From 099a6e4250ebe5feb347ab615dfc2ae177e4cbaf Mon Sep 17 00:00:00 2001 From: Kyle Isom Date: Mon, 16 Mar 2026 19:18:26 -0700 Subject: [PATCH] splitting things out for vade --- CLAUDE.md | 56 ++++++++++++ README.org | 33 +++++++ configs/desktop-light.nix | 91 +++++++++++++++++++ ...packages.nix => desktop-packages-full.nix} | 43 +-------- configs/desktop-packages-light.nix | 45 +++++++++ configs/desktop.nix | 90 +----------------- hw/vade/default.nix | 2 +- 7 files changed, 232 insertions(+), 128 deletions(-) create mode 100644 CLAUDE.md create mode 100644 configs/desktop-light.nix rename configs/{desktop-packages.nix => desktop-packages-full.nix} (50%) create mode 100644 configs/desktop-packages-light.nix diff --git a/CLAUDE.md b/CLAUDE.md new file mode 100644 index 0000000..1f43755 --- /dev/null +++ b/CLAUDE.md @@ -0,0 +1,56 @@ +# CLAUDE.md + +This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository. + +## What This Is + +A flake-based NixOS configuration managing 6 hosts (all x86_64-linux). Pinned to nixpkgs `nixos-25.11`. + +## Common Commands + +- **Build/deploy locally**: `rebuild-nixos` (installed to `~/.local/bin` via `make`) + - This runs on the target machine: pulls from local git remote, then `doas nixos-rebuild switch --flake .` +- **Build a specific host** (dry run): `nixos-rebuild build --flake .#` +- **Flash a remote machine**: `./script/flash.sh ` (uses nixos-anywhere) +- **Check if reboot needed**: `./script/check-restart.sh` +- **Install the rebuild script**: `make` + +## Architecture + +### Flake Structure + +All hosts are generated via `lib.genAttrs` in `flake.nix`. Each host gets: +- `disko` module (declarative disk management) +- `nix-index-database` with comma +- Host-specific config from `./hw//` +- Shared base from `./configuration.nix` + +Custom packages `ke` and `kte` are flake inputs from `git.wntrmute.dev/kyle/`. + +### Host Layout + +Each host has a directory under `hw//` containing: +- `default.nix` — imports hardware-config and (for desktops) desktop/qemu modules +- `hardware-configuration.nix` — auto-generated hardware config +- `disk-config.nix` — disko disk layout (where applicable) + +Desktop hosts (imladris, orion, vade, ono-sendai) import `configs/desktop.nix` and `configs/qemu.nix`. +Server hosts (rift, sk) are minimal — hardware config + disk config only. + +### Shared Modules (`configs/`) + +- `pkgs.nix` — system-wide packages +- `desktop.nix` — GDM + i3, PipeWire audio, Bluetooth, CUPS +- `desktop-packages.nix` — GUI applications (imported by desktop.nix) +- `git.nix` — git identity config +- `qemu.nix` — QEMU/KVM virtualization + +### Key Design Decisions + +- **No home-manager** — all config is system-level NixOS modules +- **No overlays** — packages are used directly; `allowUnfree = true` +- **No secrets manager** — SSH keys via gpg-agent, `doas` (not sudo) for privilege escalation +- **Podman** with Docker compatibility enabled on all hosts +- **Tailscale** and **Syncthing** enabled on all hosts +- **LUKS encryption** on some hosts (rift, ono-sendai) +- `inputs` are passed to modules via `specialArgs` diff --git a/README.org b/README.org index 670cae2..05fe16f 100644 --- a/README.org +++ b/README.org @@ -16,6 +16,14 @@ The primary things I want to use it for are writing, lisping, and working on uLisp or other portable computing projects. +** ono-sendai + + ono-sendai is a Nitropad X230. + + + CPU: i3 + + RAM: 8GB + + Storage:1T SSD + ** orion orion is an Intel NUC desktop. @@ -24,6 +32,31 @@ + 16GB RAM + 1TB SSD +** rift + + rift is the homelab Intel NUC. + + + CPU: i7 + + RAM: 32GB RAM + + Storage: 512GB SSD + +** sk + + sk is a VPS devserver. + + + CPU: unk + + RAM: 1G + + Storage: 25G + +** vade + + vade