Initial commit

2023-12-12 00:48:10 +01:00 · 2023-12-12 00:48:10 +01:00 · 618e461e13
commit 618e461e13
13 changed files with 461 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,3 @@
+device-configuration.nix
+hardware-configuration.nix
+result
--- a/account.nix
+++ b/account.nix
@ -0,0 +1,35 @@
+{ config, pkgs, ... }:
+
+let
+  unstable = import <nixos-unstable> { config = config.nixpkgs.config; };
+in
+{
+  users.users.wroclaw = {
+    isNormalUser = true;
+    description = "Rafał";
+    group = "wroclaw";
+    extraGroups = [
+      "users"
+      "wheel"
+      (if config.programs.adb.enable then "adbusers" else null)
+    ];
+    linger = true;
+    # Initial password for the account
+    password = "nixos";
+    packages = with pkgs; [
+      firefox
+      vivaldi
+      discord-canary
+      unstable.vscode
+    ];
+  };
+  users.groups.wroclaw.gid = 1000;
+
+  services.syncthing = {
+    enable = true;
+    user = "wroclaw";
+    group = "wroclaw";
+    dataDir = "/home/wroclaw";
+    configDir = "/home/wroclaw/.config/syncthing";
+  };
+}
--- a/adb.nix
+++ b/adb.nix
@ -0,0 +1,10 @@
+{ lib, config, pkgs, ... }:
+
+{
+  config = {
+    programs.adb.enable = true;
+    environment.systemPackages = with pkgs; [
+      scrcpy
+    ];
+  };
+}
--- a/configuration.nix
+++ b/configuration.nix
@ -0,0 +1,145 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      # Include the results of the hardware scan.
+      (if builtins.pathExists /etc/nixos/hardware-configuration.nix then /etc/nixos/hardware-configuration.nix else null)
+      # Include device-specific overrides
+      (if builtins.pathExists /etc/nixos/device-configuration.nix then /etc/nixos/device-configuration.nix else null)
+      ./nvidia.nix
+      ./docker.nix
+      ./razer.nix
+      ./desktop/gnome.nix
+      #./desktop/kde-plasma.nix
+      ./shell.nix
+      ./virtualization.nix
+      ./polkit/disable-shutdown.nix
+      ./locale.nix
+      ./adb.nix
+      ./account.nix
+    ];
+
+  # Bootloader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  # Enable networking
+  networking.networkmanager.enable = true;
+  
+  # X11 and desktop/display manager is enabled using imported files
+
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+  # Enable flatpak, some software is newer here unfortunately
+  services.flatpak.enable = true;
+
+  # Enable sound with pipewire.
+  sound.enable = true;
+  hardware.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+
+    # Enable audio interfaces renaming
+    wireplumber.enable = true;
+  };
+
+  # Allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+    wget
+    git
+    ffmpeg
+    yt-dlp
+    mpv
+    pavucontrol
+    htop
+    btop
+    neofetch
+    ranger
+    gimp
+    inkscape
+    krita
+    smartmontools
+    ddrescue
+  ];
+
+  # terminal text editor
+  programs.neovim = {
+    enable = true;
+    viAlias = true;
+    defaultEditor = true;
+    configure = {
+      customRC = ''
+        set number
+        set hlsearch
+        set incsearch
+        set tabstop=4
+        set softtabstop=4
+        set shiftwidth=4
+        set expandtab
+        set autoindent
+
+        syntax on
+        set encoding=utf-8
+        set wildmode=longest,list,full
+        set listchars=space:·,tab:┄┄»
+        set indentkeys-=0#
+      '';
+    };
+  };
+
+  programs.steam = {
+    enable = true;
+    remotePlay.openFirewall = true;
+  };
+
+  # Enable fail2ban because of the OpenSSH server
+  services.fail2ban = {
+    enable = true;
+    maxretry = 10;
+    bantime = "7d";
+  };
+
+  # Enable the OpenSSH daemon.
+  services.openssh = {
+    enable = true;
+    ports = [
+      22
+      8022
+    ];
+    extraConfig = ''
+      X11Forwarding yes
+    '';
+  };
+
+  networking.firewall = {
+    enable = true;
+    # "Disable" firewall because of docker
+    allowedTCPPortRanges = [{ from = 0; to = 65535;}];
+    allowedUDPPortRanges = [{ from = 0; to = 65535;}];
+  };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.05"; # Did you read the comment?
