chvp/nixos-config
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Reorganize for zfs

Browse source
This commit is contained in:
Charlotte Van Petegem 2020-05-23 09:59:32 +02:00
parent 2933964680
commit cfb48de40c
57 changed files with 817 additions and 492 deletions
Download patch file Download diff file Expand all files Collapse all files

6
configurations/adb.nix Normal file
View file

@ -0,0 +1,6 @@
{ ... }:
{
programs.adb.enable = true;
users.users.charlotte.extraGroups = [ "adbusers" ];
}

0
configurations/base-x/default.nix → configurations/base-x.nix
View file

5
configurations/direnv/default.nix → configurations/direnv.nix
View file

@ -1,6 +1,11 @@
{ ... }:
{
custom.zfs.homeLinks = [
{ path = ".local/share/direnv"; type = "cache"; }
{ path = ".cache/lorri"; type = "cache"; }
];
home-manager.users.charlotte = { ... }: {
programs.direnv = {
enable = true;

13
configurations/docker.nix Normal file
View file

@ -0,0 +1,13 @@
{ ... }:
{
custom.zfs.systemLinks = [
{ path = "/var/lib/docker"; type = "cache"; }
{ path = "/var/lib/docker/volumes"; type = "data"; }
];
virtualisation.docker.enable = true;
users.users.charlotte.extraGroups = [
"docker"
];
}

4
configurations/dropbox/default.nix → configurations/dropbox.nix
View file

@ -1,6 +1,10 @@
{ ... }:
{
custom.zfs.homeLinks = [
{ path = ".dropbox"; type = "data"; }
{ path = "Dropbox"; type = "data"; }
];
home-manager.users.charlotte = { pkgs, ... }: {
systemd.user.services = {
dropbox = {

10
configurations/eid.nix Normal file
View file

@ -0,0 +1,10 @@
{ pkgs, ... }:
{
services.pcscd = {
enable = true;
plugins = [ pkgs.ccid ];
};
environment.systemPackages = with pkgs; [ eid-mw ];
}

10
configurations/firefox.nix Normal file
View file

@ -0,0 +1,10 @@
{ ... }: {
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = with pkgs; [ firefox ];
};
custom.zfs.homeLinks = [
{ path = ".cache/mozilla"; type = "cache"; }
{ path = ".mozilla"; type = "data"; }
];
}

25
configurations/fonts.nix Normal file
View file

@ -0,0 +1,25 @@
{ pkgs, ... }:
{
fonts = {
enableFontDir = true;
fontconfig = {
enable = true;
defaultFonts = {
emoji = [ "Noto Color Emoji" ];
monospace = [ "Fira Code" ];
sansSerif = [ "Noto Sans" ];
serif = [ "Noto Serif" ];
};
};
fonts = with pkgs; [
fira-code
fira-code-symbols
font-awesome_4
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
noto-fonts-extra
];
};
}

2
configurations/git/default.nix → configurations/git.nix
View file

@ -19,7 +19,7 @@
enable = true;
extraConfig = {
branch = {
setupautorebase = "always";
autosetuprebase = "always";
};
};
ignores = [

22
configurations/gnupg.nix Normal file
View file

@ -0,0 +1,22 @@
{ ... }:
{
custom.zfs.homeLinks = [
{ path = ".gnupg/crls.d"; type = "data"; }
{ path = ".gnupg/private-keys-v1.d"; type = "data"; }
{ path = ".gnupg/pubring.kbx"; type = "data"; }
{ path = ".gnupg/trustdb.gpg"; type = "data"; }
];
programs.gnupg.agent.enable = true;
home-manager.users.charlotte = { pkgs, ... }: {
programs = {
gpg.enable = true;
};
services.gpg-agent = {
enable = true;
defaultCacheTtl = 7200;
maxCacheTtl = 99999;
pinentryFlavor = "qt";
};
};
}

9
configurations/i3/default.nix → configurations/i3.nix
View file

@ -1,11 +1,10 @@
with import <nixpkgs> { };
{ ... }:
{ pkgs, ... }:
let
launcher = import ../sway/launcher.nix { inherit pkgs stdenv; };
status-configuration = import ../sway/status-configuration.nix { inherit pkgs; };
launcher = import ./sway/launcher.nix { inherit pkgs; stdenv = pkgs.stdenv; };
status-configuration = import ./sway/status-configuration.nix { inherit pkgs; };
in
{
imports = [ ../base-x/default.nix ];
imports = [ ./base-x.nix ];
home-manager.users.charlotte = { pkgs, ... }: {
xsession = {
windowManager.i3 = {

12
configurations/joplin.nix Normal file
View file

@ -0,0 +1,12 @@
{ ... }:
{
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = with pkgs; [ joplin-desktop ];
};
custom.zfs.homeLinks = [
{ path = ".config/joplin-desktop"; type = "data"; }
{ path = ".config/Joplin"; type = "data"; }
];
}

6
configurations/kernel.nix Normal file
View file

@ -0,0 +1,6 @@
{ pkgs, ... }:
{
# Use latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
}

0
configurations/kitty/default.nix → configurations/kitty.nix
View file

15
configurations/locale.nix Normal file
View file

@ -0,0 +1,15 @@
{ ... }:
{
i18n = {
defaultLocale = "en_IE.UTF-8";
extraLocaleSettings = {
LC_TIME = "en_GB.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
}

