iiogama/confix
iiogama
/
confix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: iiogama:f69ef5536e14dd6c7999e0066fbb3b4bbde89526
Branches Tags
iiogama:master
iiogama:flake-packages
...
compare: iiogama:3d85329ca7ed7e0c15de35df33ce783211f5cc83
Branches Tags
iiogama:master
iiogama:flake-packages

10 Commits
f69ef5536e ... 3d85329ca7

Author SHA1 Message Date
Thai Noodles 3d85329ca7 Added some packages, added some ssh and vim configurations, sorted packages in categories, and adjusted config with buckwheat hardware changes 2023-12-13 18:03:02 -08:00
Thai Noodles 8a30bc1889 Created nixos configuration files to catagorize packages. 2023-12-05 19:41:31 -08:00
Thai Noodles 101ba89cb1 Created cmus_refresh_library systemd user timer. 2023-12-03 18:25:44 -08:00
Thai Noodles 40a75aa619 "Added vm home configuration and changed vm username back to ii" 2023-11-23 14:26:54 -08:00
Thai Noodles 769ae73f68 Edited PS1 to end with a newline, added phetch package to nixos/cli.nix, and edited sxhkd volume controls to one line 2023-11-23 10:58:06 -08:00
Thai Noodles 0b5c56e36a Added some packages to nixos/cli.nix 2023-11-22 22:24:22 -08:00
Thai Noodles e903adb978 sc-im and cmus are commented out because build fails with either of them. 2023-11-22 17:35:20 -08:00
Thai Noodles c1b9bb45cb Added sc-im package, commented out system.autoUpgrade for flake configuration research, and made some organization edits. 2023-11-22 17:32:43 -08:00
Thai Noodles 29740c5a24 Created fireweed host configuration flake 2023-11-21 18:24:59 -08:00
Thai Noodles 8747442203 Readded tmux.enable = true; to home-manager/all.nix, and testing build. I suspect that's required for .config/tmux to be created, missing after last build 2023-11-18 10:01:55 -08:00
29 changed files with 714 additions and 998 deletions
Show Stats Expand all files Collapse all files

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
build.log
flake.lock

45
README.md
View File

@ -15,6 +15,8 @@ sudo nixos-rebuild switch --flake ".#<hostname>" --update-input nixpkgs --commit
## How to install new system with flake
### Method 1
1. Boot into live NixOS disk and run the following commands:
```
sudo su
@ -28,6 +30,31 @@ sudo rm -r /etc/nixos/configuration.nix
```
3. Move build to desired location.
### Method 2
1. Boot into live NixOS disk
2. Install NixOS
3. Add the following changes:
```/etc/nixos/configuration.nix
environment.systemPackages = with pkgs; [
git
];
services.openssh.enable = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
```
4. Run the following command:
```
sudo nixos-rebuild switch
```
5. Grab the IP address with the following command:
```
ip addr
```
6. Copy a flake repo from the host machine:
```
rsync -avz <repo directory> <user>@<ip addr>:
```
## Nix commands to remember
```
@ -35,20 +62,4 @@ nix flake update
nix run nixpkgs#<package>
```
## Resources
- [Zero To Nix](https://zero-to-nix.com)
- [The Cute World's NixOS Guide](https://thiscute.world/en/posts/nixos-and-flake-basics/)
- [NixOS Wiki](https://nixos.wiki/)
- [The Nix Hour YouTube Playlist](https://www.youtube.com/playlist?list=PLyzwHTVJlRc8yjlx4VR4LU5A5O44og9in)
- [Nixology YouTube Playlist](https://www.youtube.com/playlist?list=PLRGI9KQ3_HP_OFRG6R-p4iFgMSK1t5BHs)
- [Nixcloud](https://nixcloud.io)
## Todo
- [ ] Create additional host configurations
- [ ] Implement the Impermanence module
- [ ] Create specific software installations (i.e. gui, gaming, kali-collection, etc)
- [ ] Implement [Agenix](https://nixos.wiki/wiki/Agenix) or Sopsnix
- [ ] Implement [Stylix](https://danth.github.io/stylix/)
- [ ] Implement [MicroVM.nix](https://github.com/astro/microvm.nix)
[Resources](https://pinboard.in/u:iiogama/t:nix/)

