VSinerva/nixos-conf
1
0
Fork 0
Code Activity Actions

Format every file

Browse source
This commit is contained in:
Vili Sinervä 2024-06-02 16:18:19 +03:00
parent 4787fea598
commit cbe88024dd
No known key found for this signature in database
GPG key ID: DF8FEAF54EFAC996
13 changed files with 1034 additions and 932 deletions
Download patch file Download diff file Expand all files Collapse all files

21
base.nix
View file

@ -6,7 +6,6 @@ environment.systemPackages = with pkgs; [
rxvt-unicode-emoji
tmux
git
unison
nano
p7zip
tree
@ -21,17 +20,18 @@ programs.zsh = {
syntaxHighlighting.enable = true;
ohMyZsh = {
enable = true;
plugins = [ "history-substring-search" "tmux" ];
plugins = [
"history-substring-search"
"tmux"
];
theme = "af-magic";
};
interactiveShellInit =
''
interactiveShellInit = ''
ZSH_TMUX_AUTOSTART=false
ZSH_TMUX_AUTOQUIT=false
ZSH_TMUX_CONFIG=/etc/tmux.conf
'';
promptInit =
''
promptInit = ''
if [ -n "$IN_NIX_SHELL" ]; then
setopt PROMPT_SUBST
RPROMPT+='[nix]'
@ -39,11 +39,9 @@ programs.zsh = {
'';
};
#################### tmux configuration ####################
programs.tmux.enable = true;
programs.tmux.extraConfig =
''
programs.tmux.extraConfig = ''
unbind C-b
set -g prefix M-w
bind M-w send-prefix
@ -85,7 +83,9 @@ programs.tmux.extraConfig =
#################### SSH configuration ####################
services.openssh.enable = true;
services.openssh.settings.PasswordAuthentication = false;
users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbGREoK1uVny1s8FK3KZ74Wmaf0VtifhqPyK69C/Gez vili@helium" ];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbGREoK1uVny1s8FK3KZ74Wmaf0VtifhqPyK69C/Gez vili@helium"
];
#################### BASE ####################
nixpkgs.config.allowUnfree = true;
@ -105,7 +105,6 @@ console = pkgs.lib.mkForce {
};
time.timeZone = "Europe/Helsinki";
#################### Housekeeping ####################
system.autoUpgrade = {
enable = true;

27
desktop.nix
View file

@ -1,8 +1,7 @@
#Config for graphical desktop
{ config, pkgs, ... }:
let
i3status-conf = "${pkgs.writeText "i3status-conf"
''
i3status-conf = "${pkgs.writeText "i3status-conf" ''
# i3status configuration file.
# see "man i3status" for documentation.
@ -83,8 +82,7 @@ let
hide_if_equals_localtime = true
}
''}";
i3-conf = "${pkgs.writeText "i3config"
''
i3-conf = "${pkgs.writeText "i3config" ''
# Set mod key (Mod1=<Alt>, Mod4=<Super>)
set $mod Mod4
@ -473,13 +471,24 @@ Xresources = "${pkgs.writeText "Xresources" ''
in
{
environment.systemPackages = with pkgs; [
i3status rofi arandr btop
i3status
rofi
arandr
btop
firefox
telegram-desktop
signal-desktop discord
tidal-hifi vlc pavucontrol viewnior
xfce.mousepad pcmanfm libreoffice evince
brightnessctl networkmanagerapplet
signal-desktop
discord
tidal-hifi
vlc
pavucontrol
viewnior
xfce.mousepad
pcmanfm
libreoffice
evince
brightnessctl
networkmanagerapplet
zotero
flameshot
speedcrunch