41
configurations/mounts.nix Normal file
View file

@ -0,0 +1,41 @@
{ pkgs, ... }:
{
imports = [ ./mounts/secret.nix ];
environment.systemPackages = [ pkgs.keyutils ];
# Remove this once https://github.com/NixOS/nixpkgs/issues/34638 is resolved
# The TL;DR is: the kernel calls out to the hard-coded path of
# /sbin/request-key as part of its CIFS auth process, which of course does
# not exist on NixOS due to the usage of Nix store paths.
system.activationScripts.symlink-requestkey = ''
if [ ! -d /sbin ]; then
mkdir /sbin
fi
ln -sfn /run/current-system/sw/bin/request-key /sbin/request-key
'';
# request-key expects a configuration file under /etc
environment.etc."request-key.conf" = {
text =
let
upcall = "${pkgs.cifs-utils}/bin/cifs.upcall";
keyctl = "${pkgs.keyutils}/bin/keyctl";
in
''
#OP TYPE DESCRIPTION CALLOUT_INFO PROGRAM
# -t is required for DFS share servers...
create cifs.spnego * * ${upcall} -t %k
create dns_resolver * * ${upcall} %k
# Everything below this point is essentially the default configuration,
# modified minimally to work under NixOS. Notably, it provides debug
# logging.
create user debug:* negate ${keyctl} negate %k 30 %S
create user debug:* rejected ${keyctl} reject %k 30 %c %S
create user debug:* expired ${keyctl} reject %k 30 %c %S
create user debug:* revoked ${keyctl} reject %k 30 %c %S
create user debug:loop:* * |${pkgs.coreutils}/bin/cat
create user debug:* * ${pkgs.keyutils}/share/keyutils/request-key-debug.sh %k %d %c %S
negate * * * ${keyctl} negate %k 30 %S
'';
};
}

BIN
configurations/mounts/secret.nix Normal file
View file

Binary file not shown.

17
configurations/neovim/default.nix → configurations/neovim.nix
View file

@ -20,11 +20,16 @@ let
};
};
};
jdtls = import ../../packages/jdtls/default.nix { inherit pkgs; stdenv = pkgs.stdenv; };
kotlinls = import ../../packages/kotlin-language-server/default.nix { inherit pkgs; };
nodePackages = import ../../packages/node/default.nix { inherit pkgs; };
jdtls = import ../packages/jdtls/default.nix { inherit pkgs; stdenv = pkgs.stdenv; };
kotlinls = import ../packages/kotlin-language-server/default.nix { inherit pkgs; };
nodePackages = import ../packages/node/default.nix { inherit pkgs; };
in
{
custom.zfs.homeLinks = [
{ path = ".local/share/nvim"; type = "cache"; }
{ path = ".cache/nvim"; type = "cache"; }
];
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = [
(
@ -42,11 +47,11 @@ in
" Undo over sessions
set undofile
set undodir=~/.cache/nvimundo
set undodir=~/.cache/nvim/undo
" Automatically save sessions on exit and load them on start
function! MakeSession()
let b:sessiondir = $HOME . "/.config/nvim/sessions" . getcwd()
let b:sessiondir = $HOME . "/.local/share/nvim/sessions" . getcwd()
if (filewritable(b:sessiondir) != 2)
exe 'silent !mkdir -p ' b:sessiondir
redraw!
@ -56,7 +61,7 @@ in
endfunction
function! LoadSession()
let b:sessiondir = $HOME . "/.config/nvim/sessions" . getcwd()
let b:sessiondir = $HOME . "/.local/share/nvim/sessions" . getcwd()
let b:sessionfile = b:sessiondir . "/session.vim"
if (filereadable(b:sessionfile))
exe 'source ' b:sessionfile

25
configurations/networkmanager.nix Normal file
View file

@ -0,0 +1,25 @@
{ pkgs, ... }:
{
custom.zfs.systemLinks = [
{ path = "/etc/NetworkManager/system-connections"; type = "data"; }
];
networking = {
hosts = { "127.0.0.1" = [ "dodona.localhost" "sandbox.localhost" ]; };
networkmanager = {
enable = true;
packages = [ pkgs.networkmanager-vpnc ];
wifi.macAddress = "random";
};
};
users.users.charlotte.extraGroups = [
"networkmanager"
];
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = with pkgs; [
networkmanagerapplet
];
};
}

36
configurations/nix-index.nix Normal file
View file

@ -0,0 +1,36 @@
{ ... }:
{
custom.zfs.homeLinks = [
{ path = ".cache/nix-index"; type = "cache"; }
];
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = with pkgs; [
nix-index
];
systemd.user = {
services.nix-index = {
Unit = {
Description = "Service to run nix-index";
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.nix-index}/bin/nix-index";
};
};
timers.nix-index = {
Unit = {
Description = "Timer that starts nix-index every two hours";
PartOf = [ "nix-index.service" ];
};
Timer = {
OnCalendar = "00/2:30";
};
Install = {
WantedBy = [ "default.target" ];
};
};
};
};
}

25
configurations/nix-store.nix Normal file
View file

@ -0,0 +1,25 @@
{ ... }:
{
nix = {
gc = {
automatic = true;
dates = "hourly";
options = "--delete-older-than 7d";
};
optimise = {
automatic = true;
dates = [ "hourly" ];
};
};
system.autoUpgrade = {
allowReboot = false;
enable = true;
dates = "hourly";
};
home-manager.users.charlotte = { ... }: {
nixpkgs.config.allowUnfree = true;
};
}

4
configurations/openbox/default.nix → configurations/openbox.nix
View file

@ -1,9 +1,9 @@
{ ... }:
{
imports = [ ../base-x/default.nix ];
imports = [ ./base-x.nix ];
home-manager.users.charlotte = { pkgs, ... }: {
xdg.configFile."openbox/rc.xml".source = ./rc.xml;
xdg.configFile."openbox/rc.xml".source = ./openbox/rc.xml;
xsession = {
windowManager.command = "${pkgs.openbox}/bin/openbox";
initExtra = ''

15
configurations/sound.nix Normal file
View file

@ -0,0 +1,15 @@
{ ... }:
{
custom.zfs.systemLinks = [
{ path = "/var/lib/pulse"; type = "data"; }
];
sound.enable = true;
hardware.pulseaudio = {
enable = true;
systemWide = true;
};
users.users.charlotte.extraGroups = [ "audio" ];
}

11
configurations/ssh/default.nix → configurations/ssh.nix
View file

@ -1,7 +1,16 @@
{ ... }:
{
home-manager.users.charlotte = { ... }: {
imports = [ ./ssh/secret.nix ];
custom.zfs.homeLinks = [
{ path = ".ssh/known_hosts"; type = "cache"; }
];
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = with pkgs; [
ssh
];
programs.ssh = {
enable = true;
compression = true;

BIN
configurations/ssh/secret.nix Normal file
View file

Binary file not shown.