719
build.log
View File

@ -1,719 +0,0 @@
warning: Git tree '/home/ii/Software/git/nix/confix' is dirty
Using saved setting for 'experimental-features = nix-command flakes' from ~/.local/share/nix/trusted-settings.json.
building the system configuration...
warning: Git tree '/home/ii/Software/git/nix/confix' is dirty
Using saved setting for 'experimental-features = nix-command flakes' from ~/.local/share/nix/trusted-settings.json.
trace: warning: optionsDocBook is deprecated since 23.11 and will be removed in 24.05
trace: warning: optionsDocBook is deprecated since 23.11 and will be removed in 24.05
trace: warning: optionsDocBook is deprecated since 23.11 and will be removed in 24.05
error:
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:846:24:
845| let f = attrPath:
846| zipAttrsWith (n: values:
| ^
847| let here = attrPath ++ [n]; in
… while calling 'g'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:629:19:
628| g =
629| name: value:
| ^
630| if isAttrs value && cond value
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:632:20:
631| then recurse (path ++ [name]) value
632| else f (path ++ [name]) value;
| ^
633| in mapAttrs g;
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:242:72:
241| # For definitions that have an associated option
242| declaredConfig = mapAttrsRecursiveCond (v: ! isOption v) (_: v: v.value) options;
| ^
243|
… while evaluating the option `system.build.toplevel':
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:822:28:
821| # Process mkMerge and mkIf properties.
822| defs' = concatMap (m:
| ^
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
… while evaluating definitions from `/nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/activation/top-level.nix':
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:823:137:
822| defs' = concatMap (m:
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
| ^
824| ) defs;
… while calling 'dischargeProperties'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:894:25:
893| */
894| dischargeProperties = def:
| ^
895| if def._type or "" == "merge" then
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/activation/top-level.nix:71:12:
70| # Replace runtime dependencies
71| system = foldr ({ oldDependency, newDependency }: drv:
| ^
72| pkgs.replaceDependency { inherit oldDependency newDependency drv; }
… while calling 'foldr'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/lists.nix:53:20:
52| */
53| foldr = op: nul: list:
| ^
54| let
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/lists.nix:60:8:
59| else op (elemAt list n) (fold' (n + 1));
60| in fold' 0;
| ^
61|
… while calling 'fold''
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/lists.nix:56:15:
55| len = length list;
56| fold' = n:
| ^
57| if n == len
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/activation/top-level.nix:68:10:
67| then throw "\nFailed assertions:\n${concatStringsSep "\n" (map (x: "- ${x}") failedAssertions)}"
68| else showWarnings config.warnings baseSystem;
| ^
69|
… while calling 'showWarnings'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/trivial.nix:414:28:
413|
414| showWarnings = warnings: res: lib.foldr (w: x: warn w x) res warnings;
| ^
415|
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/trivial.nix:414:33:
413|
414| showWarnings = warnings: res: lib.foldr (w: x: warn w x) res warnings;
| ^
415|
… while calling 'foldr'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/lists.nix:53:20:
52| */
53| foldr = op: nul: list:
| ^
54| let
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/lists.nix:60:8:
59| else op (elemAt list n) (fold' (n + 1));
60| in fold' 0;
| ^
61|
… while calling 'fold''
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/lists.nix:56:15:
55| len = length list;
56| fold' = n:
| ^
57| if n == len
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/activation/top-level.nix:48:16:
47| # makes it bootable. See `activatable-system.nix`.
48| baseSystem = pkgs.stdenvNoCC.mkDerivation ({
| ^
49| name = "nixos-system-${config.system.name}-${config.system.nixos.label}";
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/pkgs/stdenv/generic/make-derivation.nix:548:3:
547| in
548| fnOrAttrs:
| ^
549| if builtins.isFunction fnOrAttrs
… while calling 'g'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:629:19:
628| g =
629| name: value:
