diff --git a/flake.nix b/flake.nix index 525c1d3..adb70ab 100644 --- a/flake.nix +++ b/flake.nix @@ -17,7 +17,7 @@ # nix-colors.url = "github:misterio77/nix-colors"; }; - outputs = { nixpkgs, home-manager, ... }@inputs: { + outputs = { nixpkgs, ... }@inputs: { # NixOS configuration entrypoint # Available through 'nixos-rebuild --flake .#your-hostname' nixosConfigurations = { @@ -33,6 +33,12 @@ # > Our main nixos configuration file < modules = [ ./nixos/machines/lpt-mans/configuration.nix ]; }; + + srv01-home = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs; }; # Pass flake inputs to our config + # > Our main nixos configuration file < + modules = [ ./nixos/machines/srv01-home/configuration.nix ]; + }; }; }; } diff --git a/home-manager/home.nix b/home-manager/home.nix index 4a9da78..f9ace4a 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -9,6 +9,7 @@ # You can also split up your configuration and import pieces of it here: ./nvim.nix + ./kitty.nix # ./i3.nix ]; diff --git a/home-manager/i3.nix b/home-manager/i3.nix deleted file mode 100644 index 8f26a38..0000000 --- a/home-manager/i3.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - xsession.windowManager.i3 = { - enable = true; - config = { - bars = [ - { - position = "top"; - statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ~/.config/i3status-rust/config-top.toml"; - } - ]; - }; - }; - - programs.i3status-rust = { - enable = true; - bars = { - top = { - blocks = [ - { - block = "time"; - interval = 60; - format = "%a %d/%m %k:%M %p"; - } - ]; - }; - }; - }; -} diff --git a/home-manager/nvim.nix b/home-manager/nvim.nix index 313a4d6..69a622f 100644 --- a/home-manager/nvim.nix +++ b/home-manager/nvim.nix @@ -10,7 +10,6 @@ extraPackages = with pkgs; [ gcc - vimPlugins.packer-nvim ripgrep ]; }; diff --git a/nixos/machines/lpt-mans/configuration.nix b/nixos/machines/lpt-mans/configuration.nix index 8bcc587..b0f1491 100644 --- a/nixos/machines/lpt-mans/configuration.nix +++ b/nixos/machines/lpt-mans/configuration.nix @@ -9,142 +9,35 @@ inputs.hardware.nixosModules.common-cpu-amd # inputs.hardware.nixosModules.common-gpu-nvidia - # You can also split up your configuration and import pieces of it here: - # ./users.nix - ./network.nix - ../../roles/desktop.nix - # Import home-manager's NixOS module inputs.home-manager.nixosModules.home-manager - # Import your generated (nixos-generate-config) hardware configuration + ./network.nix ./hardware-configuration.nix + + ../../modules + + ../../roles/base.nix + ../../roles/desktop.nix ]; - nixpkgs = { - # You can add overlays here - overlays = [ - # If you want to use overlays exported from other flakes: - # neovim-nightly-overlay.overlays.default - - # Or define it inline, for example: - # (final: prev: { - # hi = final.hello.overrideAttrs (oldAttrs: { - # patches = [ ./change-hello-to-hi.patch ]; - # }); - # }) - ]; - # Configure your nixpkgs instance - config = { - # Disable if you don't want unfree packages - allowUnfree = true; - }; - }; - - nix = { - # This will add each flake input as a registry - # To make nix3 commands consistent with your flake - registry = lib.mapAttrs (_: value: { flake = value; }) inputs; - - # This will additionally add your inputs to the system's legacy channels - # Making legacy nix commands consistent as well, awesome! - nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; - - settings = { - # Enable flakes and new 'nix' command - experimental-features = "nix-command flakes"; - # Deduplicate and optimize nix store - auto-optimise-store = true; - }; - }; - - # TODO_: This is just an example, be sure to use whatever bootloader you prefer boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - # Setup keyfile boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; - # FIXME_: Add the rest of your current configuration - - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "nl_NL.UTF-8"; - LC_IDENTIFICATION = "nl_NL.UTF-8"; - LC_MEASUREMENT = "nl_NL.UTF-8"; - LC_MONETARY = "nl_NL.UTF-8"; - LC_NAME = "nl_NL.UTF-8"; - LC_NUMERIC = "nl_NL.UTF-8"; - LC_PAPER = "nl_NL.UTF-8"; - LC_TELEPHONE = "nl_NL.UTF-8"; - LC_TIME = "nl_NL.UTF-8"; - }; - # Enable CUPS to print documents. services.printing.enable = true; - # Enable sound with pipewire. - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - # jack.enable = true; - - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; - }; - - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; - - # TODO_: Configure your system-wide user settings (groups, etc), add more users as needed. - users.users = { - # FIXME_: Replace with your username - mans = { - # TODO_: You can set an initial password for your user. - # If you do, you can skip setting a root password by passing '--no-root-passwd' to nixos-install. - # Be sure to change it (using passwd) after rebooting! - isNormalUser = true; - openssh.authorizedKeys.keys = [ - # TODO: Add your SSH public key(s) here, if you plan on using SSH to connect - ]; - # TODO_: Be sure to add any other groups you need (such as networkmanager, audio, docker, etc) - extraGroups = [ "wheel" "networkmanager" ]; - }; - }; - environment.systemPackages = with pkgs; [ wget neovim openssl ]; - # This setups a SSH server. Very important if you're setting up a headless system. - # Feel free to remove if you don't need it. - services.openssh = { - enable = true; - settings = { - # Forbid root login through SSH. - PermitRootLogin = "no"; - # Use keys only. Remove if you want to SSH using password (not recommended) - PasswordAuthentication = false; - }; - }; - home-manager = { extraSpecialArgs = { inherit inputs; }; users = { diff --git a/nixos/machines/pc-mans/configuration.nix b/nixos/machines/pc-mans/configuration.nix index 84f2118..f041315 100644 --- a/nixos/machines/pc-mans/configuration.nix +++ b/nixos/machines/pc-mans/configuration.nix @@ -9,43 +9,24 @@ inputs.hardware.nixosModules.common-cpu-amd # inputs.hardware.nixosModules.common-gpu-nvidia - # You can also split up your configuration and import pieces of it here: - # ./users.nix - ./network.nix - - ../../roles/desktop.nix - ../../roles/base.nix - ../../modules/nvidia.nix - # Import home-manager's NixOS module inputs.home-manager.nixosModules.home-manager - # Import your generated (nixos-generate-config) hardware configuration + ./network.nix + + ../../roles/base.nix + ../../roles/desktop.nix + + ../../modules/mans.nix + ../../modules/nvidia.nix + ./hardware-configuration.nix ]; - displayManager.setupCommands = '' + services.xserver.displayManager.setupCommands = '' ${pkgs.xorg.xrandr}/bin/xrandr --output DP-4 --rate 144.00 --size 1920x1080 --right-of HDMI-0 --primary --output HDMI-0 --auto ''; - nix = { - # This will add each flake input as a registry - # To make nix3 commands consistent with your flake - registry = lib.mapAttrs (_: value: { flake = value; }) inputs; - - # This will additionally add your inputs to the system's legacy channels - # Making legacy nix commands consistent as well, awesome! - nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; - - settings = { - # Enable flakes and new 'nix' command - experimental-features = "nix-command flakes"; - # Deduplicate and optimize nix store - auto-optimise-store = true; - }; - }; - - # TODO_: This is just an example, be sure to use whatever bootloader you prefer boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -59,31 +40,21 @@ "/crypto_keyfile.bin" = null; }; - users.users = { - mans = { - isNormalUser = true; - openssh.authorizedKeys.keys = [ - # TODO: Add your SSH public key(s) here, if you plan on using SSH to connect - ]; - extraGroups = [ "wheel" "networkmanager" ]; - }; - }; - environment.systemPackages = with pkgs; [ wget neovim openssl ]; - home-manager = { extraSpecialArgs = { inherit inputs; }; users = { - # Import your home-manager configuration mans = import ../../../home-manager/home.nix; }; }; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion system.stateVersion = "23.05"; } diff --git a/nixos/machines/server01-home/configuration.nix b/nixos/machines/server01-home/configuration.nix deleted file mode 100644 index 0f5f52e..0000000 --- a/nixos/machines/server01-home/configuration.nix +++ /dev/null @@ -1,121 +0,0 @@ -# This is your system's configuration file. -# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix) -# https://github.com/Misterio77/nix-starter-configs - -{ inputs, lib, config, pkgs, ... }: { - # You can import other NixOS modules here - imports = [ - # If you want to use modules from other flakes (such as nixos-hardware): - inputs.hardware.nixosModules.common-cpu-amd - - # You can also split up your configuration and import pieces of it here: - ./network.nix - ../../roles/server.nix - - # Import your generated (nixos-generate-config) hardware configuration - ./hardware-configuration.nix - ]; - - nixpkgs = { - # You can add overlays here - overlays = [ - # If you want to use overlays exported from other flakes: - # neovim-nightly-overlay.overlays.default - - # Or define it inline, for example: - # (final: prev: { - # hi = final.hello.overrideAttrs (oldAttrs: { - # patches = [ ./change-hello-to-hi.patch ]; - # }); - # }) - ]; - # Configure your nixpkgs instance - config = { - # Disable if you don't want unfree packages - allowUnfree = true; - }; - }; - - nix = { - # This will add each flake input as a registry - # To make nix3 commands consistent with your flake - registry = lib.mapAttrs (_: value: { flake = value; }) inputs; - - # This will additionally add your inputs to the system's legacy channels - # Making legacy nix commands consistent as well, awesome! - nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; - - settings = { - # Enable flakes and new 'nix' command - experimental-features = "nix-command flakes"; - # Deduplicate and optimize nix store - auto-optimise-store = true; - }; - }; - - # TODO_: This is just an example, be sure to use whatever bootloader you prefer - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - - # Setup keyfile - boot.initrd.secrets = { - "/crypto_keyfile.bin" = null; - }; - - # FIXME_: Add the rest of your current configuration - - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "nl_NL.UTF-8"; - LC_IDENTIFICATION = "nl_NL.UTF-8"; - LC_MEASUREMENT = "nl_NL.UTF-8"; - LC_MONETARY = "nl_NL.UTF-8"; - LC_NAME = "nl_NL.UTF-8"; - LC_NUMERIC = "nl_NL.UTF-8"; - LC_PAPER = "nl_NL.UTF-8"; - LC_TELEPHONE = "nl_NL.UTF-8"; - LC_TIME = "nl_NL.UTF-8"; - }; - - # TODO_: Configure your system-wide user settings (groups, etc), add more users as needed. - users.users = { - # FIXME_: Replace with your username - adminmz = { - # TODO_: You can set an initial password for your user. - # If you do, you can skip setting a root password by passing '--no-root-passwd' to nixos-install. - # Be sure to change it (using passwd) after rebooting! - isNormalUser = true; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDub2v/G51kGDqhQ4o7LN5ncq1oS0e14cjlibsPSfuPsGQBSFMojAUN8sYf43PrlzJs1nZsA3teF9SLmuWcyzcNXGKclhbj0AhN470l/G2SoEcIKDTgVJwNeQ7A/qzFSxmXIV7rmiPPADAyq0ykQA9MAD3f/+4KPiv3DgcU+9ZkSD1nbh4TGld44OLr70ozWBEdqlaUETIXKleEq/RbMcNi3YD89opafeeKpt6tMQydxcIFLUMimq3PiYVjJk4bypjB2r/jMAgnrE6nm96L8R8EZFMWsKpaL2s52NX90VIB69VMyQTdKdHEtxRWIwFR68E3YkYfyGZ5gyNIOaG4l0FyBVux21KxpR1kjhgm2JNw2moG0qwkpFI+Lu+3hqvUu0OM8otTpqGMWjTVs0yYsmIqwnEzEqAifdWxcLus6QLmz+61ajyQBlPBkJ6qFr9MhFvQOnuaUB461SkN/Rah3PU2wUSO9VvCcan2+l3M5zP2QJfPGfdS/mUHPuqCVzzXjNc=" - ]; - # TODO_: Be sure to add any other groups you need (such as networkmanager, audio, docker, etc) - extraGroups = [ "wheel" "networkmanager" ]; - }; - }; - - environment.systemPackages = with pkgs; [ - wget - vim - ]; - - # This setups a SSH server. Very important if you're setting up a headless system. - # Feel free to remove if you don't need it. - services.openssh = { - enable = true; - settings = { - # Forbid root login through SSH. - PermitRootLogin = "no"; - # Use keys only. Remove if you want to SSH using password (not recommended) - PasswordAuthentication = false; - }; - }; - - # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - system.stateVersion = "23.05"; -} diff --git a/nixos/machines/server01-home/network.nix b/nixos/machines/server01-home/network.nix deleted file mode 100644 index 49aeebc..0000000 --- a/nixos/machines/server01-home/network.nix +++ /dev/null @@ -1,21 +0,0 @@ -# networking.nix - -# Import the necessary modules -{ config, pkgs, ... }: - -{ - # Set the network interface configuration - # networking.interfaces.eth0.useDHCP = true; - - networking.networkmanager.enable = true; - - # Open ports in the firewall. - networking.firewall.allowedTCPPorts = [ 22 ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - - # Set the hostname - networking.hostName = "server01-home"; -} diff --git a/nixos/machines/srv01-home/configuration.nix b/nixos/machines/srv01-home/configuration.nix new file mode 100644 index 0000000..138686e --- /dev/null +++ b/nixos/machines/srv01-home/configuration.nix @@ -0,0 +1,102 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running `nixos-help`). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + + ../../modules/docker.nix + + ../../roles/server.nix + ]; + + # Use the systemd-boot EFI boot loader. + # boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + boot.supportedFilesystems = [ "zfs" ]; + boot.loader.grub.enable = true; + boot.loader.grub.efiSupport = true; + boot.loader.grub.device = "nodev"; + + boot.loader.grub.mirroredBoots = [ + { devices = [ "/dev/disk/by-uuid/D527-57A9" ]; + path = "/boot-fallback"; } + ]; + + networking = { + hostName = "srv01-home"; # Define your hostname. + hostId = "3bf26306"; + + interfaces.enp2s0.ipv4.addresses = [ + { + address = "192.168.2.11"; + prefixLength = 24; + } + ]; + + defaultGateway = "192.168.2.254"; + nameservers = ["1.1.1.1" "8.8.8.8"]; + }; + + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = ""; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.adminmz = { + isNormalUser = true; + extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + curl + ]; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDub2v/G51kGDqhQ4o7LN5ncq1oS0e14cjlibsPSfuPsGQBSFMojAUN8sYf43PrlzJs1nZsA3teF9SLmuWcyzcNXGKclhbj0AhN470l/G2SoEcIKDTgVJwNeQ7A/qzFSxmXIV7rmiPPADAyq0ykQA9MAD3f/+4KPiv3DgcU+9ZkSD1nbh4TGld44OLr70ozWBEdqlaUETIXKleEq/RbMcNi3YD89opafeeKpt6tMQydxcIFLUMimq3PiYVjJk4bypjB2r/jMAgnrE6nm96L8R8EZFMWsKpaL2s52NX90VIB69VMyQTdKdHEtxRWIwFR68E3YkYfyGZ5gyNIOaG4l0FyBVux21KxpR1kjhgm2JNw2moG0qwkpFI+Lu+3hqvUu0OM8otTpqGMWjTVs0yYsmIqwnEzEqAifdWxcLus6QLmz+61ajyQBlPBkJ6qFr9MhFvQOnuaUB461SkN/Rah3PU2wUSO9VvCcan2+l3M5zP2QJfPGfdS/mUHPuqCVzzXjNc= mzies@DESKTOP-AKMBK3I" + ]; + }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + wget + git + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # Open ports in the firewall. + networking.firewall.allowedTCPPorts = [ 80 443 22 ]; + networking.firewall.allowedUDPPorts = [ 80 443 22 ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It's perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? +} + diff --git a/nixos/machines/srv01-home/hardware-configuration.nix b/nixos/machines/srv01-home/hardware-configuration.nix new file mode 100644 index 0000000..a4fdf43 --- /dev/null +++ b/nixos/machines/srv01-home/hardware-configuration.nix @@ -0,0 +1,68 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "zroot/root"; + fsType = "zfs"; + }; + + fileSystems."