16
configurations/sway/default.nix → configurations/sway.nix
View file

@ -1,16 +1,12 @@
with import <nixpkgs> { };
{ pkgs, ... }:
let
firefox = import ../../programs/firefox/default.nix { inherit pkgs; };
launcher = import ./launcher.nix { inherit pkgs stdenv; };
color-picker = import ./color-picker.nix { inherit pkgs; };
screenshot = import ./screenshot.nix { inherit pkgs; };
status-configuration = import ./status-configuration.nix { inherit pkgs; };
launcher = import ./sway/launcher.nix { inherit pkgs; stdenv = pkgs.stdenv; };
color-picker = import ./sway/color-picker.nix { inherit pkgs; };
screenshot = import ./sway/screenshot.nix { inherit pkgs; };
status-configuration = import ./sway/status-configuration.nix { inherit pkgs; };
in
{
imports = [
./kanshi.nix
];
imports = [ ./sway/kanshi.nix ];
programs = {
sway = {
enable = true;
@ -92,7 +88,7 @@ in
### Startup programs
#
workspace 1
exec ${firefox}/bin/firefox
exec ${pkgs.firefox}/bin/firefox
workspace 3
exec ${pkgs.thunderbird}/bin/thunderbird
workspace 4

9
configurations/sway/launcher.nix
View file

@ -1,6 +1,5 @@
{ pkgs, stdenv }:
let
pass = import ../../programs/pass/default.nix { inherit pkgs; };
gemoji = pkgs.buildRubyGem {
pname = "gemoji";
gemName = "gemoji";
@ -74,16 +73,16 @@ pkgs.writeScriptBin "launcher" ''
echo $passfile
case $option in
username)
swaymsg exec -- "${pass}/bin/pass show '$passfile' | sed -n 's/^Username: *//p' | tr -d '\n' | ${pkgs.wl-clipboard}/bin/wl-copy --foreground"
swaymsg exec -- "${pkgs.pass}/bin/pass show '$passfile' | sed -n 's/^Username: *//p' | tr -d '\n' | ${pkgs.wl-clipboard}/bin/wl-copy --foreground"
;;
password)
swaymsg exec -- "${pass}/bin/pass show -c0 '$passfile'"
swaymsg exec -- "${pkgs.pass}/bin/pass show -c0 '$passfile'"
;;
otp)
swaymsg exec -- "${pass}/bin/pass otp -c '$passfile'"
swaymsg exec -- "${pkgs.pass}/bin/pass otp -c '$passfile'"
;;
edit)
${pass}/bin/pass edit "$passfile"
${pkgs.pass}/bin/pass edit "$passfile"
;;
esac
}

11
configurations/syncthing.nix Normal file
View file

@ -0,0 +1,11 @@
{ ... }:
{
custom.zfs.homeLinks = [
{ path = ".config/syncthing"; type = "data"; }
{ path = "sync"; type = "data"; }
];
home-manager.users.charlotte = { pkgs, ... }: {
services.syncthing.enable = true;
};
}

7
configurations/syncthing/default.nix
View file

@ -1,7 +0,0 @@
{ ... }:
{
home-manager.users.charlotte = { pkgs, ... }: {
services.syncthing.enable = true;
};
}

11
configurations/teams.nix Normal file
View file

@ -0,0 +1,11 @@
{ ... }:
{
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = with pkgs; [ teams ];
};
custom.zfs.homeLinks = [
{ path = ".config/Microsoft"; type = "data"; }
];
}

47
configurations/themes.nix Normal file
View file

@ -0,0 +1,47 @@
{ ... }:
{
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = [ pkgs.vanilla-dmz ];
home.file = {
".icons/default/index.theme".text = ''
[Icon Theme]
Name=Default
Comment=Default Cursor Theme
Inherits=Vanilla-DMZ
'';
};
dconf.settings."org/gnome/desktop/interface" = {
gtk-theme = "Arc";
icon-theme = "Arc";
cursor-theme = "Vanilla-DMZ";
};
gtk = {
enable = true;
font = {
package = pkgs.noto-fonts;
name = "Noto Sans 10";
};
gtk2.extraConfig = ''
gtk-cursor-theme-name = "Vanilla-DMZ"
gtk-cursor-theme-size = 0
'';
gtk3.extraConfig = {
gtk-cursor-theme-name = "Vanilla-DMZ";
gtk-cursor-theme-size = 0;
};
iconTheme = {
package = pkgs.arc-icon-theme;
name = "Arc";
};
theme = {
package = pkgs.arc-theme;
name = "Arc";
};
};
qt = {
enable = true;
platformTheme = "gtk";
};
};
}

12
configurations/thunderbird.nix Normal file
View file

@ -0,0 +1,12 @@
{ ... }:
{
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = with pkgs; [ thunderbird ];
};
custom.zfs.homeLinks = [
{ path = ".cache/thunderbird"; type = "cache"; }
{ path = ".thunderbird"; type = "data"; }
];
}

4
configurations/tmux/default.nix → configurations/tmux.nix
View file

@ -17,8 +17,8 @@
tmuxinator.enable = true;
};
xdg.configFile = {
"tmuxinator/accentor.yml".source = ./accentor.yml;
"tmuxinator/dodona.yml".source = ./dodona.yml;
"tmuxinator/accentor.yml".source = ./tmux/accentor.yml;
"tmuxinator/dodona.yml".source = ./tmux/dodona.yml;
};
};
}

23
configurations/users.nix Normal file
View file

@ -0,0 +1,23 @@
{ pkgs, ... }:
{
imports = [ ./users/secret.nix ];
users = {
mutableUsers = false;
defaultUserShell = pkgs.zsh;
users = {
charlotte = {
isNormalUser = true;
home = "/home/charlotte";
description = "Charlotte Van Petegem";
extraGroups = [
"input"
"systemd-journal"
"video"
"wheel"
];
};
};
};
}

BIN
configurations/users/secret.nix Normal file
View file

Binary file not shown.

