diff --git a/.gitignore b/.gitignore index 0f4ce10..dfc1fa4 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,3 @@ nixos/result +pw +.stfolder diff --git a/README.md b/README.md index 87936ee..ff004ab 100644 --- a/README.md +++ b/README.md @@ -1,41 +1,41 @@ -### Old Hyprland config can be found [here](https://github.com/c4em/nixos-system-config/tree/deprecated) # nixos-system-config -Modular NixOS configuration with dotfiles. -## Usage -You should have basic knowledge of NixOS before using this project. Begin at `configuration.nix` and read through the files by following imports. -Everything should be commented. If something is not satisfactory, feel free to open up an issue or pull request. +Modular multi-purpose NixOS configuration. + +## About +Feel free to do whatever with this configuration. +This configuration [erases your darlings](https://grahamc.com/blog/erase-your-darlings/) using ZFS snapshots. +Currently only used for my homeserver, [desktop runs on Gentoo](https://git.dirae.org/caem/dotfiles). + ## Layout ``` -/etc/nixos/ -├── configuration.nix ; master configuration file -├── environments ; Desktop environment specific config -│   └── plasma.nix -├── hardware-configuration.nix ; Replace this with your current hardware-configuration.nix -├── overlays ; Package overlays -├── packages ; Package specifix configuration -├── profile.nix ; Specify the profile to use -├── profiles ; Profiles, for example for different machines or workflows -│   └── workstation.nix -├── sets ; Sets of packages to install -│   ├── base +/nix/config +├── flake.lock +├── flake.nix ; Master configuration file +├── overlays ; Package overlays +├── packages ; Packages with configurations +│   ├── nginx +│   │   └── homeserver.nix +│   ├── syncthing +│   │   └── homeserver.nix +│   └── vim +│   └── package.nix +├── pw ; Password of your user +├── sets ; Sets of packages +│   └── meta +│   └── sysadmin.nix +├── systems ; System specific configuration +│   ├── common.nix +│   ├── hardware ; Hardware configuration of each system +│   │   ├── homeserver.nix +│   │   └── qemu-vm.nix +│   ├── homeserver.nix +│   ├── persist ; Persistence configuration of each system │   │   ├── common.nix -│   │   ├── devel.nix -│   │   └── plasma.nix -│   ├── devel -│   │   ├── c.nix -│   │   └── git.nix -│   ├── drivers -│   │   ├── nvidia.nix -│   │   └── tablet.nix -│   └── graphics -│   ├── art.nix -│   └── video.nix -├── username.nix ; Set current user -└── users ; Users +│   │   ├── homeserver.nix +│   │   └── qemu-vm.nix +│   └── qemu-vm.nix +└── users ; User specific configuration + ├── media.nix + ├── none.nix └── user.nix ``` -## Todo -- [ ] Hyprland configuration -- [ ] Clean up sets directory -- [ ] Add screenshots to README.md -- [ ] Home-manager configuration diff --git a/configuration.nix b/configuration.nix deleted file mode 100644 index 2d5071c..0000000 --- a/configuration.nix +++ /dev/null @@ -1,43 +0,0 @@ -# Master configuration file -{ config, pkgs, ... }: -let - # User configurations are stored under ./user/[username].nix - # Set the corresponding value in ./username.nix - user = import ./username.nix; -in -{ - imports = [ - ./users/${user}.nix - - # Include the results of the hardware scan. - ./hardware-configuration.nix - - # Uncomment the profile you want to use - ./profiles/workstation.nix - ]; - - # General NixOS configuration - nix = { - settings.auto-optimise-store = true; - # Automatically remove generations older than a week - gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 7d"; - }; - }; - - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # Use the unstable channel - system.autoUpgrade = { - enable = true; - channel = "https://nixos.org/channels/nixos-unstable"; - }; - - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.05"; -} - diff --git a/environments/plasma.nix b/environments/plasma.nix deleted file mode 100644 index a19848c..0000000 --- a/environments/plasma.