54
development.nix
View file

@ -29,12 +29,16 @@ environment.systemPackages = with pkgs; [
gcc
gdb
nodejs-slim
clang clang-tools clang-analyzer
docker-compose docker
clang
clang-tools
clang-analyzer
docker-compose
docker
python311
python311Packages.pip
pypy3
rustup
nixfmt-rfc-style
];
#################### Neovim configuration ####################
@ -45,10 +49,16 @@ programs.neovim = {
vimAlias = true;
configure = {
packages.myVimPackage = with pkgs.vimPlugins; {
start = [ nerdtree nerdtree-git-plugin
vim-gitgutter vim-fugitive vim-tmux-navigator
coc-nvim coc-pairs
coc-clangd coc-cmake
start = [
nerdtree
nerdtree-git-plugin
vim-gitgutter
vim-fugitive
vim-tmux-navigator
coc-nvim
coc-pairs
coc-clangd
coc-cmake
coc-docker
coc-json
coc-ltex
@ -59,13 +69,11 @@ programs.neovim = {
coc-pyright
coc-tsserver
coc-rust-analyzer
vim-nix
];
};
customRC =
let
coc-config = "${pkgs.writeTextDir "coc-settings.json"
''
coc-config = "${pkgs.writeTextDir "coc-settings.json" ''
{
"workspace.ignoredFolders": [
"$HOME",
@ -81,7 +89,6 @@ programs.neovim = {
rust-analyzer.inlayHints.lifetimeElisionHints.useParameterNames: true
}
''}";
in
''
syntax on
@ -103,7 +110,6 @@ programs.neovim = {
set shiftwidth=3
set tabstop=3
" Some servers have issues with backup files, see #649
set nobackup
set nowritebackup
@ -132,33 +138,15 @@ programs.neovim = {
let g:coc_config_home = "${coc-config}"
let g:tmux_navigator_no_mappings = 1
" noremap <silent> <C-i> :<C-U>TmuxNavigateLeft<cr>
" noremap <silent> <C-n> :<C-U>TmuxNavigateDown<cr>
" noremap <silent> <C-e> :<C-U>TmuxNavigateUp<cr>
" noremap <silent> <C-o> :<C-U>TmuxNavigateRight<cr>
noremap <silent> <C-h> :<C-U>TmuxNavigateLeft<cr>
noremap <silent> <C-j> :<C-U>TmuxNavigateDown<cr>
noremap <silent> <C-k> :<C-U>TmuxNavigateUp<cr>
noremap <silent> <C-l> :<C-U>TmuxNavigateRight<cr>
" Noremap i h
" Noremap <S-i> <S-h>
" Noremap n j
" Noremap <S-n> <S-j>
" Noremap e k
" Noremap <S-e> <S-k>
" Noremap o l
" Noremap <S-o> <S-l>
" Noremap h i
" Noremap <S-h> <S-i>
" Noremap l o
" Noremap <S-l> <S-o>
" Noremap j e
" Noremap <S-j> <S-e>
" Nnoremap k n
" Nnoremap <S-k> <S-n>
" Let NERDTreeMapOpenExpl='\e'
augroup nixcmd
autocmd!
autocmd BufWritePre *.nix %!nixfmt
augroup END
'';
};
};