32
configurations/xdg-dirs.nix Normal file
View file

@ -0,0 +1,32 @@
{ ... }:
{
custom.zfs.homeLinks = [
{ path = "desktop"; type = "data"; }
{ path = "documents"; type = "data"; }
{ path = "downloads"; type = "data"; }
{ path = "music"; type = "data"; }
{ path = "pictures"; type = "data"; }
{ path = "repos"; type = "data"; }
{ path = "templates"; type = "data"; }
{ path = "videos"; type = "data"; }
];
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = with pkgs; [ xdg-user-dirs ];
xdg = {
enable = true;
userDirs = {
enable = true;
desktop = "\$HOME/desktop";
documents = "\$HOME/documents";
download = "\$HOME/downloads";
music = "\$HOME/music";
pictures = "\$HOME/pictures";
publicShare = "\$HOME/desktop";
templates = "\$HOME/templates";
videos = "\$HOME/videos";
};
};
};
}

6
configurations/zsh/default.nix → configurations/zsh.nix
View file

@ -1,6 +1,10 @@
{ ... }:
{
custom.zfs.homeLinks = [
{ path = ".local/share/autojump"; type = "cache"; }
{ path = ".local/share/zsh"; type = "cache"; }
];
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = [ pkgs.autojump ];
programs.zsh = {
@ -10,7 +14,7 @@
dotDir = ".config/zsh";
history = {
expireDuplicatesFirst = true;
path = "\$HOME/.config/zsh/zsh_history";
path = "\$HOME/.local/share/zsh/history";
};
initExtra = ''
source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh

27
machines/pentos/default.nix → machines/kholinar/default.nix
View file

@ -1,21 +1,28 @@
{ config, pkgs, ... }:
{ pkgs, lib, ... }:
{
imports = [
<home-manager/nixos>
./hardware.nix
./secret.nix
../../configurations/eid.nix
../../profiles/bluetooth/default.nix
../../profiles/common/default.nix
../../profiles/graphical/default.nix
];
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
# Use the systemd-boot EFI boot loader.
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
networking.hostName = "pentos";
networking = {
hostId = "3cc1a4b2";
hostName = "kholinar";
};
time.timeZone = "Europe/Brussels";
@ -25,14 +32,18 @@
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.03";
system.stateVersion = "20.09";
home-manager.users.charlotte = { ... }: {
home.stateVersion = "20.03";
home.stateVersion = "20.09";
};
# Machine-specific application settings
# Machine-specific settings
custom = {
git.email = "charlotte@vanpetegem.me";
zfs = {
enable = true;
encrypted = true;
};
};
}

48
machines/kholinar/hardware.nix Normal file
View file

@ -0,0 +1,48 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ "i915" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "rpool/local/root";
fsType = "zfs";
};
fileSystems."/nix" = {
device = "rpool/local/nix";
fsType = "zfs";
};
fileSystems."/data" = {
device = "rpool/safe/data";
fsType = "zfs";
};
fileSystems."/cache" = {
device = "rpool/local/cache";
fsType = "zfs";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/BEEE-D83A";
fsType = "vfat";
};
swapDevices = [
{ device = "/dev/disk/by-uuid/6c09b90f-8971-4702-a18a-f06dfb3d8dcd"; }
];
nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = true;
}

BIN
machines/kholinar/secret.nix Normal file
View file

Binary file not shown.

1
machines/oldtown/default.nix
View file

@ -5,6 +5,7 @@
<home-manager/nixos>
./hardware.nix
./secret.nix
../../configurations/eid.nix
../../profiles/bluetooth/default.nix
../../profiles/common/default.nix
../../profiles/graphical/default.nix

29
machines/pentos/hardware.nix
View file

@ -1,29 +0,0 @@
{ config, lib, pkgs, ... }:
{
imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
# Early KMS start
boot.initrd.kernelModules = [ "i915" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/0eb8b94a-5fc2-4b24-962a-94b3675b6f5b";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/46AC-2E2E";
fsType = "vfat";
};
swapDevices = [
{ device = "/dev/disk/by-uuid/b8f6154e-6b1f-42d7-8fe0-c03d7ad150f3"; }
];
nix.maxJobs = lib.mkDefault 8;
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = true;
}

BIN
machines/pentos/secret.nix
View file

Binary file not shown.

