ extraGroups = [
"admin" "wheel"
"audio" "audio"
"video" "video"
"input" "input"

1
modules/system/devices/bluetooth/default.nix
View file

@ -10,6 +10,7 @@
}; };
systemd.tmpfiles.rules = [ "f /var/lib/systemd/linger/jimbo" ]; systemd.tmpfiles.rules = [ "f /var/lib/systemd/linger/jimbo" ];
environment.persistence."/persist".directories = [ "/var/lib/bluetooth" ]; environment.persistence."/persist".directories = [ "/var/lib/bluetooth" ];
}; };
} }

1
modules/system/devices/boot/lanzaboote/default.nix
View file

@ -6,7 +6,6 @@
enable = lib.mkOption { enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
description = "Enable Lanzaboote and force disable Systemd-boot";
}; };
}; };

1
modules/system/devices/networking/wireguard/client/default.nix
View file

@ -3,7 +3,6 @@
options.system.wireguard.client.enable = lib.mkOption { options.system.wireguard.client.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
description = "Enable the wireguard client";
}; };
config = lib.mkIf config.system.wireguard.client.enable { config = lib.mkIf config.system.wireguard.client.enable {

1
modules/system/devices/networking/wireguard/server/default.nix
View file

@ -3,7 +3,6 @@
options.system.wireguard.server.enable = lib.mkOption { options.system.wireguard.server.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
description = "Enable the wireguard server";
}; };
config = lib.mkIf config.system.wireguard.server.enable { config = lib.mkIf config.system.wireguard.server.enable {

1
modules/system/devices/networking/wireless/default.nix
View file

@ -3,7 +3,6 @@
options.system.wireless.enable = lib.mkOption { options.system.wireless.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = true; default = true;
description = "Enable Wifi with iwd";
}; };
config = lib.mkIf config.system.wireless.enable { config = lib.mkIf config.system.wireless.enable {

1
modules/system/devices/video/nouveau/default.nix
View file

@ -3,7 +3,6 @@
options.system.video.nouveau.enable = lib.mkOption { options.system.video.nouveau.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
description = "Enable the open-source Nouveau driver";
}; };
config = lib.mkIf config.system.video.nouveau.enable { config = lib.mkIf config.system.video.nouveau.enable {

1
modules/system/devices/video/nvidia/default.nix
View file

@ -3,7 +3,6 @@
options.system.video.nvidia.enable = lib.mkOption { options.system.video.nvidia.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
description = "Enable the proprietary Nvidia stack";
}; };
config = lib.mkIf config.system.video.nvidia.enable { config = lib.mkIf config.system.video.nvidia.enable {

2
modules/system/options/default.nix
View file

@ -4,12 +4,10 @@ with lib; {
desktop.enable = mkOption { desktop.enable = mkOption {
type = types.bool; type = types.bool;
default = true; default = true;
description = "Enable desktop apps and services";
}; };
server.enable = mkOption { server.enable = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = "Enable server services";
}; };
}; };
} }

2
modules/system/programs/default.nix
View file

@ -7,8 +7,6 @@
./gaming ./gaming
./git ./git
./home-manager ./home-manager
./nh
./security
./shells ./shells
]; ];
} }

6
modules/system/programs/git/gpg/default.nix
View file

@ -1,9 +1,5 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
programs.gnupg.agent = { programs.gnupg.agent.enable = true;
enable = true;
enableSSHSupport = true;
};
environment.systemPackages = with pkgs; [ git-crypt ]; environment.systemPackages = with pkgs; [ git-crypt ];
} }

31
modules/system/programs/security/privilege/default.nix
View file

@ -1,31 +0,0 @@
{ ... }:
{
security.sudo-rs = {
enable = true;
extraRules = [
{ # Admin gets certain commands
groups = [ "admin" ];
commands = [
"/run/current-system/sw/bin/nix"
"/run/current-system/sw/bin/nh"
"/run/current-system/sw/bin/nixos-rebuild"
"/run/current-system/sw/bin/nixos-enter"
"/run/current-system/sw/bin/nix-collect-garbage"
"/run/current-system/sw/bin/nix-store"
"/run/current-system/sw/bin/systemctl"
"/run/current-system/sw/bin/pkill"
"/run/current-system/sw/bin/dd"
"/run/current-system/sw/bin/eject"
"/run/current-system/sw/bin/vgchange"
"/run/current-system/sw/bin/cp"
"/run/current-system/sw/bin/ls"
"/run/current-system/sw/bin/cat"
"/run/current-system/sw/bin/mount"
];
}
];
};
}