is a Framework 12 whose primary purpose is emacs/obsidian and + claude coding. + + + CPU: i3-1315U + + RAM: 16G + + Storage: 512G SSD + * Set up #+begin_example diff --git a/configs/desktop-light.nix b/configs/desktop-light.nix new file mode 100644 index 0000000..01b4449 --- /dev/null +++ b/configs/desktop-light.nix @@ -0,0 +1,91 @@ +# Baseline configuration for lightweight desktop systems. +# Full desktops should import desktop.nix instead, which builds on this. + +{ pkgs, ... }: { + imports = [ + ./desktop-packages-light.nix + # ./ghostty.nix # doesn't work yet + ]; + + services.displayManager.gdm.enable = true; + services.displayManager.gdm.wayland = false; + services.displayManager.gdm.debug = true; + services.xserver.windowManager.i3.enable = true; + services.xserver.xkb = { + layout = "us"; + options = "ctrl:swapcaps,compose:ralt"; + }; + + services.displayManager.autoLogin.enable = false; + + # Enable touchpad support (enabled default in most desktopManager). + services.libinput = { + enable = true; + mouse.naturalScrolling = true; + touchpad.naturalScrolling = true; + }; + + console.useXkbConfig = true; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable sound with pipewire. + services.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + + # Enable Bluetooth. + hardware.bluetooth = { + powerOnBoot = true; + settings = { + General = { + # Shows battery charge of connected devices on supported + # Bluetooth adapters. Defaults to 'false'. + Experimental = true; + # When enabled other devices can connect faster to us, however + # the tradeoff is increased power consumption. Defaults to + # 'false'. + FastConnectable = true; + }; + Policy = { + # Enable all controllers when they are found. This includes + # adapters present on start as well as adapters that are plugged + # in later on. Defaults to 'true'. + AutoEnable = true; + }; + }; + }; + services.blueman.enable = true; + + + services.udev.extraRules = '' +ACTION=="add", SUBSYSTEM=="backlight", GROUP="video", MODE="0660" +KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="3434", MODE="0660", GROUP="users", TAG+="uaccess", TAG+="udev-acl" +''; + + services.avahi = { + enable = true; + publish = { + enable = true; + }; + }; + + systemd.services."systemd-suspend" = { + description = "System Suspend with pm-suspend"; + serviceConfig = { + Type = "oneshot"; + Environment = "PATH=${pkgs.pmutils}/bin"; + ExecStart = [ + "" + "${pkgs.pmutils}/bin/pm-suspend" + ]; + }; + }; +} diff --git a/configs/desktop-packages.nix b/configs/desktop-packages-full.nix similarity index 50% rename from configs/desktop-packages.nix rename to configs/desktop-packages-full.nix index eee694b..943690a 100644 --- a/configs/desktop-packages.nix +++ b/configs/desktop-packages-full.nix @@ -1,79 +1,40 @@ -# Desktop-specific packages. +# Additional packages for full desktop systems. +# Imported on top of desktop-packages-light.nix. { pkgs, inputs, ... }: { - # List packages installed in system profile. To search, run: - # $ nix search wget environment.systemPackages = with pkgs; [ - acpitool # adafruit-nrfutil - alire arduino arduino-cli arduino-ide arduino-mk - asciinema - bibclean - bitwarden-cli - bitwarden-desktop - bluez brave - cmus - direnv - dmenu elinks - erlang - emacs - feh ffmpeg - fira-code - firefox freeglut - ghostty glfw glm - gnat15 - gnome-disk-utility - go-font - gnat15Packages.gpr2 - gnat15Packages.gprbuild - graphviz - i3 - i3lock inkscape - python312Packages.ipython kdePackages.ksshaskpass inputs.kte.packages.x86_64-linux.kge - inputs.kte.packages.x86_64-linux.qt lagrange libGL libGL.dev mesa - networkmanagerapplet nyxt - obsidian - pavucontrol - pmutils qmk qmk-udev-rules rbw - rebar3 - rofi - scrot SDL2 