Mass refactor

This commit is contained in:
Alexander Bantyev 2021-01-21 21:13:53 +03:00
parent 0b5df1452e
commit 02f264263c
Signed by: balsoft
GPG Key ID: E081FF12ADCB4AD5
52 changed files with 647 additions and 583 deletions

View File

@ -1,25 +0,0 @@
# This is balsoft's configuration file.
#
# https://github.com/balsoft/nixos-config
#
# This is main nixos configuration
# To use this configuration:
# 1. Add your own secret.nix and hardware-configuration/`hostname`.nix to this folder
# 2. Set the hostname to the desired one
# 3. `sudo nixos-rebuild switch --flake .`
# 4. Log in to application and services where neccesary
{ config, pkgs, lib, inputs, name, ... }:
rec {
imports = [
(./hardware-configuration + "/${name}.nix")
inputs.home-manager.nixosModules.home-manager
(import ./modules device)
];
home-manager.users.balsoft.home.stateVersion = "20.09";
device = name;
system.stateVersion = "18.03";
}

View File

@ -3,28 +3,28 @@
"A collection of crap, hacks and copy-paste to make my localhosts boot"; "A collection of crap, hacks and copy-paste to make my localhosts boot";
inputs = { inputs = {
nixpkgs.url = github:nixos/nixpkgs/nixos-unstable; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
# nixpkgs-mesa.url = github:nixos/nixpkgs-channels/bdac777becdbb8780c35be4f552c9d4518fe0bdb; # nixpkgs-mesa.url = github:nixos/nixpkgs-channels/bdac777becdbb8780c35be4f552c9d4518fe0bdb;
lambda-launcher.url = github:balsoft/lambda-launcher; lambda-launcher.url = "github:balsoft/lambda-launcher";
NUR = { NUR = {
url = github:nix-community/NUR; url = "github:nix-community/NUR";
flake = false; flake = false;
}; };
base16-unclaimed-schemes = { base16-unclaimed-schemes = {
url = github:chriskempson/base16-unclaimed-schemes; url = "github:chriskempson/base16-unclaimed-schemes";
flake = false; flake = false;
}; };
home-manager.url = github:rycee/home-manager; home-manager.url = "github:rycee/home-manager";
materia-theme = { materia-theme = {
url = github:nana-4/materia-theme; url = "github:nana-4/materia-theme";
flake = false; flake = false;
}; };
nixpkgs-old = { nixpkgs-old = {
url = github:nixos/nixpkgs/nixos-19.09; url = "github:nixos/nixpkgs/nixos-19.09";
flake = false; flake = false;
}; };
weechat-scripts = { weechat-scripts = {
url = github:weechat/scripts; url = "github:weechat/scripts";
flake = false; flake = false;
}; };
simple-nixos-mailserver = { simple-nixos-mailserver = {
@ -32,11 +32,11 @@
flake = false; flake = false;
}; };
nixpkgs-wayland = { nixpkgs-wayland = {
url = github:colemickens/nixpkgs-wayland; url = "github:colemickens/nixpkgs-wayland";
flake = false; flake = false;
}; };
weechat-notify-send = { weechat-notify-send = {
url = github:s3rvac/weechat-notify-send; url = "github:s3rvac/weechat-notify-send";
flake = false; flake = false;
}; };
yt-utilities = { yt-utilities = {
@ -44,20 +44,28 @@
url = "ssh://git@github.com/serokell/yt-utilities"; url = "ssh://git@github.com/serokell/yt-utilities";
ref = "flake"; ref = "flake";
}; };
nixos-fhs-compat.url = github:balsoft/nixos-fhs-compat; nixos-fhs-compat.url = "github:balsoft/nixos-fhs-compat";
simple-osd-daemons.url = github:balsoft/simple-osd-daemons; simple-osd-daemons.url = "github:balsoft/simple-osd-daemons";
}; };
outputs = { nixpkgs, nix, self, ... }@inputs: { outputs = { nixpkgs, nix, self, ... }@inputs: {
nixosModules = import ./modules;
nixosProfiles = import ./profiles;
nixosConfigurations = with nixpkgs.lib; nixosConfigurations = with nixpkgs.lib;
let let
hosts = map (fname: builtins.head (builtins.match "(.*)\\.nix" fname)) hosts = builtins.attrNames (builtins.readDir ./machines);
(builtins.attrNames (builtins.readDir ./hardware-configuration));
mkHost = name: mkHost = name:
nixosSystem { nixosSystem {
system = "x86_64-linux"; system = builtins.readFile (./machines + "/${name}/system");
modules = [ (import ./default.nix) ]; modules = [
specialArgs = { inherit inputs name; }; (import (./machines + "/${name}"))
{
device = name;
}
];
specialArgs = { inherit inputs; };
}; };
in genAttrs hosts mkHost; in genAttrs hosts mkHost;