56
modules/zfs.nix Normal file
View file

@ -0,0 +1,56 @@
{ config, lib, ... }:
{
options.custom.zfs = {
enable = lib.mkOption {
default = false;
example = true;
};
encrypted = lib.mkOption {
default = false;
example = true;
};
systemLinks = lib.mkOption {
default = [ ];
example = [
{ path = "/var/lib/docker"; type = "cache"; }
{ path = "/var/lib/docker/volumes"; type = "data"; }
];
};
homeLinks = lib.mkOption {
default = [ ];
example = [
{ path = ".config/syncthing"; type = "data"; }
{ path = ".cache/nix-index"; type = "cache"; }
];
};
};
config.boot = lib.mkIf config.custom.zfs.enable {
supportedFilesystems = [ "zfs" ];
zfs.requestEncryptionCredentials = config.custom.zfs.encrypted;
initrd.postDeviceCommands = lib.mkAfter ''
zfs rollback -r rpool/local/root@blank
'';
};
config.services.zfs.autoScrub.enable = config.custom.zfs.enable;
config.services.zfs.trim.enable = config.custom.zfs.enable;
config.environment.etc = lib.mkIf config.custom.zfs.enable {
nixos = { source = "/data/etc/nixos/"; };
};
config.systemd.tmpfiles.rules = lib.mkIf config.custom.zfs.enable (
[ "d /home/charlotte 0700 charlotte users - -" ] ++
(map (location: "L ${location.path} - - - - /${location.type}${location.path}") config.custom.zfs.systemLinks)
);
config.home-manager.users.charlotte = { ... }: {
systemd.user.tmpfiles.rules = lib.mkIf config.custom.zfs.enable (
map
(location: "L /home/charlotte/${location.path} - - - - /${location.type}/home/charlotte/${location.path}")
config.custom.zfs.homeLinks
);
};
}

14
overlays/default.nix Normal file
View file

@ -0,0 +1,14 @@
{ ... }:
let
overlays = [
(import ./pass.nix)
(import ./ssh.nix)
];
in
{
nixpkgs.overlays = overlays;
home-manager.users.charlotte = { pkgs, ... }: {
nixpkgs.overlays = overlays;
};
}

4
overlays/pass.nix Normal file
View file

@ -0,0 +1,4 @@
self: super: {
firefox = super.firefox.override { extraNativeMessagingHosts = [ self.passff-host ]; };
pass = (super.pass-wayland.override { pass = super.pass-wayland; }).withExtensions (ext: [ ext.pass-otp ]);
}

16
overlays/ssh.nix Normal file
View file

@ -0,0 +1,16 @@
self: super: {
ssh = self.symlinkJoin {
name = "openssh";
paths = [
(
self.writeScriptBin "ssh" ''
#!${self.zsh}/bin/zsh
export TERM=xterm-256color
${super.openssh}/bin/ssh $@
''
)
super.openssh
];
};
}

143
packages/kotlin-language-server/gradle-env.nix
View file

@ -84,30 +84,30 @@ let
(id: "${replaceStrings [ "." ] [ "/" ] id.group}/${id.name}/maven-metadata.xml")
ids;
in
attrValues
(
mapAttrs
(
path: meta:
let
versions' = sort versionOlder (unique meta.versions);
in
with meta; writeTextDir path ''
<?xml version="1.0" encoding="UTF-8"?>
<metadata modelVersion="1.1">
<groupId>${groupId}</groupId>
<artifactId>${artifactId}</artifactId>
<versioning>
${optionalString (latest != "") "<latest>${latest}</latest>"}
${optionalString (release != "") "<release>${release}</release>"}
<versions>
${concatMapStringsSep "\n " (v: "<version>${v}</version>") versions'}
</versions>
</versioning>
</metadata>
''
) modules
);
attrValues (
mapAttrs
(
path: meta:
let
versions' = sort versionOlder (unique meta.versions);
in
with meta; writeTextDir path ''
<?xml version="1.0" encoding="UTF-8"?>
<metadata modelVersion="1.1">
<groupId>${groupId}</groupId>
<artifactId>${artifactId}</artifactId>
<versioning>
${optionalString (latest != "") "<latest>${latest}</latest>"}
${optionalString (release != "") "<release>${release}</release>"}
<versions>
${concatMapStringsSep "\n " (v: "<version>${v}</version>") versions'}
</versions>
</versioning>
</metadata>
''
)
modules
);
mkSnapshotMetadata = deps:
let
snapshotDeps = filter (dep: dep ? build && dep ? timestamp) deps;
@ -156,31 +156,31 @@ let
</snapshotVersion>
'';
in
attrValues
(
mapAttrs
(
path: meta:
with meta; writeTextDir path ''
<?xml version="1.0" encoding="UTF-8"?>
<metadata modelVersion="1.1">
<groupId>${groupId}</groupId>
<artifactId>${artifactId}</artifactId>
<version>${version}</version>
<versioning>
<snapshot>
${optionalString (timestamp != "") "<timestamp>${timestamp}</timestamp>"}
${optionalString (buildNumber != -1) "<buildNumber>${toString buildNumber}</buildNumber>"}
</snapshot>
${optionalString (lastUpdated != "") "<lastUpdated>${lastUpdated}</lastUpdated>"}
<snapshotVersions>
${concatMapStringsSep "\n " mkSnapshotVersion versions}
</snapshotVersions>
</versioning>
</metadata>
''
) modules
);
attrValues (
mapAttrs
(
path: meta:
with meta; writeTextDir path ''
<?xml version="1.0" encoding="UTF-8"?>
<metadata modelVersion="1.1">
<groupId>${groupId}</groupId>
<artifactId>${artifactId}</artifactId>
<version>${version}</version>
<versioning>
<snapshot>
${optionalString (timestamp != "") "<timestamp>${timestamp}</timestamp>"}
${optionalString (buildNumber != -1) "<buildNumber>${toString buildNumber}</buildNumber>"}
</snapshot>
${optionalString (lastUpdated != "") "<lastUpdated>${lastUpdated}</lastUpdated>"}
<snapshotVersions>
${concatMapStringsSep "\n " mkSnapshotVersion versions}
</snapshotVersions>
</versioning>
</metadata>
''
)
modules
);
mkRepo = project: type: deps: buildEnv {
name = "${project}-gradle-${type}-env";
paths = map mkDep deps ++ mkModuleMetadata deps ++ mkSnapshotMetadata deps;
@ -248,32 +248,31 @@ let
pname = args.pname or projectEnv.name;
version = args.version or projectEnv.version;
in
stdenv.mkDerivation
(
args // {
stdenv.mkDerivation (
args // {
inherit pname version;
inherit pname version;
nativeBuildInputs = (args.nativeBuildInputs or [ ]) ++ [ projectEnv.gradle ];
nativeBuildInputs = (args.nativeBuildInputs or [ ]) ++ [ projectEnv.gradle ];
buildPhase = args.buildPhase or ''
runHook preBuild
buildPhase = args.buildPhase or ''
runHook preBuild
(
set -x
env \
"GRADLE_USER_HOME=$(mktemp -d)" \
gradle --offline --no-daemon --no-build-cache \
--info --full-stacktrace --warning-mode=all \
${optionalString enableParallelBuilding "--parallel"} \
${optionalString enableDebug "-Dorg.gradle.debug=true"} \
--init-script ${projectEnv.initScript} \
${concatStringsSep " " gradleFlags}
)
(
set -x
env \
"GRADLE_USER_HOME=$(mktemp -d)" \
gradle --offline --no-daemon --no-build-cache \
--info --full-stacktrace --warning-mode=all \
${optionalString enableParallelBuilding "--parallel"} \
${optionalString enableDebug "-Dorg.gradle.debug=true"} \
--init-script ${projectEnv.initScript} \
${concatStringsSep " " gradleFlags}
)
runHook postBuild
'';
runHook postBuild
'';
dontStrip = true;
}
)
dontStrip = true;
}
)

