talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Reformat all nix files.

Browse Source
This commit is contained in:
Tom Alexander 2024-12-20 22:37:44 -05:00
parent 764a8c58ce
commit e26118af4f
Signed by: talexander
GPG Key ID: D3A179C9A53C0EDE
18 changed files with 549 additions and 410 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nix/configuration/boot.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
@ -15,7 +20,6 @@
# efibootmgr -c -d /dev/sda -p 1 -L NixOS-boot -l '\EFI\NixOS-boot\grubx64.efi'
# Text-only:
# sudo cp "$(nix-build '<nixpkgs>' --no-out-link -A 'refind')/share/refind/refind_x64.efi" /boot/EFI/boot/bootx64.efi

41
nix/configuration/configuration.nix
View File

@ -1,11 +1,22 @@
{ config, lib, pkgs, pkgs-unstable, home-manager, ... }:
{
config,
lib,
pkgs,
pkgs-unstable,
home-manager,
...
}:
{
imports =
[
imports = [
./roles/reset
./hosts/odo
"${builtins.fetchTarball {url="https://github.com/nix-community/disko/archive/refs/tags/v1.9.0.tar.gz";sha256="0j76ar4qz320fakdii4659w5lww8wiz6yb7g47npywqvf2lbp388";}}/module.nix"
"${
builtins.fetchTarball {
url = "https://github.com/nix-community/disko/archive/refs/tags/v1.9.0.tar.gz";
sha256 = "0j76ar4qz320fakdii4659w5lww8wiz6yb7g47npywqvf2lbp388";
}
}/module.nix"
./boot.nix
./zfs.nix
./network.nix
@ -21,7 +32,10 @@
./roles/gpg
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nix.settings.trusted-users = [ "@wheel" ];
boot.kernelPackages = pkgs.linuxPackages_6_11;
@ -46,8 +60,13 @@
];
};
users.groups.talexander.gid = 11235;
home-manager.users.talexander = { pkgs, ... }: {
home.packages = [ pkgs.atool pkgs.httpie ];
home-manager.users.talexander =
{ pkgs, ... }:
{
home.packages = [
pkgs.atool
pkgs.httpie
];
programs.bash.enable = true;
# The state version is required and should stay at the version you
@ -67,11 +86,13 @@
security.doas.enable = true;
security.doas.wheelNeedsPassword = false;
security.sudo.enable = false;
security.doas.extraRules = [{
security.doas.extraRules = [
{
# Retain environment (for example NIX_PATH)
keepEnv = true;
persist = true; # Only ask for a password the first time.
}];
}
];
# Do not use default packages (nixos includes some defaults like nano)
environment.defaultPackages = lib.mkForce [ ];
@ -171,8 +192,6 @@
# })
# ];
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.

26
nix/configuration/flake.nix
View File

@ -12,7 +12,17 @@
home-manager.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-b93b4e9b5, impermanence, home-manager, ... }@inputs: let
outputs =
{
self,
nixpkgs,
nixpkgs-unstable,
nixpkgs-b93b4e9b5,
impermanence,
home-manager,
...
}@inputs:
let
base-system = { };
odoqemu = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
@ -34,7 +44,9 @@
home-manager.useUserPackages = true;
}
./configuration.nix
({lib, ...}: {
(
{ lib, ... }:
{
imports = [ <nixpkgs/nixos/modules/virtualisation/qemu-vm.nix> ];
virtualisation.qemu.options = [
"-device virtio-vga"
@ -52,7 +64,8 @@
boot.loader.efi.canTouchEfiVariables = lib.mkForce true;
# doas nixos-rebuild build-vm --flake .#odoqemu
#./result/bin/run-nixos-vm
})
}
)
];
};
odo = nixpkgs.lib.nixosSystem rec {
@ -104,11 +117,14 @@
home-manager.useUserPackages = true;
}
./configuration.nix
({lib, ...}: {
(
{ lib, ... }:
{
networking.dhcpcd.enable = lib.mkForce true;
networking.useDHCP = lib.mkForce true;
boot.loader.efi.canTouchEfiVariables = lib.mkForce true;
})
}
)
];
};
};