31
modules/system/programs/security/privilege/default.nix~
View file

@ -1,31 +0,0 @@
{ ... }:
{
security.sudo-rs = {
enable = true;
extraRules = [
{ # Admin gets certain commands
groups = [ "admin" ];
commands = [
"/run/current-system/sw/bin/nix"
"/run/current-system/sw/bin/nh"
"/run/current-system/sw/bin/nixos-rebuild"
"/run/current-system/sw/bin/nixos-enter"
"/run/current-system/sw/bin/nix-collect-garbage"
"/run/current-system/sw/bin/nix-store"
"/run/current-system/sw/bin/systemctl"
"/run/current-system/sw/bin/pkill"
"/run/current-system/sw/bin/dd"
"/run/current-system/sw/bin/eject"
"/run/current-system/sw/bin/vgchange"
"/run/current-system/sw/bin/cp"
"/run/current-system/sw/bin/ls"
"/run/current-system/sw/bin/cat"
"/run/current-system/sw/bin/mount"
];
}
];
};
}

0
modules/system/services/general/displaymanager/uwsm/default.nix
View file

2
modules/system/services/general/keyd/default.nix
View file

@ -33,7 +33,7 @@
"9" = "f9"; "9" = "f9";
"0" = "f10"; "0" = "f10";
"-" = "f11"; "-" = "f11";
#"=" = "f12"; # ?? "=" = "f12";
}; };
}; };
}; };

2
modules/system/services/general/tlp/default.nix
View file

@ -1,4 +1,4 @@
{ ... }: { lib, ... }:
{ {
services.tlp.enable = true; services.tlp.enable = true;
} }

3
modules/system/services/general/userborn/default.nix
View file

@ -1,5 +1,4 @@
{ ... }: { ... }:
{ {
# Enable this when 24.11 drops services.userborn.enable = true;
#services.userborn.enable = true;
} }

3
modules/system/settings/default.nix
View file

@ -2,9 +2,10 @@
{ {
imports = [ imports = [
./documentation ./documentation
./fonts ./font
./minimal ./minimal
./nix ./nix
./security
./timezone ./timezone
]; ];
} }

4
modules/system/settings/font/default.nix Normal file
View file

@ -0,0 +1,4 @@
{ pkgs, ... }:
{
console.font = "${pkgs.terminus_font}/share/consolefonts/ter-u22n.psf.gz";
}

7
modules/system/settings/fonts/default.nix
View file

@ -1,7 +0,0 @@
{ pkgs, ... }:
{
console = {
font = "${pkgs.terminus_font}/share/consolefonts/ter-u22n.psf.gz";
packages = with pkgs; [ terminus_font ];
};
}

1
modules/system/settings/nix/default.nix
View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./autoupgrade ./autoupgrade
./gc
]; ];
nix.settings = { nix.settings = {

8
modules/system/settings/nix/gc/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ ... }:
{
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 1w";
};
}

0
modules/system/programs/security/apparmor/default.nix → modules/system/settings/security/apparmor/default.nix
View file

0
modules/system/programs/security/default.nix → modules/system/settings/security/default.nix
View file

0
modules/system/programs/security/polkit/default.nix → modules/system/settings/security/polkit/default.nix
View file

16
modules/system/settings/security/privilege/default.nix Normal file
View file

@ -0,0 +1,16 @@
{ ... }:
{
security = {
sudo.enable = false;
doas = {
enable = true;
extraRules = [
{ # Give wheel root access
groups = [ "wheel" ];
keepEnv = true;
persist = true;
}
];
};
};
}

0
modules/system/programs/security/rtprio/default.nix → modules/system/settings/security/rtprio/default.nix
View file