diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c4a847d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/result diff --git a/archive/configuration.nix b/archive/configuration.nix new file mode 100644 index 0000000..98d9126 --- /dev/null +++ b/archive/configuration.nix @@ -0,0 +1,241 @@ +{ config, pkgs, lib, ... }: + +{ + # this allows you to access `pkgsUnstable` anywhere in your config + _module.args.pkgsUnstable = import inputs.nixpkgs-unstable { + inherit (pkgs.stdenv.hostPlatform) system; + inherit (config.nixpkgs) config; + }; + + imports = + [ + ./hardware-configuration.nix + ./configs + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + nix.autoOptimiseStore = true; + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 10d"; + }; + + time.timeZone = "America/Los_Angeles"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; + + networking.hostName = "imladris"; + networking.networkmanager.enable = true; + networking.useDHCP = false; + services.resolved.enable = true; + services.resolved.fallbackDns = [ + "1.1.1.1" + "8.8.8.8" + ]; + + # Open ports in the firewall. + networking.firewall.allowedTCPPorts = [ 22 ]; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + permitRootLogin = "prohibit-password"; + # passwordAuthentication = false; + }; + + security.doas = { + enable = true; + extraRules = [{ + users = ["kyle"]; + keepEnv = true; + noPass = true; + }]; + }; + + services.cron.enable = true; + + # Enable the X11 windowing system. + # services.xserver.windowManager.stumpwm.enable = true; + services.xserver = { + displayManager = { + gdm = { + enable = true; + wayland = false; + }; + }; + enable = true; + windowManager = { + i3.enable = true; + }; + xkb = { + layout = "us"; + options = "ctrl:swapcaps"; + }; + }; + + # from a previous platform, but might be similar. + # icarus is an "AMD Ryzen 5 PRO 4650U with Radeon Graphics" machine. + # services.xserver.videoDrivers = [ "amdgpu" ]; + # services.xserver.useGlamor = true; + + # In case of tearing, this is reported to fix the issue. The intel driver is + # outdated (last updated in 2015), so try to avoid this. + # services.xserver.videoDrivers = [ "intel" ]; + # services.xserver.deviceSection = '' + # Option "DRI" "2" + # Option "TearFree" "true" + # ''; + + # Enable touchpad support (enabled default in most desktopManager). + services.libinput = { + enable = true; + mouse.naturalScrolling = true; + touchpad.naturalScrolling = true; + }; + + console.useXkbConfig = true; + + sound.enable = true; + hardware.pulseaudio.enable = true; + + users.users.kyle = { + isNormalUser = true; + extraGroups = [ + "wheel" + "networkmanager" + "dialout" + ]; + }; + programs.direnv.enable = true; + programs.command-not-found.enable = false; + + # fwupd + services.fwupd.enable = true; + + programs.nix-ld.enable = true; + programs.nix-ld.libraries = with pkgs; [ + # Add any missing dynamic libraries for unpackaged programs + # here, NOT in environment.systemPackages + ]; + + # List packages installed in system profile. To search, run: + # $ nix search wget + nixpkgs.config.allowUnfree = true; # needed for amdgpu + nixpkgs.config.packageOverrides = pkgs: { + doas = pkgs.doas.override { withPAM = false; }; + nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") { + inherit pkgs; + }; + }; + environment.systemPackages = with pkgs; [ + ag + arduino + binutils-unwrapped + bitwarden + brave + cloc + cscope + doas + elinks + emacs + emScript + feh + ffmpeg + file + fira-code + firefox + fzf + gcc + gdb + gforth + git + gnumake + go + go-font + hexyl + htop + i3 + keychain + lagrange + libzip + lxterminal + mercurial + mg + mutt + nyxt + nmap + obsidian + ops + pciutils + picocom + pwgen + python3Full + sbcl + scdoc + scrot + stumpwm + syncthing + syncthing-cli + syncthing-tray + tailscale + tcpdump + texinfo + texliveFull + tmux + tree + vimHugeX + vscode + wget + xfce.xfce4-terminal + ]; + + fonts.fonts = with pkgs; [ + fira-code + fira-code-symbols + go-font + ]; + + + # services.syncthing = { + # enable = true; + # user = "kyle"; + # dataDir = "/home/kyle/Sync"; + # configDir = "/home/kyle/.config/syncthing"; + # }; + services.tailscale.enable = true; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + programs.zsh.enable = true; + + nix.settings.experimental-features = [ "nix-command" ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "20.09"; # Did you read the comment? +} diff --git a/archive/hardware-configuration.nix b/archive/hardware-configuration.nix new file mode 100644 index 0000000..92d5b88 --- /dev/null +++ b/archive/hardware-configuration.nix @@ -0,0 +1,30 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/8cc8eca6-5a2d-4db1-a12d-06cd52b19726"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/A93D-156F"; + fsType = "vfat"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/ca4b5cbb-9cbb-4356-ba38-96f55b8f7711"; } + ]; + +} diff --git a/configs/git.nix b/configs/git.nix index 7aa5fae..0d424e2 100644 --- a/configs/git.nix +++ b/configs/git.nix @@ -9,7 +9,7 @@ }; init = { defaultBranch = "master"; - } + }; } { push = { default = "current"; }; } diff --git a/configuration.nix b/configuration.nix index 89d4b47..4bfbfe8 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,11 +1,15 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + { config, pkgs, lib, ... }: { # this allows you to access `pkgsUnstable` anywhere in your config - _module.args.pkgsUnstable = import inputs.nixpkgs-unstable { - inherit (pkgs.stdenv.hostPlatform) system; - inherit (config.nixpkgs) config; - }; + #_module.args.pkgsUnstable = import inputs.nixpkgs-unstable { + # inherit (pkgs.stdenv.hostPlatform) system; + # inherit (config.nixpkgs) config; + #}; imports = [ @@ -13,21 +17,23 @@ ./configs ]; - # Use the systemd-boot EFI boot loader. + # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - nix.autoOptimiseStore = true; + nix.settings.auto-optimise-store = true; nix.gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 10d"; }; + # Set your time zone. time.timeZone = "America/Los_Angeles"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; @@ -40,9 +46,8 @@ LC_TIME = "en_US.UTF-8"; }; - networking.hostName = "imladris"; + networking.hostName = "imladris"; # Define your hostname. networking.networkmanager.enable = true; - networking.useDHCP = false; services.resolved.enable = true; services.resolved.fallbackDns = [ "1.1.1.1" @@ -55,7 +60,9 @@ # Enable the OpenSSH daemon. services.openssh = { enable = true; - permitRootLogin = "prohibit-password"; + settings = { + PermitRootLogin = "prohibit-password"; + }; # passwordAuthentication = false; }; @@ -70,8 +77,6 @@ services.cron.enable = true; - # Enable the X11 windowing system. - # services.xserver.windowManager.stumpwm.enable = true; services.xserver = { displayManager = { gdm = { @@ -85,23 +90,10 @@ }; xkb = { layout = "us"; - options = "ctrl:swapcaps"; + options = "ctrl:swapcaps,compose:ralt"; }; }; - # from a previous platform, but might be similar. - # icarus is an "AMD Ryzen 5 PRO 4650U with Radeon Graphics" machine. - # services.xserver.videoDrivers = [ "amdgpu" ]; - # services.xserver.useGlamor = true; - - # In case of tearing, this is reported to fix the issue. The intel driver is - # outdated (last updated in 2015), so try to avoid this. - # services.xserver.videoDrivers = [ "intel" ]; - # services.xserver.deviceSection = '' - # Option "DRI" "2" - # Option "TearFree" "true" - # ''; - # Enable touchpad support (enabled default in most desktopManager). services.libinput = { enable = true; @@ -111,9 +103,6 @@ console.useXkbConfig = true; - sound.enable = true; - hardware.pulseaudio.enable = true; - users.users.kyle = { isNormalUser = true; extraGroups = [ @@ -125,36 +114,64 @@ programs.direnv.enable = true; programs.command-not-found.enable = false; - # fwupd - services.fwupd.enable = true; - programs.nix-ld.enable = true; programs.nix-ld.libraries = with pkgs; [ # Add any missing dynamic libraries for unpackaged programs # here, NOT in environment.systemPackages ]; - # List packages installed in system profile. To search, run: - # $ nix search wget - nixpkgs.config.allowUnfree = true; # needed for amdgpu - nixpkgs.config.packageOverrides = pkgs: { - doas = pkgs.doas.override { withPAM = false; }; - nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") { - inherit pkgs; + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable sound with pipewire. + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + # Install firefox. + programs.firefox.enable = true; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # Enable common container config files in /etc/containers + virtualisation.containers.enable = true; + virtualisation = { + podman = { + enable = true; + + # Create a `docker` alias for podman, to use it as a drop-in replacement + dockerCompat = true; + + # Required for containers under podman-compose to be able to talk to each other. + defaultNetwork.settings.dns_enabled = true; }; }; + + # List packages installed in system profile. To search, run: + # $ nix search wget environment.systemPackages = with pkgs; [ - ag arduino binutils-unwrapped bitwarden brave cloc cscope + direnv doas elinks emacs - emScript feh ffmpeg file @@ -165,6 +182,7 @@ gdb gforth git + graphviz gnumake go go-font @@ -174,6 +192,7 @@ keychain lagrange libzip + lxterminal mercurial mg mutt @@ -185,48 +204,35 @@ picocom pwgen python3Full + rlwrap sbcl scdoc scrot + silver-searcher stumpwm syncthing - syncthing-cli - syncthing-tray tailscale tcpdump + terminator texinfo texliveFull tmux tree - vimHugeX - vscode wget xfce.xfce4-terminal + dive + podman-tui + docker-compose + podman-compose ]; - fonts.fonts = with pkgs; [ - fira-code - fira-code-symbols - go-font - ]; - - - # services.syncthing = { - # enable = true; - # user = "kyle"; - # dataDir = "/home/kyle/Sync"; - # configDir = "/home/kyle/.config/syncthing"; - # }; services.tailscale.enable = true; + services.syncthing.enable = true; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; - programs.zsh.enable = true; nix.settings.experimental-features = [ "nix-command" ]; @@ -236,5 +242,6 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "20.09"; # Did you read the comment? + system.stateVersion = "24.11"; # Did you read the comment? + } diff --git a/hardware-configuration.nix b/hardware-configuration.nix index 92d5b88..36dccd2 100644 --- a/hardware-configuration.nix +++ b/hardware-configuration.nix @@ -8,23 +8,34 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.kernelModules = [ "kvm-amd" ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "/dev/disk/by-uuid/8cc8eca6-5a2d-4db1-a12d-06cd52b19726"; + { device = "/dev/disk/by-uuid/a646409d-193c-47b7-a38c-33e08f1bf3ae"; fsType = "ext4"; }; + boot.initrd.luks.devices."luks-41752b4f-4f27-4459-9087-8a8ba57e8e65".device = "/dev/disk/by-uuid/41752b4f-4f27-4459-9087-8a8ba57e8e65"; + fileSystems."/boot" = - { device = "/dev/disk/by-uuid/A93D-156F"; + { device = "/dev/disk/by-uuid/A3CB-584F"; fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; }; - swapDevices = - [ { device = "/dev/disk/by-uuid/ca4b5cbb-9cbb-4356-ba38-96f55b8f7711"; } - ]; + swapDevices = [ ]; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/install.sh b/install.sh deleted file mode 100644 index d141432..0000000 --- a/install.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/usr/bin/env bash - -read -p "SSID: " SSID -read -s -p "PSK: " PSK -cat > /etc/wpa_supplicant.conf < /etc/wpa_supplicant.conf <