169
packages/node/node-env.nix
View file

@ -5,7 +5,8 @@ let
python = if nodejs ? python then nodejs.python else python2;
# Create a tar wrapper that filters all the 'Ignoring unknown extended header keyword' noise
tarWrapper = runCommand "tarWrapper" { } ''
tarWrapper = runCommand "tarWrapper"
{ } ''
mkdir -p $out/bin
cat > $out/bin/tar <<EOF
@ -36,7 +37,8 @@ let
'';
};
includeDependencies = { dependencies }:
stdenv.lib.optionalString (dependencies != [ ])
stdenv.lib.optionalString
(dependencies != [ ])
(stdenv.lib.concatMapStrings
(dependency:
''
@ -52,7 +54,9 @@ let
cd ..
''
) dependencies);
)
dependencies
);
# Recursively composes the dependencies of a package
composePackage = { name, packageName, src, dependencies ? [ ], ... }@args:
@ -157,7 +161,7 @@ let
};
in
''
node ${pinpointDependenciesFromPackageJSON} ${ if production then "production" else "development"}
node ${pinpointDependenciesFromPackageJSON} ${if production then "production" else "development"}
${stdenv.lib.optionalString (dependencies != [ ])
''
@ -186,7 +190,8 @@ let
# Extract the Node.js source code which is used to compile packages with
# native bindings
nodeSources = runCommand "node-sources" { } ''
nodeSources = runCommand "node-sources"
{ } ''
tar --no-same-owner --no-same-permissions -xf ${nodejs.src}
mv node-* $out
'';
@ -389,58 +394,57 @@ let
let
extraArgs = removeAttrs args [ "name" "dependencies" "buildInputs" "dontStrip" "dontNpmInstall" "preRebuild" "unpackPhase" "buildPhase" ];
in
stdenv.mkDerivation
({
name = "node_${name}-${version}";
buildInputs = [ tarWrapper python nodejs ]
++ stdenv.lib.optional (stdenv.isLinux) utillinux
++ stdenv.lib.optional (stdenv.isDarwin) libtool
++ buildInputs;
stdenv.mkDerivation ({
name = "node_${name}-${version}";
buildInputs = [ tarWrapper python nodejs ]
++ stdenv.lib.optional (stdenv.isLinux) utillinux
++ stdenv.lib.optional (stdenv.isDarwin) libtool
++ buildInputs;
inherit nodejs;
inherit nodejs;
inherit dontStrip; # Stripping may fail a build for some package deployments
inherit dontNpmInstall preRebuild unpackPhase buildPhase;
inherit dontStrip;# Stripping may fail a build for some package deployments
inherit dontNpmInstall preRebuild unpackPhase buildPhase;
compositionScript = composePackage args;
pinpointDependenciesScript = pinpointDependenciesOfPackage args;
compositionScript = composePackage args;
pinpointDependenciesScript = pinpointDependenciesOfPackage args;
passAsFile = [ "compositionScript" "pinpointDependenciesScript" ];
passAsFile = [ "compositionScript" "pinpointDependenciesScript" ];
installPhase = ''
# Create and enter a root node_modules/ folder
mkdir -p $out/lib/node_modules
cd $out/lib/node_modules
installPhase = ''
# Create and enter a root node_modules/ folder
mkdir -p $out/lib/node_modules
cd $out/lib/node_modules
# Compose the package and all its dependencies
source $compositionScriptPath
# Compose the package and all its dependencies
source $compositionScriptPath
${prepareAndInvokeNPM { inherit packageName bypassCache reconstructLock npmFlags production; }}
${prepareAndInvokeNPM { inherit packageName bypassCache reconstructLock npmFlags production; }}
# Create symlink to the deployed executable folder, if applicable
if [ -d "$out/lib/node_modules/.bin" ]
then
ln -s $out/lib/node_modules/.bin $out/bin
fi
# Create symlink to the deployed executable folder, if applicable
if [ -d "$out/lib/node_modules/.bin" ]
then
ln -s $out/lib/node_modules/.bin $out/bin
fi
# Create symlinks to the deployed manual page folders, if applicable
if [ -d "$out/lib/node_modules/${packageName}/man" ]
then
mkdir -p $out/share
for dir in "$out/lib/node_modules/${packageName}/man/"*
do
mkdir -p $out/share/man/$(basename "$dir")
for page in "$dir"/*
do
ln -s $page $out/share/man/$(basename "$dir")
done
done
fi
# Create symlinks to the deployed manual page folders, if applicable
if [ -d "$out/lib/node_modules/${packageName}/man" ]
then
mkdir -p $out/share
for dir in "$out/lib/node_modules/${packageName}/man/"*
do
mkdir -p $out/share/man/$(basename "$dir")
for page in "$dir"/*
do
ln -s $page $out/share/man/$(basename "$dir")
done
done
fi
# Run post install hook, if provided
runHook postInstall
'';
} // extraArgs);
# Run post install hook, if provided
runHook postInstall
'';
} // extraArgs);
# Builds a development shell
buildNodeShell =
@ -462,53 +466,52 @@ let
}@args:
let
extraArgs = removeAttrs args [ "name" "dependencies" "buildInputs" ];
nodeDependencies = stdenv.mkDerivation
({
name = "node-dependencies-${name}-${version}";
nodeDependencies = stdenv.mkDerivation ({
name = "node-dependencies-${name}-${version}";
buildInputs = [ tarWrapper python nodejs ]
++ stdenv.lib.optional (stdenv.isLinux) utillinux
++ stdenv.lib.optional (stdenv.isDarwin) libtool
++ buildInputs;
buildInputs = [ tarWrapper python nodejs ]
++ stdenv.lib.optional (stdenv.isLinux) utillinux
++ stdenv.lib.optional (stdenv.isDarwin) libtool
++ buildInputs;
inherit dontStrip; # Stripping may fail a build for some package deployments
inherit dontNpmInstall unpackPhase buildPhase;
inherit dontStrip;# Stripping may fail a build for some package deployments
inherit dontNpmInstall unpackPhase buildPhase;
includeScript = includeDependencies { inherit dependencies; };
pinpointDependenciesScript = pinpointDependenciesOfPackage args;
includeScript = includeDependencies { inherit dependencies; };
pinpointDependenciesScript = pinpointDependenciesOfPackage args;
passAsFile = [ "includeScript" "pinpointDependenciesScript" ];
passAsFile = [ "includeScript" "pinpointDependenciesScript" ];
installPhase = ''
mkdir -p $out/${packageName}
cd $out/${packageName}
installPhase = ''
mkdir -p $out/${packageName}
cd $out/${packageName}
source $includeScriptPath
source $includeScriptPath
# Create fake package.json to make the npm commands work properly
cp ${src}/package.json .
chmod 644 package.json
${stdenv.lib.optionalString bypassCache ''
if [ -f ${src}/package-lock.json ]
then
cp ${src}/package-lock.json .
fi
''}
# Create fake package.json to make the npm commands work properly
cp ${src}/package.json .
chmod 644 package.json
${stdenv.lib.optionalString bypassCache ''
if [ -f ${src}/package-lock.json ]
then
cp ${src}/package-lock.json .
fi
''}
# Go to the parent folder to make sure that all packages are pinpointed
cd ..
${stdenv.lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
# Go to the parent folder to make sure that all packages are pinpointed
cd ..
${stdenv.lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
${prepareAndInvokeNPM { inherit packageName bypassCache reconstructLock npmFlags production; }}
${prepareAndInvokeNPM { inherit packageName bypassCache reconstructLock npmFlags production; }}
# Expose the executables that were installed
cd ..
${stdenv.lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
# Expose the executables that were installed
cd ..
${stdenv.lib.optionalString (builtins.substring 0 1 packageName == "@") "cd .."}
mv ${packageName} lib
ln -s $out/lib/node_modules/.bin $out/bin
'';
} // extraArgs);
mv ${packageName} lib
ln -s $out/lib/node_modules/.bin $out/bin
'';
} // extraArgs);
in
stdenv.mkDerivation {
name = "node-shell-${name}-${version}";