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - ../sets/base/plasma.nix - ]; - - services.xserver.enable = true; - services.xserver.displayManager.sddm.enable = true; - services.xserver.desktopManager.plasma5.enable = true; -} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..14dcb52 --- /dev/null +++ b/flake.lock @@ -0,0 +1,60 @@ +{ + "nodes": { + "impermanence": { + "locked": { + "lastModified": 1684264534, + "narHash": "sha256-K0zr+ry3FwIo3rN2U/VWAkCJSgBslBisvfRIPwMbuCQ=", + "owner": "nix-community", + "repo": "impermanence", + "rev": "89253fb1518063556edd5e54509c30ac3089d5e6", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "impermanence", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1686921029, + "narHash": "sha256-J1bX9plPCFhTSh6E3TWn9XSxggBh/zDD4xigyaIQBy8=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c7ff1b9b95620ce8728c0d7bd501c458e6da9e04", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "impermanence": "impermanence", + "nixpkgs": "nixpkgs", + "unstable": "unstable" + } + }, + "unstable": { + "locked": { + "lastModified": 1686960236, + "narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "04af42f3b31dba0ef742d254456dc4c14eedac86", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..ac44b6f --- /dev/null +++ b/flake.nix @@ -0,0 +1,34 @@ +{ + description = "Modular multi-purpose NixOS configuration."; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05"; + unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + + # https://nixos.wiki/wiki/Impermanence + impermanence.url = "github:nix-community/impermanence"; + }; + + outputs = { self, nixpkgs, ... }@attrs: let + user = "user"; # Select user from `./users` directory + in { + nixosConfigurations.homeserver = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = attrs; + modules = [ + ./users/${user}.nix + ./systems/homeserver.nix + ]; + }; + + # Debugging VM configuration + nixosConfigurations.qemu-vm = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = attrs; + modules = [ + ./users/${user}.nix + ./systems/qemu-vm.nix + ]; + }; + }; +} diff --git a/hardware-configuration.nix b/hardware-configuration.nix deleted file mode 100644 index b7ae331..0000000 --- a/hardware-configuration.nix +++ /dev/null @@ -1,43 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/56ec7666-a2ea-4e77-9015-00151b9b7884"; - fsType = "btrfs"; - options = [ "subvol=@" ]; - }; - - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/F076-283D"; - fsType = "vfat"; - }; - - fileSystems."/mnt/vault" = { - device = "/dev/disk/by-uuid/048d175b-0e3e-4ec7-955b-3d9a45f9f237"; - fsType = "xfs"; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp34s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/packages/nginx/homeserver.nix b/packages/nginx/homeserver.nix new file mode 100644 index 0000000..1ab6038 --- /dev/null +++ b/packages/nginx/homeserver.nix @@ -0,0 +1,13 @@ +{ ... }: + +{ + services.nginx.enable = true; + services.nginx.virtualHosts."192.168.2.69" = { + root = "/mnt/mass/Torrents"; + extraConfig = '' + autoindex on; + ''; + }; + + networking.firewall.allowedTCPPorts = [ 80 ]; +} diff --git a/packages/syncthing/homeserver.nix b/packages/syncthing/homeserver.nix new file mode 100644 index 0000000..cddef3b --- /dev/null +++ b/packages/syncthing/homeserver.nix @@ -0,0 +1,18 @@ +{ ... }: + +{ + imports = [ + ../../users/media.nix + ]; + + services.syncthing = { + enable = true; + user = "media"; + dataDir = "/mnt/mass"; + configDir = "/mnt/mass/Services/Syncthing"; + guiAddress = "0.0.0.0:8384"; + }; + + networking.firewall.allowedTCPPorts = [ 8384 22000 ]; + networking.firewall.allowedUDPPorts = [ 22000 21027 ]; +} diff --git a/packages/vim/package.nix b/packages/vim/package.nix new file mode 100644 index 0000000..6736793 --- /dev/null +++ b/packages/vim/package.nix @@ -0,0 +1,34 @@ +{ pkgs, ... }: + +{ + environment.variables = { EDITOR = "vim"; }; + + environment.systemPackages = with pkgs; [ + ((vim_configurable.override { }).customize{ + name = "vim"; + + vimrcConfig.packages.plugins = with pkgs.vimPlugins; { + start = [ vim-nix ]; + opt = []; + }; + + vimrcConfig.customRC = '' + syntax on + set tabstop=4 + set shiftwidth=4 smarttab + set expandtab + set noswapfile + set incsearch + set noerrorbells + set smartindent + set number + set relativenumber + set nobackup + set scrolloff=8 + set sidescrolloff=8 + set fileencoding='utf-8' + set nohlsearch + ''; + }) + ]; +} diff --git a/profile.nix b/profile.nix deleted file mode 100644 index b02be5f..0000000 --- a/profile.nix +++ /dev/null @@ -1,2 +0,0 @@ -# Select profile from ./profiles/ directory -"workstation" diff --git a/profiles/workstation.nix b/profiles/workstation.nix deleted file mode 100644 index 68be2bc..0000000 --- a/profiles/workstation.nix +++ /dev/null @@ -1,69 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - # Environments - ../environments/plasma.nix # KDE/Plasma - # ../environments/hyprland.nix # Todo - - # Package sets - ../sets/base/common.nix - ../sets/drivers/nvidia.nix - ../sets/drivers/tablet.nix - ../sets/base/devel.nix - ../sets/graphics/art.nix - ../sets/graphics/video.nix - ]; - - # Bootloader - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; - - # Hostname - networking.hostName = "nixos"; - - # Networking - networking.networkmanager.enable = true; - - # Timezone - time.timeZone = "Europe/Berlin"; - - # Locale - i18n.defaultLocale = "en_US.UTF-8"; - console.keyMap = "uk"; - i18n.extraLocaleSettings = { - LC_ADDRESS = "de_DE.UTF-8"; - LC_IDENTIFICATION = "de_DE.UTF-8"; - LC_MEASUREMENT = "de_DE.UTF-8"; - LC_MONETARY = "de_DE.UTF-8"; - LC_NAME = "de_DE.UTF-8"; - LC_NUMERIC = "de_DE.UTF-8"; - LC_PAPER = "de_DE.UTF-8"; - LC_TELEPHONE = "de_DE.UTF-8"; - LC_TIME = "de_DE.UTF-8"; - }; - - services.xserver = { - layout = "gb"; - xkbVariant = ""; - }; - - # Nvidia - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.opengl.enable = true; - hardware.nvidia.modesetting.enable = true; - - # Enable audio - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; -} - diff --git a/sets/base/common.nix b/sets/base/common.nix deleted file mode 100644 index be9e1d3..0000000 --- a/sets/base/common.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - neovim - firefox - neofetch - tree - ]; -} - diff --git a/sets/base/devel.nix b/sets/base/devel.nix deleted file mode 100644 index 4c8d9cc..0000000 --- a/sets/base/devel.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, pkgs, ... }: - -{ - imports = [ - ../devel/git.nix - ../devel/c.nix - ]; -} - diff --git a/sets/base/plasma.nix b/sets/base/plasma.nix deleted file mode 100644 index 1dc2601..0000000 --- a/sets/base/plasma.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - kate - ]; -} diff --git a/sets/devel/c.nix b/sets/devel/c.nix deleted file mode 100644 index 1d1398c..0000000 --- a/sets/devel/c.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - gcc - clang - clang-tools - gnumake - ]; -} - diff --git a/sets/devel/git.nix b/sets/devel/git.nix deleted file mode 100644 index 197e22e..0000000 --- a/sets/devel/git.