+  # I am lazy
+}
--- a/desktop/gnome.nix
+++ b/desktop/gnome.nix
@ -0,0 +1,34 @@
+{lib, config, pkgs, ...}:
+
+let
+  unstable = import <nixos-unstable> {};
+in
+{
+  config = {
+    services.xserver.enable = true;
+    services.xserver.desktopManager.gnome.enable = true;
+    services.xserver.displayManager.gdm = {
+      enable = true;
+      wayland = false;
+      autoSuspend = false;
+    };
+
+    # environment.sessionVariables.NIXOS_OZONE_WL = "1";
+
+    services.xserver.desktopManager.gnome.extraGSettingsOverrides = ''
+      [org.gnome.SessionManager]
+      logout-prompt=false
+    '';
+
+    environment.systemPackages = with pkgs; [
+      gnomeExtensions.pop-shell
+      gnomeExtensions.vitals
+      gnomeExtensions.tray-icons-reloaded
+      gnomeExtensions.color-picker
+      gnomeExtensions.top-bar-organizer
+      # unstable.gnomeExtensions.translate-indicator
+      # translate-shell
+      pavucontrol
+    ];
+  };
+}
--- a/desktop/kde-plasma.nix
+++ b/desktop/kde-plasma.nix
@ -0,0 +1,17 @@
+{lib, config, pkgs, ...}:
+
+{
+  config = {
+    services.xserver.enable = true;
+    services.xserver.desktopManager.plasma5.enable = true;
+    services.xserver.displayManager.sddm.enable = true;
+
+    # environment.sessionVariables.NIXOS_OZONE_WL = "1";
+
+    environment.systemPackages = with pkgs; [
+      libsForQt5.plasma-browser-integration
+      translate-shell
+      pavucontrol
+    ];
+  };
+}
--- a/docker.nix
+++ b/docker.nix
@ -0,0 +1,30 @@
+{ lib, config, pkgs, ... }:
+
+{
+  config.virtualisation.docker = {
+    enable = true;
+    # enableNvidia = true;
+    enableOnBoot = true;
+    storageDriver = if config.fileSystems."/".fsType == "btrfs" then "btrfs" else null;
+    rootless.enable = true;
+    rootless.setSocketVariable = true;
+    daemon.settings = {
+      default-address-pools = [
+        {base = "10.64.0.0/10"; size = 24;}
+      ];
+      bip = "10.127.0.1/16";
+    };
+  };
+  config.users.users.indocker = {
+    isSystemUser = true;
+    hashedPassword = "!";
+    uid = 900;
+    group = "indocker";
+  };
+  config.users.groups.indocker = {
+    gid = 900;
+  };
+  config.environment.systemPackages = with pkgs; [
+    docker-compose
+  ];
+}
--- a/locale.nix
+++ b/locale.nix
@ -0,0 +1,32 @@
+{ ... }:
+
+{
+  config = {
+    # Set your time zone.
+    time.timeZone = "Europe/Warsaw";
+
+    # Select internationalisation properties.
+    i18n.defaultLocale = "en_US.UTF-8";
+
+    i18n.extraLocaleSettings = {
+      LC_ADDRESS = "pl_PL.UTF-8";
+      LC_IDENTIFICATION = "pl_PL.UTF-8";
+      LC_MEASUREMENT = "pl_PL.UTF-8";
+      LC_MONETARY = "pl_PL.UTF-8";
+      LC_NAME = "pl_PL.UTF-8";
+      LC_NUMERIC = "pl_PL.UTF-8";
+      LC_PAPER = "pl_PL.UTF-8";
+      LC_TELEPHONE = "pl_PL.UTF-8";
+      LC_TIME = "pl_PL.UTF-8";
+    };
+
+    # Configure keymap in X11
+    services.xserver = {
+      layout = "pl";
+      xkbVariant = "";
+    };
+
+    # Configure console keymap
+    console.keyMap = "pl2";
+  };
+}
--- a/nvidia.nix
+++ b/nvidia.nix
@ -0,0 +1,17 @@
+{ config, lib, pkgs, ...}:
+
+{
+  hardware.opengl = {
+    enable = true;
+    driSupport = true;
+    driSupport32Bit = true;
+  };
+  services.xserver.videoDrivers = ["nvidia"];
+  hardware.nvidia = {
+    modesetting.enable = true;
+    powerManagement.enable = true;
+    open = false;
+    nvidiaSettings = true;
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+  };
+}
--- a/polkit/disable-shutdown.nix
+++ b/polkit/disable-shutdown.nix
@ -0,0 +1,46 @@
+{ ... }:
+
+{
+  security.polkit.extraConfig = ''
+    polkit.addRule(function(action, subject) {
+      polkit.log("action=" + action);
+      polkit.log("subject=" + subject);
+      if (
+        action.id == "org.freedesktop.login1.halt" ||
+        action.id == "org.freedesktop.login1.halt-ignore-inhibit" ||
+        action.id == "org.freedesktop.login1.halt-multiple-sessions" ||
+        action.id == "org.freedesktop.login1.hibernate" ||
+        action.id == "org.freedesktop.login1.hibernate-ignore-inhibit" ||
+        action.id == "org.freedesktop.login1.hibernate-multiple-sessions" ||
+        action.id == "org.freedesktop.login1.inhibit-block-idle" ||
+        action.id == "org.freedesktop.login1.inhibit-block-shutdown" ||
+        action.id == "org.freedesktop.login1.inhibit-block-sleep" ||