View File

@ -1,3 +0,0 @@
{
}

View File

@ -0,0 +1,18 @@
{ inputs, ... }: {
imports = [ ./hardware-configuration.nix inputs.self.nixosProfiles.desktop ];
deviceSpecific.devInfo = {
cpu = {
vendor = "amd";
clock = 4200;
cores = 8;
};
drive = {
type = "ssd";
speed = 6000;
size = 250;
};
bigScreen = true;
ram = 32;
};
services.apcupsd.enable = true;
}

View File

@ -0,0 +1 @@
x86_64-linux

View File

@ -0,0 +1,28 @@
{ inputs, ... }: {
imports = with inputs.self.nixosModules; [
./hardware-configuration.nix
inputs.self.nixosProfiles.server
gitea
jitsi
mailserver
matrix-synapse
minidlna
nextcloud
nginx
vsftpd
];
deviceSpecific.devInfo = {
cpu = {
vendor = "broadcom";
clock = 4200;
cores = 8;
};
drive = {
type = "ssd";
speed = 6000;
size = 250;
};
bigScreen = true;
ram = 32;
};
}

View File

@ -0,0 +1,24 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
};
swapDevices = [ ];
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
# high-resolution display
hardware.video.hidpi.enable = lib.mkDefault true;
}

View File

@ -0,0 +1 @@
aarch64-linux

View File

@ -0,0 +1,17 @@
{ inputs, ... }: {
imports = [ ./hardware-configuration.nix inputs.self.nixosProfiles.desktop ];
deviceSpecific.devInfo = {
legacy = false;
cpu = {
vendor = "intel";
clock = 2500;
cores = 2;
};
drive = {
type = "ssd";
speed = 1000;
size = 120;
};
ram = 8;
};
}

View File

@ -0,0 +1 @@
x86_64-linux

View File

@ -0,0 +1,75 @@
{ inputs, ... }: {
imports = [ ./hardware-configuration.nix inputs.self.nixosProfiles.desktop ];
deviceSpecific.devInfo = {
cpu = {
vendor = "intel";
clock = 4600;
cores = 4;
};
drive = {
type = "ssd";
speed = 2000;
size = 250;
};
ram = 16;
};
services.throttled = {
enable = true;
extraConfig = ''
[GENERAL]
# Enable or disable the script execution
Enabled: True
# SYSFS path for checking if the system is running on AC power
Sysfs_Power_Path: /sys/class/power_supply/AC*/online
## Settings to apply while connected to Battery power
[BATTERY]
# Update the registers every this many seconds
Update_Rate_s: 30
# Max package power for time window #1
PL1_Tdp_W: 29
# Time window #1 duration
PL1_Duration_s: 28
# Max package power for time window #2
PL2_Tdp_W: 44
# Time window #2 duration
PL2_Duration_S: 0.002
# Max allowed temperature before throttling
Trip_Temp_C: 85
# Set cTDP to normal=0, down=1 or up=2 (EXPERIMENTAL)
cTDP: 1
## Settings to apply while connected to AC power
[AC]
# Update the registers every this many seconds
Update_Rate_s: 5
# Max package power for time window #1
PL1_Tdp_W: 44
# Time window #1 duration
PL1_Duration_s: 28
# Max package power for time window #2
PL2_Tdp_W: 44
# Time window #2 duration
PL2_Duration_S: 0.002
# Max allowed temperature before throttling
Trip_Temp_C: 95
# Set HWP energy performance hints to 'performance' on high load (EXPERIMENTAL)
HWP_Mode: True
# Set cTDP to normal=0, down=1 or up=2 (EXPERIMENTAL)
cTDP: 2
[UNDERVOLT]
# CPU core voltage offset (mV)
CORE: -200
# Integrated GPU voltage offset (mV)
GPU: -60
# CPU cache voltage offset (mV)
CACHE: -50
# System Agent voltage offset (mV)
UNCORE: 0
# Analog I/O voltage offset (mV)
ANALOGIO: 0
'';
};
}

View File

@ -0,0 +1 @@
x86_64-linux

View File

@ -0,0 +1,19 @@
{ inputs, ... }: {
imports = [ ./hardware-configuration.nix inputs.self.nixosProfiles.desktop ];
deviceSpecific.devInfo = {
cpu = {
vendor = "intel";
clock = 4800;
cores = 4;
};
drive = {
type = "ssd";
speed = 6000;
size = 256;
};
ram = 16;
};
boot.extraModprobeConfig = ''
options iwlwifi bt_coex_active=0
'';
}

View File

@ -0,0 +1 @@
x86_64-linux

View File

@ -1,6 +1,7 @@
{ modulesPath, lib, ... }: { { modulesPath, lib, inputs, ... }: {
imports = [ imports = [
"${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
inputs.self.nixosProfiles.base
]; ];
networking.wireless.enable = lib.mkForce false; networking.wireless.enable = lib.mkForce false;
services.openssh.permitRootLogin = lib.mkForce "no"; services.openssh.permitRootLogin = lib.mkForce "no";