100
profiles/common/default.nix
View file

@ -2,102 +2,30 @@
{
imports = [
./secret.nix
../../configurations/direnv/default.nix
../../configurations/git/default.nix
../../configurations/neovim/default.nix
../../configurations/ssh/default.nix
../../configurations/tmux/default.nix
../../configurations/zsh/default.nix
../../modules/zfs.nix
../../overlays/default.nix
../../configurations/direnv.nix
../../configurations/git.nix
../../configurations/locale.nix
../../configurations/neovim.nix
../../configurations/nix-index.nix
../../configurations/nix-store.nix
../../configurations/ssh.nix
../../configurations/tmux.nix
../../configurations/users.nix
../../configurations/zsh.nix
];
# Use latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
i18n = {
defaultLocale = "en_IE.UTF-8";
extraLocaleSettings = {
LC_TIME = "en_GB.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
nix = {
trustedUsers = [ "@wheel" ];
gc = {
automatic = true;
dates = "hourly";
options = "--delete-older-than 7d";
};
optimise = {
automatic = true;
dates = [ "hourly" ];
};
};
home-manager.users.charlotte = { pkgs, ... }: {
home.packages = with pkgs; [
htop
inotify-tools
moreutils
ncdu
nix-index
(import ../../programs/pass/default.nix { inherit pkgs; })
(import ../../programs/ssh/default.nix { inherit pkgs; })
pass
ripgrep
unzip
youtube-dl
];
systemd.user = {
services.nix-index = {
Unit = {
Description = "Service to run nix-index";
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.nix-index}/bin/nix-index";
};
};
timers.nix-index = {
Unit = {
Description = "Timer that starts nix-index every two hours";
PartOf = [ "nix-index.service" ];
};
Timer = {
OnCalendar = "00/2:30";
};
Install = {
WantedBy = [ "default.target" ];
};
};
};
};
services.locate = {
enable = true;
interval = "hourly";
localuser = "charlotte";
};
system.autoUpgrade = {
allowReboot = false;
enable = true;
dates = "hourly";
};
users = {
mutableUsers = false;
defaultUserShell = pkgs.zsh;
users = {
charlotte = {
isNormalUser = true;
home = "/home/charlotte";
description = "Charlotte Van Petegem";
extraGroups = [ "wheel" ];
};
};
};
}

BIN
profiles/common/secret.nix
View file

Binary file not shown.