SDL2.dev signal-desktop stumpwm - syncthing veracrypt via vlc - xfce.thunar - xfce.thunar-volman - xfce.xfce4-power-manager xorg.libX11 - xss-lock # jetbrains # jetbrains-toolbox diff --git a/configs/desktop-packages-light.nix b/configs/desktop-packages-light.nix new file mode 100644 index 0000000..442f90c --- /dev/null +++ b/configs/desktop-packages-light.nix @@ -0,0 +1,45 @@ +# Core desktop packages for lightweight desktop systems. + +{ pkgs, inputs, ... }: + +{ + environment.systemPackages = with pkgs; [ + acpitool + alire + asciinema + bibclean + bitwarden-cli + bitwarden-desktop + bluez + cmus + direnv + dmenu + emacs + erlang + feh + fira-code + firefox + ghostty + gnat15 + gnat15Packages.gpr2 + gnat15Packages.gprbuild + gnome-disk-utility + go-font + graphviz + i3 + i3lock + python312Packages.ipython + networkmanagerapplet + obsidian + pavucontrol + pmutils + rebar3 + rofi + scrot + syncthing + xfce.thunar + xfce.thunar-volman + xfce.xfce4-power-manager + xss-lock + ]; +} diff --git a/configs/desktop.nix b/configs/desktop.nix index 1e64be5..14dc7fa 100644 --- a/configs/desktop.nix +++ b/configs/desktop.nix @@ -1,91 +1,9 @@ -# Baseline configuration for all desktop-class systems (including -# laptops). +# Full desktop configuration. Builds on desktop-light.nix with +# additional packages for development, multimedia, and embedded work. { pkgs, ... }: { imports = [ - ./desktop-packages.nix - # ./ghostty.nix # doesn't work yet + ./desktop-light.nix + ./desktop-packages-full.nix ]; - - services.displayManager.gdm.enable = true; - services.displayManager.gdm.wayland = false; - services.displayManager.gdm.debug = true; - services.xserver.windowManager.i3.enable = true; - services.xserver.xkb = { - layout = "us"; - options = "ctrl:swapcaps,compose:ralt"; - }; - - services.displayManager.autoLogin.enable = false; - - # Enable touchpad support (enabled default in most desktopManager). - services.libinput = { - enable = true; - mouse.naturalScrolling = true; - touchpad.naturalScrolling = true; - }; - - console.useXkbConfig = true; - - # Enable CUPS to print documents. - services.printing.enable = true; - - # Enable sound with pipewire. - services.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; - - - # Enable Bluetooth. - hardware.bluetooth = { - powerOnBoot = true; - settings = { - General = { - # Shows battery charge of connected devices on supported - # Bluetooth adapters. Defaults to 'false'. - Experimental = true; - # When enabled other devices can connect faster to us, however - # the tradeoff is increased power consumption. Defaults to - # 'false'. - FastConnectable = true; - }; - Policy = { - # Enable all controllers when they are found. This includes - # adapters present on start as well as adapters that are plugged - # in later on. Defaults to 'true'. - AutoEnable = true; - }; - }; - }; - services.blueman.enable = true; - - - services.udev.extraRules = '' -ACTION=="add", SUBSYSTEM=="backlight", GROUP="video", MODE="0660" -KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="3434", MODE="0660", GROUP="users", TAG+="uaccess", TAG+="udev-acl" -''; - - services.avahi = { - enable = true; - publish = { - enable = true; - }; - }; - - systemd.services."systemd-suspend" = { - description = "System Suspend with pm-suspend"; - serviceConfig = { - Type = "oneshot"; - Environment = "PATH=${pkgs.pmutils}/bin"; - ExecStart = [ - "" - "${pkgs.pmutils}/bin/pm-suspend" - ]; - }; - }; } diff --git a/hw/vade/default.nix b/hw/vade/default.nix index d68b465..a600249 100644 --- a/hw/vade/default.nix +++ b/hw/vade/default.nix @@ -3,7 +3,7 @@ { imports = [ ./hardware-configuration.nix - ../../configs/desktop.nix + ../../configs/desktop-light.nix ../../configs/qemu.nix ]; }