View File

@ -0,0 +1 @@
x86_64-linux

View File

@ -43,6 +43,12 @@ with import ../support.nix { inherit lib config; }; {
desktop = "gnumeric"; desktop = "gnumeric";
}; };
}; };
environment.sessionVariables = {
EDITOR = config.defaultApplications.editor.cmd;
VISUAL = config.defaultApplications.editor.cmd;
};
home-manager.users.balsoft.xdg.mimeApps = { home-manager.users.balsoft.xdg.mimeApps = {
enable = true; enable = true;
defaultApplications = defaultApplications =

28
modules/boot.nix Normal file
View File

@ -0,0 +1,28 @@
{ lib, pkgs, config, ... }: {
boot = {
loader.timeout = 1;
loader.systemd-boot.enable = lib.mkIf (pkgs.system == "x86_64-linux") true;
# loader.raspberryPi = lib.mkIf (pkgs.system == "aarch64-linux") {
# enable = true;
# version = 4;
# };
loader.grub.enable = false;
# kernelParams = [ "quiet" "scsi_mod.use_blk_mq=1" "modeset" "nofb" ]
# ++ lib.optional (pkgs.system == "x86_64-linux") [
# "rd.systemd.show_status=auto"
# "rd.udev.log_priority=3"
# "pti=off"
# "spectre_v2=off"
# ];
kernelPackages = pkgs.linuxPackages_latest;
consoleLogLevel = 3;
kernel.sysctl."vm.swappiness" = 0;
kernel.sysctl."kernel/sysrq" = 1;
};
}

View File

@ -1,46 +1,55 @@
device: builtins.listToAttrs (builtins.map (path: {
{ pkgs, lib, ... }: { name = builtins.head (let
imports = [ b = builtins.baseNameOf path;
./applications/packages.nix m = builtins.match "(.*)\\.nix" b;
./applications/emacs in if isNull m then [ b ] else m);
./applications/alacritty.nix value = import path;
./applications/geary.nix }) [
./applications/weechat.nix
./applications/okular.nix
./applications/yt-utilities.nix
./applications/firefox.nix
./workspace/sway
./workspace/i3blocks
./workspace/zsh.nix
./workspace/gtk.nix
./workspace/gnome3
./workspace/misc.nix
./workspace/kde
./workspace/ssh.nix
./workspace/locale.nix
./workspace/fonts.nix
./workspace/light.nix
./workspace/mako.nix
./workspace/xresources.nix
./themes.nix
./applications.nix ./applications.nix
./secrets.nix ./applications/alacritty.nix
./secrets-envsubst.nix ./applications/emacs
./applications/firefox.nix
./applications/geary.nix
./applications/okular.nix
./applications/packages.nix
./applications/weechat.nix
./applications/yt-utilities.nix
./boot.nix
./devices.nix ./devices.nix
./packages.nix
./users.nix
./hardware.nix ./hardware.nix
./services.nix
./power.nix
./network.nix ./network.nix
./simple-osd-daemons.nix ./nix.nix
] ++ lib.optionals (device == "AMD-Workstation") [ ./overlay.nix
./nextcloud.nix ./power.nix
./mailserver.nix ./secrets-envsubst.nix
./matrix-synapse.nix ./secrets.nix
# ./workspace/kanshi.nix ./security.nix
./nginx.nix ./servers/gitea.nix
./gitea.nix ./servers/jitsi.nix
./minidlna.nix ./servers/mailserver.nix
]; ./servers/matrix-synapse.nix
} ./servers/minidlna.nix
./servers/nextcloud.nix
./servers/nginx.nix
./servers/vsftpd.nix
./services.nix
./themes.nix
./virtualisation.nix
./workspace/cursor.nix
./workspace/fonts.nix
./workspace/git.nix
./workspace/gnome3
./workspace/gpg.nix
./workspace/gtk.nix
./workspace/i3blocks
./workspace/kde
./workspace/light.nix
./workspace/locale.nix
./workspace/mako.nix
./workspace/misc.nix
./workspace/simple-osd-daemons.nix
./workspace/ssh.nix
./workspace/sway
./workspace/xresources.nix
./workspace/zsh.nix
])