/nix" = + { device = "zroot/root/nix"; + fsType = "zfs"; + }; + + fileSystems."/home" = + { device = "zroot/root/home"; + fsType = "zfs"; + }; + + fileSystems."/var" = + { device = "zroot/root/var"; + fsType = "zfs"; + }; + + fileSystems."/data" = + { device = "droot/root"; + fsType = "zfs"; + }; + + fileSystems."/data/garage" = + { device = "droot/root/garage"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/D505-A0AE"; + fsType = "vfat"; + }; + + fileSystems."/boot-fallback" = + { device = "/dev/disk/by-uuid/D527-57A9"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix index 8bf4cd2..a14c1c3 100644 --- a/nixos/modules/default.nix +++ b/nixos/modules/default.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: { imports = [ - ./ssh.nix ./i18n.nix + ./nixconfig.nix ]; } diff --git a/nixos/modules/mans.nix b/nixos/modules/mans.nix new file mode 100644 index 0000000..4a75de0 --- /dev/null +++ b/nixos/modules/mans.nix @@ -0,0 +1,13 @@ +{ inputs, config, lib, pkgs, ... }: + +{ + users.users = { + mans = { + isNormalUser = true; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDub2v/G51kGDqhQ4o7LN5ncq1oS0e14cjlibsPSfuPsGQBSFMojAUN8sYf43PrlzJs1nZsA3teF9SLmuWcyzcNXGKclhbj0AhN470l/G2SoEcIKDTgVJwNeQ7A/qzFSxmXIV7rmiPPADAyq0ykQA9MAD3f/+4KPiv3DgcU+9ZkSD1nbh4TGld44OLr70ozWBEdqlaUETIXKleEq/RbMcNi3YD89opafeeKpt6tMQydxcIFLUMimq3PiYVjJk4bypjB2r/jMAgnrE6nm96L8R8EZFMWsKpaL2s52NX90VIB69VMyQTdKdHEtxRWIwFR68E3YkYfyGZ5gyNIOaG4l0FyBVux21KxpR1kjhgm2JNw2moG0qwkpFI+Lu+3hqvUu0OM8otTpqGMWjTVs0yYsmIqwnEzEqAifdWxcLus6QLmz+61ajyQBlPBkJ6qFr9MhFvQOnuaUB461SkN/Rah3PU2wUSO9VvCcan2+l3M5zP2QJfPGfdS/mUHPuqCVzzXjNc= mzies@DESKTOP-AKMBK3I" + ]; + extraGroups = [ "wheel" "networkmanager" ]; + }; + }; +} diff --git a/nixos/modules/nixconfig.nix b/nixos/modules/nixconfig.nix new file mode 100644 index 0000000..a1b685a --- /dev/null +++ b/nixos/modules/nixconfig.nix @@ -0,0 +1,40 @@ +{ inputs, config, lib, pkgs, ... }: + +{ + nixpkgs = { + # You can add overlays here + overlays = [ + # If you want to use overlays exported from other flakes: + # neovim-nightly-overlay.overlays.default + + # Or define it inline, for example: + # (final: prev: { + # hi = final.hello.overrideAttrs (oldAttrs: { + # patches = [ ./change-hello-to-hi.patch ]; + # }); + # }) + ]; + # Configure your nixpkgs instance + config = { + # Disable if you don't want unfree packages + allowUnfree = true; + }; + }; + + nix = { + # This will add each flake input as a registry + # To make nix3 commands consistent with your flake + registry = lib.mapAttrs (_: value: { flake = value; }) inputs; + + # This will additionally add your inputs to the system's legacy channels + # Making legacy nix commands consistent as well, awesome! + nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; + + settings = { + # Enable flakes and new 'nix' command + experimental-features = "nix-command flakes"; + # Deduplicate and optimize nix store + auto-optimise-store = true; + }; + }; +} diff --git a/nixos/modules/overlays.nix b/nixos/modules/overlays.nix new file mode 100644 index 0000000..2005d59 --- /dev/null +++ b/nixos/modules/overlays.nix @@ -0,0 +1,38 @@ + + nixpkgs = { + # You can add overlays here + overlays = [ + # If you want to use overlays