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - git - ]; -} diff --git a/sets/drivers/nvidia.nix b/sets/drivers/nvidia.nix deleted file mode 100644 index fdf60e6..0000000 --- a/sets/drivers/nvidia.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, pkgs, ... }: - -{ - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.opengl.enable = true; - hardware.nvidia.modesetting.enable = true; -} - diff --git a/sets/drivers/tablet.nix b/sets/drivers/tablet.nix deleted file mode 100644 index c90699c..0000000 --- a/sets/drivers/tablet.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, pkgs, ... }: - -{ - hardware.opentabletdriver.enable = true; - hardware.opentabletdriver.daemon.enable = true; -} - diff --git a/sets/graphics/art.nix b/sets/graphics/art.nix deleted file mode 100644 index fa9ceb3..0000000 --- a/sets/graphics/art.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - krita - gimp - ]; -} - diff --git a/sets/graphics/video.nix b/sets/graphics/video.nix deleted file mode 100644 index b3830f7..0000000 --- a/sets/graphics/video.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, pkgs, ... }: - -{ - environment.systemPackages = with pkgs; [ - kdenlive - ]; -} - diff --git a/sets/meta/sysadmin.nix b/sets/meta/sysadmin.nix new file mode 100644 index 0000000..c9eaddd --- /dev/null +++ b/sets/meta/sysadmin.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: + +{ + environment.systemPackages = with pkgs; [ + htop + wget + curl + git + ]; + + services.openssh.enable = true; +} diff --git a/systems/common.nix b/systems/common.nix new file mode 100644 index 0000000..f695755 --- /dev/null +++ b/systems/common.nix @@ -0,0 +1,20 @@ +# Common configuration for all systems + +{ ... }: + +{ + nix = { + settings.auto-optimise-store = true; + + # Clean generations older than a week + gc = { + automatic = false; # Flip this to do it automatically + dates = "weekly"; + options = "--delete-older-than 7d"; + }; + }; + + nixpkgs.config.allowUnfree = true; + + system.stateVersion = "23.05"; +} diff --git a/systems/hardware/homeserver.nix b/systems/hardware/homeserver.nix new file mode 100644 index 0000000..6083dac --- /dev/null +++ b/systems/hardware/homeserver.nix @@ -0,0 +1,49 @@ +{ config, lib, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "ums_realtek" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + boot.initrd.postDeviceCommands = lib.mkAfter '' + zfs rollback -r local/root@blank + ''; + + fileSystems."/" = { + device = "local/root"; + fsType = "zfs"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/5C0E-1600"; + fsType = "vfat"; + }; + + fileSystems."/nix" = { + device = "local/nix"; + fsType = "zfs"; + }; + + fileSystems."/mnt/mass" = { + device = "/dev/disk/by-uuid/f04baac4-40a9-4115-b09d-83b252ee69ad"; + fsType = "xfs"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/systems/hardware/qemu-vm.nix b/systems/hardware/qemu-vm.nix new file mode 100644 index 0000000..a1ec463 --- /dev/null +++ b/systems/hardware/qemu-vm.nix @@ -0,0 +1,45 @@ +{lib, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + + boot.initrd.postDeviceCommands = lib.mkAfter '' + zfs rollback -r local/root@blank + ''; + + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + boot.zfs.devNodes = "/dev/disk/by-path"; + + fileSystems."/" = { + device = "local/root"; + fsType = "zfs"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/1FD8-C4B8"; + fsType = "vfat"; + }; + + fileSystems."