View File

@ -2,135 +2,45 @@
with lib; with lib;
with types; { with types; {
options = { options = {
device = mkOption { type = strMatching "[A-z|0-9]*-(Laptop|Workstation|VM|image)"; }; device = mkOption { type = str; };
devices = mkOption { type = attrs; }; deviceSpecific = {
deviceSpecific = mkOption { type = attrs; }; isLaptop = mkOption {
type = bool;
default =
!isNull (builtins.match ".*Laptop" config.networking.hostName);
};
devInfo = {
cpu = {
arch = mkOption { type = enum [ "x86_64" "aarch64" ]; };
vendor = mkOption { type = enum [ "amd" "intel" "broadcom" ]; };
clock = mkOption { type = int; };
cores = mkOption { type = int; };
};
drive = {
type = mkOption { type = enum [ "hdd" "ssd" ]; };
speed = mkOption { type = int; };
size = mkOption { type = int; };
};
ram = mkOption { type = int; };
bigScreen = mkOption {
type = bool;
default = true;
};
}; };
config = {
deviceSpecific = let
device = config.device;
devInfo = config.devices.${config.device};
in rec {
isLaptop = (!isNull (builtins.match ".*Laptop" device));
smallScreen = (device == "Prestigio-Laptop");
isShared = device == "Lenovo-Workstation";
cpu = devInfo.cpu.vendor;
inherit devInfo;
isSSD = devInfo.drive.type == "ssd";
# Whether machine is powerful enough for heavy stuff # Whether machine is powerful enough for heavy stuff
goodMachine = devInfo.cpu.clock * devInfo.cpu.cores >= 4000 goodMachine = with config.deviceSpecific;
mkOption {
type = bool;
default = devInfo.cpu.clock * devInfo.cpu.cores >= 4000
&& devInfo.drive.size >= 100 && devInfo.ram >= 8; && devInfo.drive.size >= 100 && devInfo.ram >= 8;
isHost = isSSD;
bigScreen = devInfo ? bigScreen;
}; };
isHost = mkOption {
devices = { type = bool;
T490s-Laptop = { default = with config.deviceSpecific; goodMachine;
cpu = {
vendor = "intel";
clock = 4600;
cores = 4;
}; };
drive = { bigScreen = mkOption {
type = "ssd"; type = bool;
speed = 2000; default = config.deviceSpecific.devInfo ? bigScreen;
size = 250;
};
ram = 16;
};
T420-Laptop = {
legacy = false;
cpu = {
vendor = "intel";
clock = 2500;
cores = 2;
};
drive = {
type = "ssd";
speed = 1000;
size = 120;
};
ram = 8;
};
Lenovo-Workstation = {
legacy = true;
cpu = {
vendor = "intel";
clock = 2500;
cores = 2;
};
drive = {
type = "ssd";
speed = 250;
size = 120;
};
ram = 8;
};
AMD-Workstation = {
cpu = {
vendor = "amd";
clock = 4200;
cores = 8;
};
drive = {
type = "ssd";
speed = 6000;
size = 250;
};
bigScreen = true;
ram = 32;
};
Prestigio-Laptop = {
cpu = {
vendor = "intel";
clock = 1400;
cores = 2;
};
drive = {
type = "flash";
speed = 100;
size = 32;
};
ram = 2;
};
X2100-Laptop = {
cpu = {
vendor = "intel";
clock = 4800;
cores = 4;
};
drive = {
type = "ssd";
speed = 6000;
size = 256;
};
ram = 16;
};
NixOS-VM = {
cpu = {
vendor = "intel";
clock = 1000;
cores = 1;
};
drive = {
type = "ssd";
speed = 50;
size = 1;
};
ram = 4;
};
iso-image = {
cpu = {
vendor = "intel";
clock = 1000;
cores = 1;
};
drive = {
type = "ssd";
speed = 50;
size = 8;
};
ram = 4;
}; };
}; };
}; };