exported from other flakes: + # neovim-nightly-overlay.overlays.default + + # Or define it inline, for example: + # (final: prev: { + # hi = final.hello.overrideAttrs (oldAttrs: { + # patches = [ ./change-hello-to-hi.patch ]; + # }); + # }) + ]; + # Configure your nixpkgs instance + config = { + # Disable if you don't want unfree packages + allowUnfree = true; + }; + }; + + nix = { + # This will add each flake input as a registry + # To make nix3 commands consistent with your flake + registry = lib.mapAttrs (_: value: { flake = value; }) inputs; + + # This will additionally add your inputs to the system's legacy channels + # Making legacy nix commands consistent as well, awesome! + nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; + + settings = { + # Enable flakes and new 'nix' command + experimental-features = "nix-command flakes"; + # Deduplicate and optimize nix store + auto-optimise-store = true; + }; + }; + } diff --git a/nixos/modules/ssh.nix b/nixos/modules/ssh.nix index b95e0b5..3568396 100644 --- a/nixos/modules/ssh.nix +++ b/nixos/modules/ssh.nix @@ -1,14 +1,13 @@ { config, lib, pkgs, ... }: { - services.openssh = { - enable = true; - settings = { - # Forbid root login through SSH. - PermitRootLogin = "no"; - # Use keys only. Remove if you want to SSH using password (not recommended) - PasswordAuthentication = false; - }; + services.openssh = { + enable = true; + settings = { + # Forbid root login through SSH. + PermitRootLogin = "no"; + # Use keys only. Remove if you want to SSH using password (not recommended) + PasswordAuthentication = false; }; + }; } - diff --git a/nixos/roles/base.nix b/nixos/roles/base.nix index 9766e5f..c39b864 100644 --- a/nixos/roles/base.nix +++ b/nixos/roles/base.nix @@ -1,32 +1,14 @@ # Module arguments which our system can use to refer to its own configuration -{ config, lib, pkgs, ... }: +{ inputs, config, lib, pkgs, ... }: { - imports = [ - ../modules - ]; +imports = [ + ../modules +]; - options = { - }; +options = { +}; - config = { - nixpkgs = { - # You can add overlays here - overlays = [ - # If you want to use overlays exported from other flakes: - # neovim-nightly-overlay.overlays.default - - # Or define it inline, for example: - # (final: prev: { - # hi = final.hello.overrideAttrs (oldAttrs: { - # patches = [ ./change-hello-to-hi.patch ]; - # }); - # }) - ]; - # Configure your nixpkgs instance - config = { - # Disable if you don't want unfree packages - allowUnfree = true; - }; - }; - }; +config = { + +}; } diff --git a/nixos/roles/desktop.nix b/nixos/roles/desktop.nix index 80687ba..197e952 100644 --- a/nixos/roles/desktop.nix +++ b/nixos/roles/desktop.nix @@ -1,31 +1,30 @@ { config, lib, pkgs, ... }: + { - imports = [ - ../modules/i3.nix - ]; +imports = [ + ../modules + ../modules/i3.nix +]; - options = { - }; +config = { + # Enable CUPS to print documents. + services.printing.enable = true; - config = { - # Enable CUPS to print documents. - services.printing.enable = true; - - # Enable sound with pipewire. - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - # jack.enable = true; - - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; - }; + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + # jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; }; +}; } diff --git a/nixos/roles/server.nix b/nixos/roles/server.nix index 420b5dc..43f491e 100644 --- a/nixos/roles/server.nix +++ b/nixos/roles/server.nix @@ -1,12 +1,14 @@ # Module arguments which our system can use to refer to its own configuration { config, lib, pkgs, ... }: { - imports = [ - ]; +imports = [ + ../modules/ssh.nix +]; - options = { - }; +options = { +}; - config = { - }; +config = { + services.openssh.ports = [ 2022 ]; +}; }