6
nix/configuration/hosts/odo/disk-config.nix
View File

@ -14,7 +14,11 @@
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" "noatime" "discard" ];
mountOptions = [
"umask=0077"
"noatime"
"discard"
];
};
};
zfs = {

18
nix/configuration/hosts/odo/hardware-configuration.nix
View File

@ -1,14 +1,24 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" ];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"thunderbolt"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];

13
nix/configuration/network.nix
View File

@ -1,11 +1,19 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
networking.dhcpcd.enable = false;
networking.useDHCP = false;
networking.nameservers = [ "194.242.2.2#doh.mullvad.net" "2a07:e340::2#doh.mullvad.net" ];
networking.nameservers = [
"194.242.2.2#doh.mullvad.net"
"2a07:e340::2#doh.mullvad.net"
];
services.resolved = {
enable = true;
dnssec = "true";
@ -14,7 +22,6 @@
dnsovertls = "true";
};
# Without this, systemd-resolved will send DNS requests for <X>.home.arpa to the per-link DNS server (172.16.0.1) which does not support DNS-over-TLS. This leads to the connection anging and timing out. This causes firefox startup to take an extra 10+ seconds.
#
# Test with: drill @127.0.0.53 odo.home.arpa

11
nix/configuration/roles/alacritty/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
@ -8,7 +13,9 @@
xdg-utils # for xdg-open
];
home-manager.users.talexander = { pkgs, ... }: {
home-manager.users.talexander =
{ pkgs, ... }:
{
home.file.".config/alacritty/alacritty.toml" = {
source = ./files/alacritty.toml;
};

8
nix/configuration/roles/blank/default.nix
View File

@ -1,7 +1,11 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
}

24
nix/configuration/roles/firefox/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
@ -52,7 +57,8 @@
"privacy.fingerprintingProtection" = true;
# Allow sending dark mode preference to websites.
# Allow sending timezone to websites.
"privacy.fingerprintingProtection.overrides" = "+AllTargets,-CSSPrefersColorScheme,-JSDateTimeUTC,-CanvasExtractionBeforeUserInputIsBlocked";
"privacy.fingerprintingProtection.overrides" =
"+AllTargets,-CSSPrefersColorScheme,-JSDateTimeUTC,-CanvasExtractionBeforeUserInputIsBlocked";
# Disable weather on new tab page
"browser.newtabpage.activity-stream.showWeather" = false;
};
@ -82,7 +88,12 @@
hideMounts = true;
users.talexander = {
directories = [
{ directory = ".mozilla"; user = "talexander"; group = "talexander"; mode = "0700"; }
{
directory = ".mozilla";
user = "talexander";
group = "talexander";
mode = "0700";
}
];
};
};
@ -90,7 +101,12 @@
hideMounts = true;
users.talexander = {
directories = [
{ directory = ".cache/mozilla"; user = "talexander"; group = "talexander"; mode = "0700"; }
{
directory = ".cache/mozilla";
user = "talexander";
group = "talexander";
mode = "0700";
}
];
};
};

7
nix/configuration/roles/firewall/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];

7
nix/configuration/roles/fonts/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];

11
nix/configuration/roles/git/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
@ -7,7 +12,9 @@
git
];
home-manager.users.talexander = { pkgs, ... }: {
home-manager.users.talexander =
{ pkgs, ... }:
{
home.file.".gitconfig" = {
source = ./files/gitconfig_home;
};

14
nix/configuration/roles/gpg/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
@ -17,7 +22,12 @@
hideMounts = true;
users.talexander = {
directories = [
{ directory = ".gnupg"; user = "talexander"; group = "talexander"; mode = "0700"; } # Local keyring
{
directory = ".gnupg";
user = "talexander";
group = "talexander";
mode = "0700";
} # Local keyring
];
};
};

7
nix/configuration/roles/graphics/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];

7
nix/configuration/roles/reset/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];

7
nix/configuration/roles/sound/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];

7
nix/configuration/roles/sway/default.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
sway-config = pkgs.writeTextFile {

7
nix/configuration/zfs.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];