| ^
630| if isAttrs value && cond value
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:632:20:
631| then recurse (path ++ [name]) value
632| else f (path ++ [name]) value;
| ^
633| in mapAttrs g;
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:242:72:
241| # For definitions that have an associated option
242| declaredConfig = mapAttrsRecursiveCond (v: ! isOption v) (_: v: v.value) options;
| ^
243|
… while evaluating the option `system.systemBuilderArgs':
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:844:59:
843| if isDefined then
844| if all (def: type.check def.value) defsFinal then type.merge loc defsFinal
| ^
845| else let allInvalid = filter (def: ! type.check def.value) defsFinal;
… while calling 'merge'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/types.nix:540:20:
539| check = isAttrs;
540| merge = loc: defs:
| ^
541| mapAttrs (n: v: v.value) (filterAttrs (n: v: v ? value) (zipAttrsWith (name: defs:
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/types.nix:541:35:
540| merge = loc: defs:
541| mapAttrs (n: v: v.value) (filterAttrs (n: v: v ? value) (zipAttrsWith (name: defs:
| ^
542| (mergeDefinitions (loc ++ [name]) elemType defs).optionalValue
… while calling 'filterAttrs'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:309:5:
308| # The attribute set to filter
309| set:
| ^
310| listToAttrs (concatMap (name: let v = set.${name}; in if pred name v then [(nameValuePair name v)] else []) (attrNames set));
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:310:29:
309| set:
310| listToAttrs (concatMap (name: let v = set.${name}; in if pred name v then [(nameValuePair name v)] else []) (attrNames set));
| ^
311|
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:310:62:
309| set:
310| listToAttrs (concatMap (name: let v = set.${name}; in if pred name v then [(nameValuePair name v)] else []) (attrNames set));
| ^
311|
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/types.nix:541:51:
540| merge = loc: defs:
541| mapAttrs (n: v: v.value) (filterAttrs (n: v: v ? value) (zipAttrsWith (name: defs:
| ^
542| (mergeDefinitions (loc ++ [name]) elemType defs).optionalValue
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/types.nix:541:86:
540| merge = loc: defs:
541| mapAttrs (n: v: v.value) (filterAttrs (n: v: v ? value) (zipAttrsWith (name: defs:
| ^
542| (mergeDefinitions (loc ++ [name]) elemType defs).optionalValue
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:822:28:
821| # Process mkMerge and mkIf properties.
822| defs' = concatMap (m:
| ^
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
… while evaluating definitions from `/nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/activation/activatable-system.nix':
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:823:137:
822| defs' = concatMap (m:
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
| ^
824| ) defs;
… while calling 'dischargeProperties'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:894:25:
893| */
894| dischargeProperties = def:
| ^
895| if def._type or "" == "merge" then
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/activation/activation-script.nix:137:18:
136| apply = set: set // {
137| script = systemActivationScript set false;
| ^
138| };
… while calling 'systemActivationScript'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/activation/activation-script.nix:20:33:
19|
20| systemActivationScript = set: onlyDry: let
| ^
21| set' = mapAttrs (_: v: if isString v then (noDepEntry v) // { supportsDryActivation = false; } else v) set;
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/activation/activation-script.nix:49:9:
48|
49| ${textClosureMap id (withDrySnippets) (attrNames withDrySnippets)}
| ^
50|
… while calling 'textClosureMap'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/strings-with-deps.nix:75:35:
74|
75| textClosureMap = f: predefined: names:
| ^
76| concatStringsSep "\n" (map f (textClosureList predefined names));
… while calling 'id'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/trivial.nix:14:5:
13| # The value to return
14| x: x;
| ^
15|
… while calling 'g'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:629:19:
628| g =
629| name: value:
| ^
630| if isAttrs value && cond value
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:632:20:
631| then recurse (path ++ [name]) value