View File

@ -1,12 +1,7 @@
{ pkgs, config, lib, ... }: { pkgs, config, lib, ... }:
with rec { inherit (config) device devices deviceSpecific; }; with rec { inherit (config) device deviceSpecific; };
with deviceSpecific; { with deviceSpecific; {
hardware.sensor.iio.enable = (device == "HP-Laptop");
hardware.cpu.${devices.${device}.cpu.vendor}.updateMicrocode =
true; # Update microcode
hardware.enableRedistributableFirmware = true; # For some unfree drivers hardware.enableRedistributableFirmware = true; # For some unfree drivers
hardware.opengl.enable = true; hardware.opengl.enable = true;
@ -17,116 +12,14 @@ with deviceSpecific; {
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;
hardware.bluetooth.package = pkgs.bluezFull; hardware.bluetooth.package = pkgs.bluezFull;
services.throttled = { hardware.sane.enable = true;
enable = device == "T490s-Laptop";
extraConfig = ''
[GENERAL]
# Enable or disable the script execution
Enabled: True
# SYSFS path for checking if the system is running on AC power
Sysfs_Power_Path: /sys/class/power_supply/AC*/online
## Settings to apply while connected to Battery power
[BATTERY]
# Update the registers every this many seconds
Update_Rate_s: 30
# Max package power for time window #1
PL1_Tdp_W: 29
# Time window #1 duration
PL1_Duration_s: 28
# Max package power for time window #2
PL2_Tdp_W: 44
# Time window #2 duration
PL2_Duration_S: 0.002
# Max allowed temperature before throttling
Trip_Temp_C: 85
# Set cTDP to normal=0, down=1 or up=2 (EXPERIMENTAL)
cTDP: 1
## Settings to apply while connected to AC power
[AC]
# Update the registers every this many seconds
Update_Rate_s: 5
# Max package power for time window #1
PL1_Tdp_W: 44
# Time window #1 duration
PL1_Duration_s: 28
# Max package power for time window #2
PL2_Tdp_W: 44
# Time window #2 duration
PL2_Duration_S: 0.002
# Max allowed temperature before throttling
Trip_Temp_C: 95
# Set HWP energy performance hints to 'performance' on high load (EXPERIMENTAL)
HWP_Mode: True
# Set cTDP to normal=0, down=1 or up=2 (EXPERIMENTAL)
cTDP: 2
[UNDERVOLT]
# CPU core voltage offset (mV)
CORE: -200
# Integrated GPU voltage offset (mV)
GPU: -60
# CPU cache voltage offset (mV)
CACHE: -50
# System Agent voltage offset (mV)
UNCORE: 0
# Analog I/O voltage offset (mV)
ANALOGIO: 0
'';
};
boot.kernelModules = [ "ec_sys" ];
systemd.services.thinkpad_leds = {
enable = config.device == "T490s-Laptop";
description = "Set up thinkpad leds";
wantedBy = [ "multi-user.target" ];
script = ''
echo -n -e "\x0e" | dd of="/sys/kernel/debug/ec/ec0/io" bs=1 seek=12 count=1 conv=notrunc 2> /dev/null'';
serviceConfig.Type = "oneshot";
};
boot = {
loader = lib.mkIf (config.device != "iso-image") ({
timeout = 1;
} // (if deviceSpecific.devInfo.legacy or false then { # Non-UEFI config
grub.enable = true;
grub.version = 2;
grub.useOSProber = true;
grub.device = "/dev/sda";
} else { # UEFI config
systemd-boot.enable = true;
}));
kernelPackages = pkgs.linuxPackages_latest;
consoleLogLevel = 3;
extraModprobeConfig = ''
options ec_sys write_support=1
'' + lib.optionalString (device == "X2100-Laptop") ''
options iwlwifi bt_coex_active=0
'';
kernel.sysctl."vm.swappiness" = 0;
kernel.sysctl."kernel/sysrq" = 1;
kernelParams = [
"quiet"
"scsi_mod.use_blk_mq=1"
"modeset"
"nofb"
"rd.systemd.show_status=auto"
"rd.udev.log_priority=3"
"pti=off"
"spectre_v2=off"
];
};
hardware.sane = {
enable = true;
# extraBackends = [ pkgs.hplipWithPlugin ];
};
services.saned.enable = true; services.saned.enable = true;
services.logind.lidSwitchExternalPower = "ignore"; services.logind.lidSwitchExternalPower = "ignore";
services.logind.extraConfig = "HandlePowerKey=suspend"; services.logind.extraConfig = "HandlePowerKey=suspend";
sound.enable = true; sound.enable = true;
hardware.pulseaudio = { hardware.pulseaudio = {
enable = true; enable = true;

View File

@ -2,7 +2,6 @@
let let
localRanges = [ localRanges = [
{ from = 1714; to = 1764; } # KDE connect { from = 1714; to = 1764; } # KDE connect
{ from = 6600; to = 6600; } # Mopidy
]; ];
in { in {
networking = { networking = {
@ -23,6 +22,7 @@ in {
usePredictableInterfaceNames = false; usePredictableInterfaceNames = false;
hostName = config.device; hostName = config.device;
}; };
networking.firewall.trustedInterfaces = [ "eth0" ];
systemd.services.ModemManager.wantedBy = systemd.services.ModemManager.wantedBy =
lib.optional (config.device == "T490s-Laptop") "network.target"; lib.optional (config.device == "T490s-Laptop") "network.target";
} }

25
modules/nix.nix Normal file
View File

@ -0,0 +1,25 @@
{ lib, inputs, ... }: {
nix = rec {
nixPath = lib.mkForce [ "nixpkgs=/etc/nixpkgs" ];
binaryCaches = [ "https://cache.nixos.org" ];
registry.self.flake = inputs.self;
trustedUsers = [ "root" "balsoft" "@wheel" ];
nrBuildUsers = 16;
optimise.automatic = true;
binaryCachePublicKeys =
[ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ];
package = inputs.nix.packages.x86_64-linux.nix;
extraOptions = ''
experimental-features = nix-command flakes
'';
requireSignedBinaryCaches = false;
};
environment.etc.nixpkgs.source = inputs.nixpkgs;
}

View File

@ -43,27 +43,4 @@ in {
allowUnfree = true; allowUnfree = true;
android_sdk.accept_license = true; android_sdk.accept_license = true;
}; };
environment.etc.nixpkgs.source = inputs.nixpkgs;
nix = rec {
nixPath = lib.mkForce [ "nixpkgs=/etc/nixpkgs" ];
binaryCaches = [ "https://cache.nixos.org" ];
registry.self.flake = inputs.self;
trustedUsers = [ "root" "balsoft" "@wheel" ];
nrBuildUsers = 16;
optimise.automatic = true;
binaryCachePublicKeys =
[ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ];
package = inputs.nix.packages.x86_64-linux.nix;
extraOptions = ''
experimental-features = nix-command flakes
'';
requireSignedBinaryCaches = false;
};
} }

