1
Fork 0

Migrate to new Flake based configuration

Merge pull request #1 from c4em/nouveau
This commit is contained in:
caem 2023-06-25 10:46:14 +00:00 committed by GitHub
commit 3a6fe3c1d2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
34 changed files with 456 additions and 310 deletions

2
.gitignore vendored
View file

@ -1 +1,3 @@
nixos/result
pw
.stfolder

View file

@ -1,41 +1,41 @@
### Old Hyprland config can be found [here](https://github.com/c4em/nixos-system-config/tree/deprecated)
# nixos-system-config
Modular NixOS configuration with dotfiles.
## Usage
You should have basic knowledge of NixOS before using this project. Begin at `configuration.nix` and read through the files by following imports.
Everything should be commented. If something is not satisfactory, feel free to open up an issue or pull request.
Modular multi-purpose NixOS configuration.
## About
Feel free to do whatever with this configuration.
This configuration [erases your darlings](https://grahamc.com/blog/erase-your-darlings/) using ZFS snapshots.
Currently only used for my homeserver, [desktop runs on Gentoo](https://git.dirae.org/caem/dotfiles).
## Layout
```
/etc/nixos/
├── configuration.nix ; master configuration file
├── environments ; Desktop environment specific config
│   └── plasma.nix
├── hardware-configuration.nix ; Replace this with your current hardware-configuration.nix
/nix/config
├── flake.lock
├── flake.nix ; Master configuration file
├── overlays ; Package overlays
├── packages ; Package specifix configuration
├── profile.nix ; Specify the profile to use
├── profiles ; Profiles, for example for different machines or workflows
│   └── workstation.nix
├── sets ; Sets of packages to install
│   ├── base
├── packages ; Packages with configurations
│   ├── nginx
│   │   └── homeserver.nix
│   ├── syncthing
│   │   └── homeserver.nix
│   └── vim
│   └── package.nix
├── pw ; Password of your user
├── sets ; Sets of packages
│   └── meta
│   └── sysadmin.nix
├── systems ; System specific configuration
│   ├── common.nix
│   ├── hardware ; Hardware configuration of each system
│   │   ├── homeserver.nix
│   │   └── qemu-vm.nix
│   ├── homeserver.nix
│   ├── persist ; Persistence configuration of each system
│   │   ├── common.nix
│   │   ├── devel.nix
│   │   └── plasma.nix
│   ├── devel
│   │   ├── c.nix
│   │   └── git.nix
│   ├── drivers
│   │   ├── nvidia.nix
│   │   └── tablet.nix
│   └── graphics
│   ├── art.nix
│   └── video.nix
├── username.nix ; Set current user
└── users ; Users
│   │   ├── homeserver.nix
│   │   └── qemu-vm.nix
│   └── qemu-vm.nix
└── users ; User specific configuration
├── media.nix
├── none.nix
└── user.nix
```
## Todo
- [ ] Hyprland configuration
- [ ] Clean up sets directory
- [ ] Add screenshots to README.md
- [ ] Home-manager configuration

View file

@ -1,43 +0,0 @@
# Master configuration file
{ config, pkgs, ... }:
let
# User configurations are stored under ./user/[username].nix
# Set the corresponding value in ./username.nix
user = import ./username.nix;
in
{
imports = [
./users/${user}.nix
# Include the results of the hardware scan.
./hardware-configuration.nix
# Uncomment the profile you want to use
./profiles/workstation.nix
];
# General NixOS configuration
nix = {
settings.auto-optimise-store = true;
# Automatically remove generations older than a week
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# Use the unstable channel
system.autoUpgrade = {
enable = true;
channel = "https://nixos.org/channels/nixos-unstable";
};
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05";
}

View file

@ -1,11 +0,0 @@
{ config, pkgs, ... }:
{
imports = [
../sets/base/plasma.nix
];
services.xserver.enable = true;
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;
}

60
flake.lock Normal file
View file

@ -0,0 +1,60 @@
{
"nodes": {
"impermanence": {
"locked": {
"lastModified": 1684264534,
"narHash": "sha256-K0zr+ry3FwIo3rN2U/VWAkCJSgBslBisvfRIPwMbuCQ=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "89253fb1518063556edd5e54509c30ac3089d5e6",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1686921029,
"narHash": "sha256-J1bX9plPCFhTSh6E3TWn9XSxggBh/zDD4xigyaIQBy8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "c7ff1b9b95620ce8728c0d7bd501c458e6da9e04",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"impermanence": "impermanence",
"nixpkgs": "nixpkgs",
"unstable": "unstable"
}
},
"unstable": {
"locked": {
"lastModified": 1686960236,
"narHash": "sha256-AYCC9rXNLpUWzD9hm+askOfpliLEC9kwAo7ITJc4HIw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "04af42f3b31dba0ef742d254456dc4c14eedac86",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