99
machine-confs/helium.nix
View file

@ -1,13 +1,24 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
{
networking = {
hostName = "helium";
firewall.allowedUDPPorts = [ 51820 51821 ];
firewall.allowedUDPPorts = [
51820
51821
];
wg-quick.interfaces = {
wg0 = {
autostart = false;
address = [ "172.16.0.2/24" ];
dns = [ "192.168.0.1" "vsinerva.fi" ];
dns = [
"192.168.0.1"
"vsinerva.fi"
];
privateKeyFile = "/root/wireguard-keys/privatekey-home";
listenPort = 51820;
@ -29,7 +40,10 @@
peers = [
{
publicKey = "XSYHg0utIR1j7kRsWFwuWNo4RPD47KP53cVa6qDPtRE=";
allowedIPs = [ "0.0.0.0/0" "192.168.0.0/24" ];
allowedIPs = [
"0.0.0.0/0"
"192.168.0.0/24"
];
endpoint = "netflix.vsinerva.fi:51821";
}
];
@ -52,10 +66,8 @@
];
disabledModules = [ "services/hardware/libinput.nix" ];
nixpkgs.overlays =
[
(final: prev:
{
nixpkgs.overlays = [
(final: prev: {
moonlight-qt = prev.moonlight-qt.overrideAttrs (old: {
patches = (old.patches or [ ]) ++ [ ../misc/mouse-accel.patch ];
});
@ -63,15 +75,16 @@
];
environment.systemPackages = with pkgs; [
zenmonitor moonlight-qt parsec-bin via
zenmonitor
moonlight-qt
parsec-bin
via
];
# HARDWARE SPECIFIC
boot.initrd.kernelModules = [ "amdgpu" ];
hardware = {
opengl.extraPackages = with pkgs; [
rocmPackages.clr.icd
];
opengl.extraPackages = with pkgs; [ rocmPackages.clr.icd ];
logitech.wireless = {
enable = true;
enableGraphical = true;
@ -80,7 +93,10 @@ hardware = {
services = {
xserver = {
videoDrivers = [ "amdgpu" "modesetting" ];
videoDrivers = [
"amdgpu"
"modesetting"
];
deviceSection = ''
Option "DRI" "2"
Option "TearFree" "true"
@ -93,8 +109,61 @@ services = {
libinput.mouse = {
accelProfile = "custom";
accelPointsMotion = [ 0.00000 0.02000 0.04000 0.06000 0.08000 0.10000 0.12000 0.14000 0.16000 0.18000 0.20000 0.25250 0.31000 0.37250 0.44000 0.51250 0.59000 0.67250 0.76000 0.85250 0.95000 1.15500 1.37000 1.59500 1.83000 2.07500 2.33000 2.59500 2.87000 3.15500 3.45000 3.75500 4.07000 4.39500 4.73000 5.07500 5.43000 5.79500 6.17000 6.55500 6.95000 7.35500 7.77000 8.19500 8.63000 9.07500 9.53000 9.99500 10.47000 10.95500 11.45000 11.95000 ];
accelStepMotion = 0.05;
accelPointsMotion = [
0.0
2.0e-2
4.0e-2
6.0e-2
8.0e-2
0.1
0.12
0.14
0.16
0.18
0.2
0.2525
0.31
0.3725
0.44
0.5125
0.59
0.6725
0.76
0.8525
0.95
1.155
1.37
1.595
1.83
2.075
2.33
2.595
2.87
3.155
3.45
3.755
4.07
4.395
4.73
5.075
5.43
5.795
6.17
6.555
6.95
7.355
7.77
8.195
8.63
9.075
9.53
9.995
10.47
10.955
11.45
11.95
];
accelStepMotion = 5.0e-2;
};
redshift = {

1
machine-confs/nixos-cpu.nix
View file

@ -15,5 +15,4 @@ services.qemuGuest.enable = true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
}