+        action.id == "org.freedesktop.login1.inhibit-delay-shutdown" ||
+        action.id == "org.freedesktop.login1.inhibit-delay-sleep" ||
+        action.id == "org.freedesktop.login1.inhibit-handle-hibernate-key" ||
+        action.id == "org.freedesktop.login1.inhibit-handle-lid-switch" ||
+        action.id == "org.freedesktop.login1.inhibit-handle-power-key" ||
+        action.id == "org.freedesktop.login1.inhibit-handle-reboot-key" ||
+        action.id == "org.freedesktop.login1.inhibit-handle-suspend-key" ||
+        action.id == "org.freedesktop.login1.power-off" ||
+        action.id == "org.freedesktop.login1.power-off-ignore-inhibit" ||
+        action.id == "org.freedesktop.login1.power-off-multiple-sessions" ||
+        action.id == "org.freedesktop.login1.reboot" ||
+        action.id == "org.freedesktop.login1.reboot-ignore-inhibit" ||
+        action.id == "org.freedesktop.login1.reboot-multiple-sessions" ||
+        action.id == "org.freedesktop.login1.set-reboot-parameter" ||
+        action.id == "org.freedesktop.login1.set-reboot-to-boot-loader-entry" ||
+        action.id == "org.freedesktop.login1.set-reboot-to-boot-loader-menu" ||
+        action.id == "org.freedesktop.login1.set-reboot-to-firmware-setup" ||
+        action.id == "org.freedesktop.login1.set-self-linger" ||
+        action.id == "org.freedesktop.login1.set-user-linger" ||
+        action.id == "org.freedesktop.login1.set-wall-message" ||
+        action.id == "org.freedesktop.login1.suspend" ||
+        action.id == "org.freedesktop.login1.suspend-ignore-inhibit" ||
+        action.id == "org.freedesktop.login1.suspend-multiple-sessions"
+      ) {
+        return subject.active ? polkit.Result.AUTH_ADMIN : polkit.Result.NO;
+      };
+    });
+  '';
+}
--- a/razer.nix
+++ b/razer.nix
@ -0,0 +1,16 @@
+{ lib, config, pkgs, ... }:
+{
+  hardware.openrazer = {
+    enable = true;
+    users = [
+      "wroclaw"
+    ];
+  };
+#  users.groups.openrazer.members = [
+#    "wroclaw"
+#  ];
+  environment.systemPackages = with pkgs; [
+    openrazer-daemon
+    polychromatic
+  ];
+}
--- a/shell.nix
+++ b/shell.nix
@ -0,0 +1,66 @@
+{ config, pkgs, ... }:
+
+let
+  unstable = import <nixos-unstable> {};
+in
+{
+  environment.systemPackages = with pkgs; [
+    ranger
+    kitty
+  ];
+
+  programs.bash.interactiveShellInit = ''
+    if test -n "$KITTY_INSTALLATION_DIR"; then
+      export KITTY_SHELL_INTEGRATION="enabled,no-sudo"
+      source "$KITTY_INSTALLATION_DIR/shell-integration/bash/kitty.bash"
+    fi
+  '';
+
+  environment.etc."xdg/kitty/kitty.conf".text = ''
+    font_size 10.0
+    scrollback_lines 10000
+    window_border_width 0.5
+    window_padding_width 3
+    ${if config.services.xserver.desktopManager.gnome.enable then "hide_window_decorations yes" else null}
+    background_opacity 0.8
+    dynamic_background_opacity yes
+  '';
+
+  environment.etc."ranger/rc.conf".text = ''
+    eval import os; fm.set_option_from_string("preview_images", "true") if "KITTY_INSTALLATION_DIR" in os.environ else None;
+    eval import os; fm.set_option_from_string("preview_images_method", "kitty") if "KITTY_INSTALLATION_DIR" in os.environ else None;
+    set vcs_aware true
+    set show_hidden true
+
+    alias drag shell ${unstable.ripdrag}/bin/ripdrag -Axd %p &
+    map <C-d> drag
+  '';
+
+  programs.direnv.enable = true;
+
+  programs.starship = {
+    enable = true;
+    settings = {
+      format = "$all$line_break\${custom.ranger}$jobs$battery$time$status$os$container$shell$character";
+      directory = {
+        truncation_length = 5;
+        truncation_symbol = "…/";
+      };
+      username = {
+        show_always = true;
+      };
+      status.disabled = false;
+      custom.ranger = {
+        when = "test $RANGER_LEVEL";
+        command = "echo \"✦\"";
+        style = "bold 208";
+      };
+      # custom.PS1 = {
+      #   when = true;
+      #   command = "echo -e \"\\x1b\\x5d133;A\\x1b\\x5c\"";
+      #   format = "$output";
+      #   use_stdin = false;
+      # };
+    };
+  };
+}
--- a/virtualization.nix
+++ b/virtualization.nix
@ -0,0 +1,10 @@
+
+{ lib, config, pkgs, ... }:
+
+{
+  #virtualisation.waydroid.enable = true;
+  programs.virt-manager.enable = true;
+  virtualisation.libvirtd = {
+    enable = true;
+  };
+}