34
flake.nix Normal file
View file

@ -0,0 +1,34 @@
{
description = "Modular multi-purpose NixOS configuration.";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# https://nixos.wiki/wiki/Impermanence
impermanence.url = "github:nix-community/impermanence";
};
outputs = { self, nixpkgs, ... }@attrs: let
user = "user"; # Select user from `./users` directory
in {
nixosConfigurations.homeserver = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = attrs;
modules = [
./users/${user}.nix
./systems/homeserver.nix
];
};
# Debugging VM configuration
nixosConfigurations.qemu-vm = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = attrs;
modules = [
./users/${user}.nix
./systems/qemu-vm.nix
];
};
};
}

View file

@ -1,43 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/56ec7666-a2ea-4e77-9015-00151b9b7884";
fsType = "btrfs";
options = [ "subvol=@" ];
};
fileSystems."/boot/efi" =
{ device = "/dev/disk/by-uuid/F076-283D";
fsType = "vfat";
};
fileSystems."/mnt/vault" = {
device = "/dev/disk/by-uuid/048d175b-0e3e-4ec7-955b-3d9a45f9f237";
fsType = "xfs";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp34s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -0,0 +1,13 @@
{ ... }:
{
services.nginx.enable = true;
services.nginx.virtualHosts."192.168.2.69" = {
root = "/mnt/mass/Torrents";
extraConfig = ''
autoindex on;
'';
};
networking.firewall.allowedTCPPorts = [ 80 ];
}

View file

@ -0,0 +1,18 @@
{ ... }:
{
imports = [
../../users/media.nix
];
services.syncthing = {
enable = true;
user = "media";
dataDir = "/mnt/mass";
configDir = "/mnt/mass/Services/Syncthing";
guiAddress = "0.0.0.0:8384";
};
networking.firewall.allowedTCPPorts = [ 8384 22000 ];
networking.firewall.allowedUDPPorts = [ 22000 21027 ];
}

34
packages/vim/package.nix Normal file
View file

@ -0,0 +1,34 @@
{ pkgs, ... }:
{
environment.variables = { EDITOR = "vim"; };
environment.systemPackages = with pkgs; [
((vim_configurable.override { }).customize{
name = "vim";
vimrcConfig.packages.plugins = with pkgs.vimPlugins; {
start = [ vim-nix ];
opt = [];
};
vimrcConfig.customRC = ''
syntax on
set tabstop=4
set shiftwidth=4 smarttab
set expandtab
set noswapfile
set incsearch
set noerrorbells
set smartindent
set number
set relativenumber
set nobackup
set scrolloff=8
set sidescrolloff=8
set fileencoding='utf-8'
set nohlsearch
'';
})
];
}

View file

@ -1,2 +0,0 @@
# Select profile from ./profiles/ directory
"workstation"

View file

@ -1,69 +0,0 @@
{ config, pkgs, ... }:
{
imports = [
# Environments
../environments/plasma.nix # KDE/Plasma
# ../environments/hyprland.nix # Todo
# Package sets
../sets/base/common.nix
../sets/drivers/nvidia.nix
../sets/drivers/tablet.nix
../sets/base/devel.nix
../sets/graphics/art.nix
../sets/graphics/video.nix
];
# Bootloader
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Hostname
networking.hostName = "nixos";
# Networking
networking.networkmanager.enable = true;
# Timezone
time.timeZone = "Europe/Berlin";
# Locale
i18n.defaultLocale = "en_US.UTF-8";
console.keyMap = "uk";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
services.xserver = {
layout = "gb";
xkbVariant = "";
};
# Nvidia
services.xserver.videoDrivers = [ "nvidia" ];
hardware.opengl.enable = true;
hardware.nvidia.modesetting.enable = true;
# Enable audio
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
}

View file

@ -1,11 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
neovim
firefox
neofetch
tree
];
}

View file

@ -1,9 +0,0 @@
{ config, pkgs, ... }:
{
imports = [
../devel/git.nix
../devel/c.nix
];
}

View file

@ -1,7 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
kate
];
}

View file

@ -1,11 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
gcc
clang
clang-tools
gnumake
];
}

View file

@ -1,7 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
git
];
}

View file

@ -1,8 +0,0 @@
{ config, pkgs, ... }:
{
services.xserver.videoDrivers = [ "nvidia" ];
hardware.opengl.enable = true;
hardware.nvidia.modesetting.enable = true;
}

View file

@ -1,7 +0,0 @@
{ config, pkgs, ... }:
{
hardware.opentabletdriver.enable = true;
hardware.opentabletdriver.daemon.enable = true;
}

View file

@ -1,9 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
krita
gimp
];
}

View file

@ -1,8 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
kdenlive
];
}

12
sets/meta/sysadmin.nix Normal file
View file

@ -0,0 +1,12 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
htop
wget
curl
git
];
services.openssh.enable = true;
}