12
modules/servers/jitsi.nix Normal file
View File

@ -0,0 +1,12 @@
{ config, ... }: {
services.jitsi-meet = {
enable = true;
hostName = "meet.balsoft.ru";
};
services.nginx.virtualHosts.${config.services.jitsi-meet.hostName} = {
enableACME = true;
forceSSL = true;
basicAuthFile = "/var/lib/jitsi-auth";
};
}

View File

@ -0,0 +1,10 @@
{
services.vsftpd = {
enable = true;
anonymousUser = true;
allowWriteableChroot = true;
anonymousMkdirEnable = true;
anonymousUploadEnable = true;
writeEnable = true;
};
}

View File

@ -3,10 +3,8 @@
services.acpid.enable = true; services.acpid.enable = true;
services.apcupsd = { enable = config.device == "AMD-Workstation"; };
services.earlyoom = { services.earlyoom = {
enable = config.devices.${config.device}.ram < 16; enable = config.deviceSpecific.devInfo.ram < 16;
freeMemThreshold = 5; freeMemThreshold = 5;
freeSwapThreshold = 100; freeSwapThreshold = 100;
}; };
@ -15,19 +13,6 @@
enable = true; enable = true;
drivers = [ pkgs.gutenprint ]; drivers = [ pkgs.gutenprint ];
}; };
programs.dconf.enable = true;
services.tor = {
enable = true;
client.enable = true;
torsocks.enable = true;
settings.SOCKSPort = [ 9050 ];
};
services.privoxy = {
enable = true;
enableTor = true;
};
programs.mosh.enable = true; programs.mosh.enable = true;
@ -37,41 +22,7 @@
systemd.services.systemd-udev-settle.enable = false; systemd.services.systemd-udev-settle.enable = false;
services.nix-serve.enable = config.device == "AMD-Workstation";
services.pcscd.enable = true; services.pcscd.enable = true;
services.keybase.enable = true;
services.upower.enable = true; services.upower.enable = true;
virtualisation.docker.enable = config.deviceSpecific.isHost;
virtualisation.libvirtd = {
enable = config.deviceSpecific.isHost;
};
networking.firewall.trustedInterfaces = [ "eth0" ];
services.nginx.enable = config.device == "AMD-Workstation";
services.vsftpd = {
enable = config.device == "AMD-Workstation";
anonymousUser = true;
allowWriteableChroot = true;
anonymousMkdirEnable = true;
anonymousUploadEnable = true;
writeEnable = true;
};
services.jitsi-meet = {
enable = config.device == "AMD-Workstation";
hostName = "meet.balsoft.ru";
};
services.nginx.virtualHosts.${config.services.jitsi-meet.hostName} = {
enableACME = true;
forceSSL = true;
basicAuthFile = "/var/lib/jitsi-auth";
};
virtualisation.spiceUSBRedirection.enable = true;
} }

View File

@ -0,0 +1,7 @@
{ config, ... }: {
virtualisation.docker.enable = config.deviceSpecific.isHost;
virtualisation.libvirtd = {
enable = config.deviceSpecific.isHost;
};
virtualisation.spiceUSBRedirection.enable = true;
}

View File

@ -0,0 +1,17 @@
{ pkgs, lib, ... }: {
environment.sessionVariables = {
XCURSOR_PATH = lib.mkForce "/home/balsoft/.icons";
};
home-manager.users.balsoft = {
xsession.pointerCursor = {
package = pkgs.breeze-qt5;
name = "Breeze";
};
home.file.".icons/default".source =
"${pkgs.breeze-qt5}/share/icons/breeze_cursors";
};
}

12
modules/workspace/git.nix Normal file
View File

@ -0,0 +1,12 @@
{
home-manager.users.balsoft.programs.git = {
enable = true;
userEmail = "balsoft@balsoft.ru";
userName = "Alexander Bantyev";
extraConfig.pull.rebase = true;
signing = {
signByDefault = true;
key = "687558B21E04FE92B255BED0E081FF12ADCB4AD5";
};
};
}

10
modules/workspace/gpg.nix Normal file
View File

@ -0,0 +1,10 @@
{
home-manager.users.balsoft = {
services.gpg-agent = {
enable = true;
enableSshSupport = true;
pinentryFlavor = "gtk2";
};
programs.gpg.enable = true;
};
}