/nix" = { + device = "local/nix"; + fsType = "zfs"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/systems/homeserver.nix b/systems/homeserver.nix new file mode 100644 index 0000000..561fa03 --- /dev/null +++ b/systems/homeserver.nix @@ -0,0 +1,57 @@ +{ ... }: + +{ + imports = [ + ./common.nix + ./hardware/homeserver.nix + ./persist/homeserver.nix + ../sets/meta/sysadmin.nix + ../packages/vim/package.nix + ../packages/nginx/homeserver.nix + ../packages/syncthing/homeserver.nix + ]; + + boot = { + loader = { + efi = { + canTouchEfiVariables = true; + }; + grub = { + enable = true; + efiSupport = true; + device = "nodev"; + }; + }; + + kernel = { + sysctl."net.ipv6.conf.eth0.disable_ipv6" = true; + }; + }; + + networking = { + hostName = "homeserver"; + enableIPv6 = false; + hostId = "95f846dc"; + interfaces = { + eno1.ipv4.addresses = [{ + address = "192.168.2.69"; + prefixLength = 24; + }]; + }; + nameservers = [ "1.1.1.1" "8.8.8.8" ]; + defaultGateway = "192.168.2.1"; + firewall = { + enable = true; + allowedTCPPorts = [ 22 ]; + }; + }; + + time.timeZone = "Europe/Berlin"; + + console.keyMap = "uk"; + + # To not mess up SSH sessions from weird terminals + environment.sessionVariables = rec { + TERM = "xterm"; + }; +} diff --git a/systems/persist/common.nix b/systems/persist/common.nix new file mode 100644 index 0000000..12c5c4f --- /dev/null +++ b/systems/persist/common.nix @@ -0,0 +1,18 @@ +{ impermanence, ... }: + +{ + imports = [ + impermanence.nixosModules.impermanence + ]; + + environment.persistence."/nix/persist/common" = { + directories = [ + "/etc/ssh" + "/var/lib" + ]; + + files = [ + "/etc/machine-id" + ]; + }; +} diff --git a/systems/persist/homeserver.nix b/systems/persist/homeserver.nix new file mode 100644 index 0000000..27f4abc --- /dev/null +++ b/systems/persist/homeserver.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + imports = [ + ./common.nix + ]; +} diff --git a/systems/persist/qemu-vm.nix b/systems/persist/qemu-vm.nix new file mode 100644 index 0000000..27f4abc --- /dev/null +++ b/systems/persist/qemu-vm.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + imports = [ + ./common.nix + ]; +} diff --git a/systems/qemu-vm.nix b/systems/qemu-vm.nix new file mode 100644 index 0000000..13ba35d --- /dev/null +++ b/systems/qemu-vm.nix @@ -0,0 +1,18 @@ +{ ... }: + +{ + imports = [ + ./hardware/qemu-vm.nix + ../sets/meta/sysadmin.nix + ../packages/vim/package.nix + ./common.nix + ./persist/qemu-vm.nix + ]; + + boot.loader.grub.enable = true; + boot.loader.grub.device = "/dev/vda"; + + networking.hostId = "e78229f8"; + + time.timeZone = "Europe/Berlin"; +} diff --git a/username.nix b/username.nix deleted file mode 100644 index 8cc2f7f..0000000 --- a/username.nix +++ /dev/null @@ -1,2 +0,0 @@ -# Select user from the ./users/ directory -"user" diff --git a/users/media.nix b/users/media.nix new file mode 100644 index 0000000..96c0a5b --- /dev/null +++ b/users/media.nix @@ -0,0 +1,8 @@ +{ ... }: + +{ + users.users.media = { + isNormalUser = true; + description = "media"; + }; +} diff --git a/users/none.nix b/users/none.nix new file mode 100644 index 0000000..a1677ed --- /dev/null +++ b/users/none.nix @@ -0,0 +1 @@ +{ } diff --git a/users/user.nix b/users/user.nix index 32ab12b..2968bdd 100644 --- a/users/user.nix +++ b/users/user.nix @@ -1,30 +1,20 @@ -{ config, pkgs, ... }: +{ ... }: + { - imports = [ - ]; - - users.users.user = { - isNormalUser = true; - description = "user"; - extraGroups = [ - "wheel" - "networkmanager" - "audio" - "video" - "docker" - "plugdev" - ]; - }; - - # Set to false to disable sudo password prompt - security = { - sudo.wheelNeedsPassword = true; - }; - -# home-manager.users.user = { -# home.stateVersion = "22.11"; -# }; - - # programs.home-manager.enable = true; + users.users.user = { + isNormalUser = true; + passwordFile = "/nix/config/pw"; # mkpasswd in config dir + description = "user"; + extraGroups = [ + "wheel" + "audio" + "video" + "docker" + "podman" + "networkmanager" + "kvm" + "libvirt" + "plugdev" + ]; + }; } -