182
profiles/graphical/default.nix
View file

@ -2,106 +2,46 @@
{
imports = [
./secret.nix
../../configurations/dropbox/default.nix
../../configurations/i3/default.nix
../../configurations/kitty/default.nix
../../configurations/syncthing/default.nix
../../configurations/sway/default.nix
../../configurations/adb.nix
../../configurations/docker.nix
../../configurations/dropbox.nix
../../configurations/firefox.nix
../../configurations/fonts.nix
../../configurations/gnupg.nix
../../configurations/i3.nix
../../configurations/joplin.nix
../../configurations/kernel.nix
../../configurations/kitty.nix
../../configurations/mounts.nix
../../configurations/networkmanager.nix
../../configurations/sound.nix
../../configurations/sway.nix
../../configurations/syncthing.nix
../../configurations/teams.nix
../../configurations/themes.nix
../../configurations/thunderbird.nix
../../configurations/xdg-dirs.nix
];
services.pcscd = {
enable = true;
plugins = [ pkgs.ccid ];
};
sound.enable = true;
hardware.pulseaudio.enable = true;
fonts = {
enableFontDir = true;
fontconfig = {
enable = true;
defaultFonts = {
emoji = [ "Noto Color Emoji" ];
monospace = [ "Fira Code" ];
sansSerif = [ "Noto Sans" ];
serif = [ "Noto Serif" ];
};
};
fonts = with pkgs; [
fira-code
fira-code-symbols
font-awesome_4
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
noto-fonts-extra
];
};
networking = {
hosts = { "127.0.0.1" = [ "dodona.localhost" "sandbox.localhost" ]; };
networkmanager = {
enable = true;
packages = [ pkgs.networkmanager-vpnc ];
wifi.macAddress = "random";
};
};
virtualisation.docker.enable = true;
users.users.charlotte.extraGroups = [
"adbusers"
"docker"
"input"
"networkmanager"
"video"
];
environment.systemPackages = with pkgs; [ eid-mw ];
programs.adb.enable = true;
home-manager.users.charlotte = { pkgs, ... }: {
nixpkgs.config.allowUnfree = true;
home = {
packages = with pkgs; [
chromium
citrix_workspace
deluge
(import ../../programs/firefox/default.nix { inherit pkgs; })
(import ../../programs/gnupg/default.nix { inherit pkgs; })
google-chrome
hledger
joplin-desktop
libreoffice
moreutils
mpv
mumble
networkmanagerapplet
okular
pavucontrol
ranger
slurp
sshfs
teams
thunderbird
vanilla-dmz
wf-recorder
wl-clipboard
xdg-user-dirs
zeroad
];
file = {
".icons/default/index.theme".text = ''
[Icon Theme]
Name=Default
Comment=Default Cursor Theme
Inherits=Vanilla-DMZ
'';
};
};
home.packages = with pkgs; [
chromium
citrix_workspace
deluge
google-chrome
hledger
libreoffice
mpv
mumble
okular
pavucontrol
ranger
slurp
sshfs
wf-recorder
wl-clipboard
zeroad
];
programs.zsh.loginExtra = ''
if [[ -z "$DISPLAY" ]] && [[ $(tty) = "/dev/tty1" ]]; then
exec sway
@ -111,53 +51,5 @@
exec startx
fi
'';
dconf.settings = {
"org/gnome/desktop/interface" = {
gtk-theme = "Arc";
icon-theme = "Arc";
cursor-theme = "Vanilla-DMZ";
};
};
gtk = {
enable = true;
font = {
package = pkgs.noto-fonts;
name = "Noto Sans 10";
};
gtk2.extraConfig = ''
gtk-cursor-theme-name = "Vanilla-DMZ"
gtk-cursor-theme-size = 0
'';
gtk3.extraConfig = {
gtk-cursor-theme-name = "Vanilla-DMZ";
gtk-cursor-theme-size = 0;
};
iconTheme = {
package = pkgs.arc-icon-theme;
name = "Arc";
};
theme = {
package = pkgs.arc-theme;
name = "Arc";
};
};
qt = {
enable = true;
platformTheme = "gtk";
};
xdg = {
enable = true;
userDirs = {
enable = true;
desktop = "\$HOME/desktop";
documents = "\$HOME/documents";
download = "\$HOME/downloads";
music = "\$HOME/music";
pictures = "\$HOME/pictures";
publicShare = "\$HOME/desktop";
templates = "\$HOME/templates";
videos = "\$HOME/videos";
};
};
};
}

BIN
profiles/graphical/secret.nix
View file

Binary file not shown.

7
programs/firefox/default.nix
View file

@ -1,7 +0,0 @@
{ pkgs }:
(pkgs.firefox.override {
extraNativeMessagingHosts = [
(pkgs.passff-host.override { pass = (import ../../programs/pass/default.nix { inherit pkgs; }); })
];
})

3
programs/gnupg/default.nix
View file

@ -1,3 +0,0 @@
{ pkgs }:
pkgs.gnupg.override { guiSupport = true; }

3
programs/pass/default.nix
View file

@ -1,3 +0,0 @@
{ pkgs }:
(pkgs.pass-wayland.override { pass = pkgs.pass-wayland; }).withExtensions (ext: [ ext.pass-otp ext.pass-genphrase ])

16
programs/ssh/default.nix
View file

@ -1,16 +0,0 @@
{ pkgs }:
pkgs.symlinkJoin {
name = "openssh";
paths = [
(
pkgs.writeScriptBin "ssh" ''
#!${pkgs.zsh}/bin/zsh
export TERM=xterm-256color
${pkgs.openssh}/bin/ssh $@
''
)
pkgs.openssh
];
}