View File

@ -46,6 +46,7 @@ in {
}; };
}) })
]; ];
programs.dconf.enable = true;
services.dbus.packages = with pkgs; [ gnome3.dconf ]; services.dbus.packages = with pkgs; [ gnome3.dconf ];
home-manager.users.balsoft = { home-manager.users.balsoft = {
gtk = { gtk = {
@ -65,7 +66,7 @@ in {
"davs://nextcloud.balsoft.ru/remote.php/dav/files/balsoft nextcloud.balsoft.ru" "davs://nextcloud.balsoft.ru/remote.php/dav/files/balsoft nextcloud.balsoft.ru"
"sftp://balsoft.ru/home/balsoft balsoft.ru" "sftp://balsoft.ru/home/balsoft balsoft.ru"
] ++ map (machine: "sftp://${machine}/home/balsoft ${machine}") ] ++ map (machine: "sftp://${machine}/home/balsoft ${machine}")
(builtins.attrNames config.devices); (builtins.attrNames inputs.self.nixosConfigurations);
extraConfig = { extraConfig = {
gtk-cursor-theme-name = "Breeze"; gtk-cursor-theme-name = "Breeze";
}; };

View File

@ -1,15 +1,9 @@
{ pkgs, lib, config, ... }: { pkgs, lib, config, ... }:
with import ../../../support.nix { inherit lib config; }; { with import ../../../support.nix { inherit lib config; }; {
xdg.portal.enable = true; xdg.portal.enable = true;
services.dbus.packages = [ services.dbus.packages =
pkgs.firefox [ pkgs.firefox pkgs.systemd pkgs.papirus-icon-theme ];
pkgs.systemd services.udev.packages = [ pkgs.libmtp pkgs.media-player-info ];
pkgs.papirus-icon-theme
];
services.udev.packages = [
pkgs.libmtp
pkgs.media-player-info
];
environment.sessionVariables = { environment.sessionVariables = {
DESKTOP_SESSION = "kde"; DESKTOP_SESSION = "kde";
@ -20,9 +14,13 @@ with import ../../../support.nix { inherit lib config; }; {
QT_AUTO_SCREEN_SCALE_FACTOR = "0"; QT_AUTO_SCREEN_SCALE_FACTOR = "0";
DE = "kde"; DE = "kde";
QT_QPA_PLATFORMTHEME = "kde"; QT_QPA_PLATFORMTHEME = "kde";
KDEDIRS = "/run/current-system/sw:/run/current-system/sw/share/kservices5:/run/current-system/sw/share/kservicetypes5:/run/current-system/sw/share/kxmlgui5"; KDEDIRS =
"/run/current-system/sw:/run/current-system/sw/share/kservices5:/run/current-system/sw/share/kservicetypes5:/run/current-system/sw/share/kxmlgui5";
}; };
home-manager.users.balsoft.xdg.configFile."kdeglobals".text = genIni { home-manager.users.balsoft = {
services.kdeconnect.enable = true;
xdg.configFile."kdeglobals".text = genIni {
"Colors:Button" = { "Colors:Button" = {
BackgroundAlternate = thmDec.dark; BackgroundAlternate = thmDec.dark;
BackgroundNormal = thmDec.bg; BackgroundNormal = thmDec.bg;
@ -129,4 +127,5 @@ with import ../../../support.nix { inherit lib config; }; {
}; };
Icons = { Theme = "Papirus-Dark"; }; Icons = { Theme = "Papirus-Dark"; };
}; };
};
} }

View File

@ -4,12 +4,14 @@
environment.sessionVariables = { environment.sessionVariables = {
XKB_DEFAULT_LAYOUT = "us,ru"; XKB_DEFAULT_LAYOUT = "us,ru";
XKB_DEFAULT_OPTIONS = "grp:lctrl_toggle,grp_led:caps,ctrl:nocaps,misc:typo,lv3:ralt_switch"; XKB_DEFAULT_OPTIONS =
"grp:lctrl_toggle,grp_led:caps,ctrl:nocaps,misc:typo,lv3:ralt_switch";
LANG = lib.mkForce "en_GB.UTF-8"; LANG = lib.mkForce "en_GB.UTF-8";
}; };
time.timeZone = "Europe/Moscow"; # Mother Russia time.timeZone = "Europe/Moscow"; # Mother Russia
home-manager.users.balsoft.home.language = let home-manager.users.balsoft = {
home.language = let
en = "en_GB.UTF-8"; en = "en_GB.UTF-8";
ru = "ru_RU.UTF-8"; ru = "ru_RU.UTF-8";
in { in {
@ -19,4 +21,5 @@
time = en; time = en;
base = en; base = en;
}; };
};
} }