20
systems/common.nix Normal file
View file

@ -0,0 +1,20 @@
# Common configuration for all systems
{ ... }:
{
nix = {
settings.auto-optimise-store = true;
# Clean generations older than a week
gc = {
automatic = false; # Flip this to do it automatically
dates = "weekly";
options = "--delete-older-than 7d";
};
};
nixpkgs.config.allowUnfree = true;
system.stateVersion = "23.05";
}

View file

@ -0,0 +1,49 @@
{ config, lib, modulesPath, ... }:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "ums_realtek" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.initrd.postDeviceCommands = lib.mkAfter ''
zfs rollback -r local/root@blank
'';
fileSystems."/" = {
device = "local/root";
fsType = "zfs";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/5C0E-1600";
fsType = "vfat";
};
fileSystems."/nix" = {
device = "local/nix";
fsType = "zfs";
};
fileSystems."/mnt/mass" = {
device = "/dev/disk/by-uuid/f04baac4-40a9-4115-b09d-83b252ee69ad";
fsType = "xfs";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -0,0 +1,45 @@
{lib, modulesPath, ... }:
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
boot.initrd.kernelModules = [ ];
boot.initrd.postDeviceCommands = lib.mkAfter ''
zfs rollback -r local/root@blank
'';
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.zfs.devNodes = "/dev/disk/by-path";
fileSystems."/" = {
device = "local/root";
fsType = "zfs";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/1FD8-C4B8";
fsType = "vfat";
};
fileSystems."/nix" = {
device = "local/nix";
fsType = "zfs";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

57
systems/homeserver.nix Normal file
View file

@ -0,0 +1,57 @@
{ ... }:
{
imports = [
./common.nix
./hardware/homeserver.nix
./persist/homeserver.nix
../sets/meta/sysadmin.nix
../packages/vim/package.nix
../packages/nginx/homeserver.nix
../packages/syncthing/homeserver.nix
];
boot = {
loader = {
efi = {
canTouchEfiVariables = true;
};
grub = {
enable = true;
efiSupport = true;
device = "nodev";
};
};
kernel = {
sysctl."net.ipv6.conf.eth0.disable_ipv6" = true;
};
};
networking = {
hostName = "homeserver";
enableIPv6 = false;
hostId = "95f846dc";
interfaces = {
eno1.ipv4.addresses = [{
address = "192.168.2.69";
prefixLength = 24;
}];
};
nameservers = [ "1.1.1.1" "8.8.8.8" ];
defaultGateway = "192.168.2.1";
firewall = {
enable = true;
allowedTCPPorts = [ 22 ];
};
};
time.timeZone = "Europe/Berlin";
console.keyMap = "uk";
# To not mess up SSH sessions from weird terminals
environment.sessionVariables = rec {
TERM = "xterm";
};
}

View file

@ -0,0 +1,18 @@
{ impermanence, ... }:
{
imports = [
impermanence.nixosModules.impermanence
];
environment.persistence."/nix/persist/common" = {
directories = [
"/etc/ssh"
"/var/lib"
];
files = [
"/etc/machine-id"
];
};
}

View file

@ -0,0 +1,7 @@
{ ... }:
{
imports = [
./common.nix
];
}

View file

@ -0,0 +1,7 @@
{ ... }:
{
imports = [
./common.nix
];
}

18
systems/qemu-vm.nix Normal file
View file

@ -0,0 +1,18 @@
{ ... }:
{
imports = [
./hardware/qemu-vm.nix
../sets/meta/sysadmin.nix
../packages/vim/package.nix
./common.nix
./persist/qemu-vm.nix
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/vda";
networking.hostId = "e78229f8";
time.timeZone = "Europe/Berlin";
}

View file

@ -1,2 +0,0 @@
# Select user from the ./users/ directory
"user"

8
users/media.nix Normal file
View file

@ -0,0 +1,8 @@
{ ... }:
{
users.users.media = {
isNormalUser = true;
description = "media";
};
}

1
users/none.nix Normal file
View file

@ -0,0 +1 @@
{ }

View file

@ -1,30 +1,20 @@
{ config, pkgs, ... }:
{
imports = [
];
{ ... }:
{
users.users.user = {
isNormalUser = true;
passwordFile = "/nix/config/pw"; # mkpasswd in config dir
description = "user";
extraGroups = [
"wheel"
"networkmanager"
"audio"
"video"
"docker"
"podman"
"networkmanager"
"kvm"
"libvirt"
"plugdev"
];
};
# Set to false to disable sudo password prompt
security = {
sudo.wheelNeedsPassword = true;
};
# home-manager.users.user = {
# home.stateVersion = "22.11";
# };
# programs.home-manager.enable = true;
}