45
machine-confs/wg-rpi.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
SSID = "ENTER_SSID";
SSIDpassword = "ENTER_PASSWORD";
@ -6,12 +11,15 @@ let
wg_interface = "end0";
hostname = "netflix-huijaus";
ddPassFile = "/root/wg-conf/ddPassFile";
in {
imports = [
../base.nix
];
in
{
imports = [ ../base.nix ];
environment.systemPackages = with pkgs; [ git wireguard-tools qrencode ];
environment.systemPackages = with pkgs; [
git
wireguard-tools
qrencode
];
# enable NAT
networking.nat.enable = true;
@ -41,7 +49,6 @@ in {
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o ${wg_interface} -j MASQUERADE
'';
# Path to the private key file.
#
# Note: The private key can also be included inline via the privateKey option,
@ -50,27 +57,33 @@ in {
privateKeyFile = "/root/wg-conf/private";
peers = [
{ # Vili Android
{
# Vili Android
publicKey = "niKpC3+Pi4HrYITlzROzqRcxzfzRw1rjpxeJVOr/WAw=";
allowedIPs = [ "10.100.0.2/32" ];
}
{ # Miika Puhelin
{
# Miika Puhelin
publicKey = "mcOs94W9jqn3SGgc8uWbnmUv0tja/P6tAvaCg3WYKlY=";
allowedIPs = [ "10.100.0.3/32" ];
}
{ # Miika Kone
{
# Miika Kone
publicKey = "7m7wnwNlmxZfUNvUOYNh4mTNbOsig7z2K/svUhDHFDY=";
allowedIPs = [ "10.100.0.4/32" ];
}
{ # Silja Puhelin
{
# Silja Puhelin
publicKey = "f6wWd6KD63xwnKkre/ZgZxPJv9GfAXK9Zx/EQEq8cik=";
allowedIPs = [ "10.100.0.5/32" ];
}
{ # Silja Kone
{
# Silja Kone
publicKey = "t9cmHc6/+0njdzsTFnnhEGKfhCa2VXFrTH9hF1jOCXw=";
allowedIPs = [ "10.100.0.6/32" ];
}
{ # Vili helium
{
# Vili helium
publicKey = "iGO375NT9EK5LH+E9vjPRRJp+UM4rZ2d1RMVR3f5R0c=";
allowedIPs = [ "10.100.0.7/32" ];
}
@ -90,7 +103,11 @@ in {
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ];
initrd.availableKernelModules = [
"xhci_pci"
"usbhid"
"usb_storage"
];
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;

11
nextcloud.nix
View file

@ -1,7 +1,10 @@
# Nextcloud instance
{ config, pkgs, ... }:
{
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedTCPPorts = [
80
443
];
networking.firewall.allowedUDPPorts = [ 443 ];
services.nextcloud = {
@ -19,8 +22,7 @@
};
};
services.nginx.virtualHosts =
{
services.nginx.virtualHosts = {
${config.services.nextcloud.hostName} = {
forceSSL = true;
kTLS = true;
@ -28,7 +30,8 @@
sslCertificateKey = "/var/lib/nextcloud/nextcloud_privkey.pem";
locations = {
"/".proxyWebsockets = true;
"~ ^\/nextcloud\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy)\.php(?:$|\/)" = {};
"~ ^\/nextcloud\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy)\.php(?:$|\/)" =
{ };
};
};
};

13
syncthing.nix
View file

@ -25,7 +25,10 @@
folders =
let
default = {
devices = [ "helium" "nixos-cpu" ];
devices = [
"helium"
"nixos-cpu"
];
versioning = {
type = "trashcan";
params.cleanoutDays = "30";
@ -34,7 +37,13 @@
};
in
{
"~/Documents" = default // { devices = [ "helium" "nixos-cpu" "phone" ]; } ;
"~/Documents" = default // {
devices = [
"helium"
"nixos-cpu"
"phone"
];
};
"~/Downloads" = default;
"~/Music" = default;
"~/Pictures" = default;

5
vaultwarden.nix
View file

@ -1,7 +1,10 @@
# Nextcloud instance
{ config, pkgs, ... }:
{
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedTCPPorts = [
80
443
];
networking.firewall.allowedUDPPorts = [ 443 ];
services = {

10
vili.nix
View file

@ -6,8 +6,14 @@
home = "/home/vili";
description = "Vili Sinervä";
uid = 1000;
extraGroups = [ "wheel" "networkmanager" "audio" ];
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbGREoK1uVny1s8FK3KZ74Wmaf0VtifhqPyK69C/Gez vili@helium" ];
extraGroups = [
"wheel"
"networkmanager"
"audio"
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBbGREoK1uVny1s8FK3KZ74Wmaf0VtifhqPyK69C/Gez vili@helium"
];
hashedPasswordFile = "/home/vili/.hashedPasswordFile";
};