View File

@ -1,31 +1,8 @@
{ pkgs, lib, config, inputs, ... }: { { pkgs, lib, config, inputs, ... }: {
programs.sway.enable = true;
users.users.balsoft.extraGroups = [ "sway" ];
systemd.coredump.enable = true; systemd.coredump.enable = true;
environment.sessionVariables = config.home-manager.users.balsoft.home.sessionVariables // { environment.sessionVariables = config.home-manager.users.balsoft.home.sessionVariables // {
EDITOR = config.defaultApplications.editor.cmd;
VISUAL = config.defaultApplications.editor.cmd;
LESS = "-asrRix8";
XDG_SESSION_TYPE = "wayland";
QT_QPA_PLATFORM = "wayland";
QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
NIX_AUTO_RUN = "1"; NIX_AUTO_RUN = "1";
XCURSOR_PATH = lib.mkForce "/home/balsoft/.icons";
};
services.atd.enable = true;
containers.fhs-compat.config = {...}: {
imports = [ inputs.nixos-fhs-compat.nixosModules.combined ];
environment.fhs.enable = true;
environment.fhs.linkLibs = true;
environment.lsb.enable = true;
users.users.balsoft = {
isNormalUser = true;
password = "";
};
}; };
home-manager.users.balsoft = { home-manager.users.balsoft = {
@ -36,41 +13,18 @@
after = [ ]; after = [ ];
data = "rm -f /home/balsoft/.config/mimeapps.list"; data = "rm -f /home/balsoft/.config/mimeapps.list";
}; };
services.udiskie.enable = true;
programs.git = {
enable = true;
userEmail = "balsoft@balsoft.ru";
userName = "Alexander Bantyev";
extraConfig.pull.rebase = true;
signing = {
signByDefault = true;
key = "687558B21E04FE92B255BED0E081FF12ADCB4AD5";
};
};
services.gpg-agent = {
enable = true;
enableSshSupport = true;
pinentryFlavor = "gtk2";
};
programs.gpg.enable = true;
news.display = "silent"; news.display = "silent";
programs.command-not-found = { programs.command-not-found = {
enable = true; enable = true;
dbPath = ../../misc/programs.sqlite; dbPath = ../../misc/programs.sqlite;
}; };
home.keyboard = {
options = [ "grp:win_space_toggle,grp_led:caps,ctrl:nocaps" ];
layout = "us,ru";
};
systemd.user.startServices = true; systemd.user.startServices = true;
services.kdeconnect.enable = true;
xsession.pointerCursor = {
package = pkgs.breeze-qt5;
name = "Breeze";
}; };
home.file.".icons/default".source = "${pkgs.breeze-qt5}/share/icons/breeze_cursors";
}; home-manager.users.balsoft.home.stateVersion = "20.09";
system.stateVersion = "18.03";
} }

View File

@ -7,7 +7,7 @@ let
Restart = "always"; Restart = "always";
}; };
}; };
inherit (import ../support.nix { inherit lib config; }) genIni; inherit (import ../../support.nix { inherit lib config; }) genIni;
daemons = names: daemons = names:
builtins.listToAttrs (builtins.map (name: builtins.listToAttrs (builtins.map (name:
{ {

View File

@ -7,12 +7,21 @@ let
lock = pkgs.writeShellScript "lock" lock = pkgs.writeShellScript "lock"
"swaymsg 'output * dpms off'; sudo /run/current-system/sw/bin/lock; swaymsg 'output * dpms on'"; "swaymsg 'output * dpms off'; sudo /run/current-system/sw/bin/lock; swaymsg 'output * dpms on'";
in { in {
environment.sessionVariables._JAVA_AWT_WM_NONREPARENTING = "1"; environment.sessionVariables = {
_JAVA_AWT_WM_NONREPARENTING = "1";
XDG_SESSION_TYPE = "wayland";
QT_QPA_PLATFORM = "wayland";
QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
};
programs.sway.enable = true;
programs.sway.wrapperFeatures.gtk = true; programs.sway.wrapperFeatures.gtk = true;
programs.sway.extraPackages = lib.mkForce (with pkgs; [ swayidle xwayland ]); programs.sway.extraPackages = lib.mkForce (with pkgs; [ swayidle xwayland ]);
users.users.balsoft.extraGroups = [ "sway" ];
home-manager.users.balsoft.wayland.windowManager.sway = { home-manager.users.balsoft.wayland.windowManager.sway = {
enable = true; enable = true;
config = rec { config = rec {

20
profiles/base.nix Normal file
View File

@ -0,0 +1,20 @@
{ inputs, ... }: {
imports = with inputs.self.nixosModules; [
inputs.home-manager.nixosModules.home-manager
boot
secrets
secrets-envsubst
locale
network
overlay
devices
nix
security
ssh
git
gpg
zsh
];
}

5
profiles/default.nix Normal file
View File

@ -0,0 +1,5 @@
{
server = ./server.nix;
desktop = ./desktop.nix;
base = ./base.nix;
}

33
profiles/desktop.nix Normal file
View File

@ -0,0 +1,33 @@
{ inputs, ... }: {
imports = with inputs.self.nixosModules; [
./base.nix
applications
hardware
power
services
themes
virtualisation
alacritty
emacs
firefox
geary
packages
weechat
yt-utilities
cursor
fonts
gnome3
gtk
i3blocks
kde
light
mako
misc
simple-osd-daemons
sway
xresources
];
}

5
profiles/server.nix Normal file
View File

@ -0,0 +1,5 @@
{ inputs, ... }: {
imports = [
./base.nix
];
}