From 618e461e13a5e008c138f49662d5fc469ea02317 Mon Sep 17 00:00:00 2001 From: Wroclaw Date: Tue, 12 Dec 2023 00:48:10 +0100 Subject: [PATCH] Initial commit --- .gitignore | 3 + account.nix | 35 +++++++++ adb.nix | 10 +++ configuration.nix | 145 ++++++++++++++++++++++++++++++++++++ desktop/gnome.nix | 34 +++++++++ desktop/kde-plasma.nix | 17 +++++ docker.nix | 30 ++++++++ locale.nix | 32 ++++++++ nvidia.nix | 17 +++++ polkit/disable-shutdown.nix | 46 ++++++++++++ razer.nix | 16 ++++ shell.nix | 66 ++++++++++++++++ virtualization.nix | 10 +++ 13 files changed, 461 insertions(+) create mode 100644 .gitignore create mode 100644 account.nix create mode 100644 adb.nix create mode 100644 configuration.nix create mode 100644 desktop/gnome.nix create mode 100644 desktop/kde-plasma.nix create mode 100644 docker.nix create mode 100644 locale.nix create mode 100644 nvidia.nix create mode 100644 polkit/disable-shutdown.nix create mode 100644 razer.nix create mode 100644 shell.nix create mode 100644 virtualization.nix diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c93fdee --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +device-configuration.nix +hardware-configuration.nix +result diff --git a/account.nix b/account.nix new file mode 100644 index 0000000..a87929a --- /dev/null +++ b/account.nix @@ -0,0 +1,35 @@ +{ config, pkgs, ... }: + +let + unstable = import { config = config.nixpkgs.config; }; +in +{ + users.users.wroclaw = { + isNormalUser = true; + description = "Rafał"; + group = "wroclaw"; + extraGroups = [ + "users" + "wheel" + (if config.programs.adb.enable then "adbusers" else null) + ]; + linger = true; + # Initial password for the account + password = "nixos"; + packages = with pkgs; [ + firefox + vivaldi + discord-canary + unstable.vscode + ]; + }; + users.groups.wroclaw.gid = 1000; + + services.syncthing = { + enable = true; + user = "wroclaw"; + group = "wroclaw"; + dataDir = "/home/wroclaw"; + configDir = "/home/wroclaw/.config/syncthing"; + }; +} \ No newline at end of file diff --git a/adb.nix b/adb.nix new file mode 100644 index 0000000..c943b33 --- /dev/null +++ b/adb.nix @@ -0,0 +1,10 @@ +{ lib, config, pkgs, ... }: + +{ + config = { + programs.adb.enable = true; + environment.systemPackages = with pkgs; [ + scrcpy + ]; + }; +} diff --git a/configuration.nix b/configuration.nix new file mode 100644 index 0000000..4281a16 --- /dev/null +++ b/configuration.nix @@ -0,0 +1,145 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = + [ + # Include the results of the hardware scan. + (if builtins.pathExists /etc/nixos/hardware-configuration.nix then /etc/nixos/hardware-configuration.nix else null) + # Include device-specific overrides + (if builtins.pathExists /etc/nixos/device-configuration.nix then /etc/nixos/device-configuration.nix else null) + ./nvidia.nix + ./docker.nix + ./razer.nix + ./desktop/gnome.nix + #./desktop/kde-plasma.nix + ./shell.nix + ./virtualization.nix + ./polkit/disable-shutdown.nix + ./locale.nix + ./adb.nix + ./account.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Enable networking + networking.networkmanager.enable = true; + + # X11 and desktop/display manager is enabled using imported files + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable flatpak, some software is newer here unfortunately + services.flatpak.enable = true; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + + # Enable audio interfaces renaming + wireplumber.enable = true; + }; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + wget + git + ffmpeg + yt-dlp + mpv + pavucontrol + htop + btop + neofetch + ranger + gimp + inkscape + krita + smartmontools + ddrescue + ]; + + # terminal text editor + programs.neovim = { + enable = true; + viAlias = true; + defaultEditor = true; + configure = { + customRC = '' + set number + set hlsearch + set incsearch + set tabstop=4 + set softtabstop=4 + set shiftwidth=4 + set expandtab + set autoindent + + syntax on + set encoding=utf-8 + set wildmode=longest,list,full + set listchars=space:·,tab:┄┄» + set indentkeys-=0# + ''; + }; + }; + + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + }; + + # Enable fail2ban because of the OpenSSH server + services.fail2ban = { + enable = true; + maxretry = 10; + bantime = "7d"; + }; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + ports = [ + 22 + 8022 + ]; + extraConfig = '' + X11Forwarding yes + ''; + }; + + networking.firewall = { + enable = true; + # "Disable" firewall because of docker + allowedTCPPortRanges = [{ from = 0; to = 65535;}]; + allowedUDPPortRanges = [{ from = 0; to = 65535;}]; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + # I am lazy +} diff --git a/desktop/gnome.nix b/desktop/gnome.nix new file mode 100644 index 0000000..6da6bc5 --- /dev/null +++ b/desktop/gnome.nix @@ -0,0 +1,34 @@ +{lib, config, pkgs, ...}: + +let + unstable = import {}; +in +{ + config = { + services.xserver.enable = true; + services.xserver.desktopManager.gnome.enable = true; + services.xserver.displayManager.gdm = { + enable = true; + wayland = false; + autoSuspend = false; + }; + + # environment.sessionVariables.NIXOS_OZONE_WL = "1"; + + services.xserver.desktopManager.gnome.extraGSettingsOverrides = '' + [org.gnome.SessionManager] + logout-prompt=false + ''; + + environment.systemPackages = with pkgs; [ + gnomeExtensions.pop-shell + gnomeExtensions.vitals + gnomeExtensions.tray-icons-reloaded + gnomeExtensions.color-picker + gnomeExtensions.top-bar-organizer + # unstable.gnomeExtensions.translate-indicator + # translate-shell + pavucontrol + ]; + }; +} diff --git a/desktop/kde-plasma.nix b/desktop/kde-plasma.nix new file mode 100644 index 0000000..58a187b --- /dev/null +++ b/desktop/kde-plasma.nix @@ -0,0 +1,17 @@ +{lib, config, pkgs, ...}: + +{ + config = { + services.xserver.enable = true; + services.xserver.desktopManager.plasma5.enable = true; + services.xserver.displayManager.sddm.enable = true; + + # environment.sessionVariables.NIXOS_OZONE_WL = "1"; + + environment.systemPackages = with pkgs; [ + libsForQt5.plasma-browser-integration + translate-shell + pavucontrol + ]; + }; +} diff --git a/docker.nix b/docker.nix new file mode 100644 index 0000000..343d238 --- /dev/null +++ b/docker.nix @@ -0,0 +1,30 @@ +{ lib, config, pkgs, ... }: + +{ + config.virtualisation.docker = { + enable = true; + # enableNvidia = true; + enableOnBoot = true; + storageDriver = if config.fileSystems."/".fsType == "btrfs" then "btrfs" else null; + rootless.enable = true; + rootless.setSocketVariable = true; + daemon.settings = { + default-address-pools = [ + {base = "10.64.0.0/10"; size = 24;} + ]; + bip = "10.127.0.1/16"; + }; + }; + config.users.users.indocker = { + isSystemUser = true; + hashedPassword = "!"; + uid = 900; + group = "indocker"; + }; + config.users.groups.indocker = { + gid = 900; + }; + config.environment.systemPackages = with pkgs; [ + docker-compose + ]; +} diff --git a/locale.nix b/locale.nix new file mode 100644 index 0000000..2211101 --- /dev/null +++ b/locale.nix @@ -0,0 +1,32 @@ +{ ... }: + +{ + config = { + # Set your time zone. + time.timeZone = "Europe/Warsaw"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "pl_PL.UTF-8"; + LC_IDENTIFICATION = "pl_PL.UTF-8"; + LC_MEASUREMENT = "pl_PL.UTF-8"; + LC_MONETARY = "pl_PL.UTF-8"; + LC_NAME = "pl_PL.UTF-8"; + LC_NUMERIC = "pl_PL.UTF-8"; + LC_PAPER = "pl_PL.UTF-8"; + LC_TELEPHONE = "pl_PL.UTF-8"; + LC_TIME = "pl_PL.UTF-8"; + }; + + # Configure keymap in X11 + services.xserver = { + layout = "pl"; + xkbVariant = ""; + }; + + # Configure console keymap + console.keyMap = "pl2"; + }; +} diff --git a/nvidia.nix b/nvidia.nix new file mode 100644 index 0000000..6a30716 --- /dev/null +++ b/nvidia.nix @@ -0,0 +1,17 @@ +{ config, lib, pkgs, ...}: + +{ + hardware.opengl = { + enable = true; + driSupport = true; + driSupport32Bit = true; + }; + services.xserver.videoDrivers = ["nvidia"]; + hardware.nvidia = { + modesetting.enable = true; + powerManagement.enable = true; + open = false; + nvidiaSettings = true; + package = config.boot.kernelPackages.nvidiaPackages.stable; + }; +} diff --git a/polkit/disable-shutdown.nix b/polkit/disable-shutdown.nix new file mode 100644 index 0000000..24571dd --- /dev/null +++ b/polkit/disable-shutdown.nix @@ -0,0 +1,46 @@ +{ ... }: + +{ + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + polkit.log("action=" + action); + polkit.log("subject=" + subject); + if ( + action.id == "org.freedesktop.login1.halt" || + action.id == "org.freedesktop.login1.halt-ignore-inhibit" || + action.id == "org.freedesktop.login1.halt-multiple-sessions" || + action.id == "org.freedesktop.login1.hibernate" || + action.id == "org.freedesktop.login1.hibernate-ignore-inhibit" || + action.id == "org.freedesktop.login1.hibernate-multiple-sessions" || + action.id == "org.freedesktop.login1.inhibit-block-idle" || + action.id == "org.freedesktop.login1.inhibit-block-shutdown" || + action.id == "org.freedesktop.login1.inhibit-block-sleep" || + action.id == "org.freedesktop.login1.inhibit-delay-shutdown" || + action.id == "org.freedesktop.login1.inhibit-delay-sleep" || + action.id == "org.freedesktop.login1.inhibit-handle-hibernate-key" || + action.id == "org.freedesktop.login1.inhibit-handle-lid-switch" || + action.id == "org.freedesktop.login1.inhibit-handle-power-key" || + action.id == "org.freedesktop.login1.inhibit-handle-reboot-key" || + action.id == "org.freedesktop.login1.inhibit-handle-suspend-key" || + action.id == "org.freedesktop.login1.power-off" || + action.id == "org.freedesktop.login1.power-off-ignore-inhibit" || + action.id == "org.freedesktop.login1.power-off-multiple-sessions" || + action.id == "org.freedesktop.login1.reboot" || + action.id == "org.freedesktop.login1.reboot-ignore-inhibit" || + action.id == "org.freedesktop.login1.reboot-multiple-sessions" || + action.id == "org.freedesktop.login1.set-reboot-parameter" || + action.id == "org.freedesktop.login1.set-reboot-to-boot-loader-entry" || + action.id == "org.freedesktop.login1.set-reboot-to-boot-loader-menu" || + action.id == "org.freedesktop.login1.set-reboot-to-firmware-setup" || + action.id == "org.freedesktop.login1.set-self-linger" || + action.id == "org.freedesktop.login1.set-user-linger" || + action.id == "org.freedesktop.login1.set-wall-message" || + action.id == "org.freedesktop.login1.suspend" || + action.id == "org.freedesktop.login1.suspend-ignore-inhibit" || + action.id == "org.freedesktop.login1.suspend-multiple-sessions" + ) { + return subject.active ? polkit.Result.AUTH_ADMIN : polkit.Result.NO; + }; + }); + ''; +} diff --git a/razer.nix b/razer.nix new file mode 100644 index 0000000..cd9dcf1 --- /dev/null +++ b/razer.nix @@ -0,0 +1,16 @@ +{ lib, config, pkgs, ... }: +{ + hardware.openrazer = { + enable = true; + users = [ + "wroclaw" + ]; + }; +# users.groups.openrazer.members = [ +# "wroclaw" +# ]; + environment.systemPackages = with pkgs; [ + openrazer-daemon + polychromatic + ]; +} diff --git a/shell.nix b/shell.nix new file mode 100644 index 0000000..c4b57f6 --- /dev/null +++ b/shell.nix @@ -0,0 +1,66 @@ +{ config, pkgs, ... }: + +let + unstable = import {}; +in +{ + environment.systemPackages = with pkgs; [ + ranger + kitty + ]; + + programs.bash.interactiveShellInit = '' + if test -n "$KITTY_INSTALLATION_DIR"; then + export KITTY_SHELL_INTEGRATION="enabled,no-sudo" + source "$KITTY_INSTALLATION_DIR/shell-integration/bash/kitty.bash" + fi + ''; + + environment.etc."xdg/kitty/kitty.conf".text = '' + font_size 10.0 + scrollback_lines 10000 + window_border_width 0.5 + window_padding_width 3 + ${if config.services.xserver.desktopManager.gnome.enable then "hide_window_decorations yes" else null} + background_opacity 0.8 + dynamic_background_opacity yes + ''; + + environment.etc."ranger/rc.conf".text = '' + eval import os; fm.set_option_from_string("preview_images", "true") if "KITTY_INSTALLATION_DIR" in os.environ else None; + eval import os; fm.set_option_from_string("preview_images_method", "kitty") if "KITTY_INSTALLATION_DIR" in os.environ else None; + set vcs_aware true + set show_hidden true + + alias drag shell ${unstable.ripdrag}/bin/ripdrag -Axd %p & + map drag + ''; + + programs.direnv.enable = true; + + programs.starship = { + enable = true; + settings = { + format = "$all$line_break\${custom.ranger}$jobs$battery$time$status$os$container$shell$character"; + directory = { + truncation_length = 5; + truncation_symbol = "…/"; + }; + username = { + show_always = true; + }; + status.disabled = false; + custom.ranger = { + when = "test $RANGER_LEVEL"; + command = "echo \"✦\""; + style = "bold 208"; + }; + # custom.PS1 = { + # when = true; + # command = "echo -e \"\\x1b\\x5d133;A\\x1b\\x5c\""; + # format = "$output"; + # use_stdin = false; + # }; + }; + }; +} diff --git a/virtualization.nix b/virtualization.nix new file mode 100644 index 0000000..7aaa239 --- /dev/null +++ b/virtualization.nix @@ -0,0 +1,10 @@ + +{ lib, config, pkgs, ... }: + +{ + #virtualisation.waydroid.enable = true; + programs.virt-manager.enable = true; + virtualisation.libvirtd = { + enable = true; + }; +}