632| else f (path ++ [name]) value;
| ^
633| in mapAttrs g;
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:242:72:
241| # For definitions that have an associated option
242| declaredConfig = mapAttrsRecursiveCond (v: ! isOption v) (_: v: v.value) options;
| ^
243|
… while evaluating the option `system.activationScripts.etc.text':
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:822:28:
821| # Process mkMerge and mkIf properties.
822| defs' = concatMap (m:
| ^
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
… while evaluating definitions from `/nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/etc/etc-activation.nix':
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:823:137:
822| defs' = concatMap (m:
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
| ^
824| ) defs;
… while calling 'dischargeProperties'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:894:25:
893| */
894| dischargeProperties = def:
| ^
895| if def._type or "" == "merge" then
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:846:24:
845| let f = attrPath:
846| zipAttrsWith (n: values:
| ^
847| let here = attrPath ++ [n]; in
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/types.nix:565:29:
564| merge = loc: defs:
565| zipAttrsWith (name: defs:
| ^
566| let merged = mergeDefinitions (loc ++ [name]) elemType defs;
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:822:28:
821| # Process mkMerge and mkIf properties.
822| defs' = concatMap (m:
| ^
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
… while evaluating definitions from `/nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/etc/etc.nix':
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:823:137:
822| defs' = concatMap (m:
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
| ^
824| ) defs;
… while calling 'dischargeProperties'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:894:25:
893| */
894| dischargeProperties = def:
| ^
895| if def._type or "" == "merge" then
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:88:39:
87| then value
88| else { ${elemAt attrPath n} = atDepth (n + 1); };
| ^
89| in atDepth 0;
… while calling 'atDepth'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:85:17:
84| len = length attrPath;
85| atDepth = n:
| ^
86| if n == len
… while evaluating derivation 'etc'
whose name attribute is located at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/pkgs/stdenv/generic/make-derivation.nix:300:7
… while evaluating attribute 'buildCommand' of derivation 'etc'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/pkgs/build-support/trivial-builders/default.nix:87:14:
86| enableParallelBuilding = true;
87| inherit buildCommand name;
| ^
88| passAsFile = [ "buildCommand" ]
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/etc/etc.nix:54:7:
53| mkdir -p "$out/etc"
54| ${concatMapStringsSep "\n" (etcEntry: escapeShellArgs [
| ^
55| "makeEtcEntry"
… while calling 'concatMapStringsSep'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/strings.nix:117:5:
116| # List of input strings
117| list: concatStringsSep sep (map f list);
| ^
118|
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/etc/etc.nix:54:33:
53| mkdir -p "$out/etc"
54| ${concatMapStringsSep "\n" (etcEntry: escapeShellArgs [
| ^
55| "makeEtcEntry"
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/etc/etc.nix:54:43:
53| mkdir -p "$out/etc"
54| ${concatMapStringsSep "\n" (etcEntry: escapeShellArgs [
| ^
55| "makeEtcEntry"
… while calling 'concatMapStringsSep'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/strings.nix:117:5:
116| # List of input strings
117| list: concatStringsSep sep (map f list);
| ^
118|
… while calling 'escapeShellArg'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/strings.nix:429:20:
428| */
429| escapeShellArg = arg: "'${replaceStrings ["'"] ["'\\''"] (toString arg)}'";
| ^
430|
… while calling 'g'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:629:19:
628| g =
629| name: value:
| ^
630| if isAttrs value && cond value
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:632:20:
631| then recurse (path ++ [name]) value
632| else f (path ++ [name]) value;
| ^
633| in mapAttrs g;
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:242:72:
241| # For definitions that have an associated option
242| declaredConfig = mapAttrsRecursiveCond (v: ! isOption v) (_: v: v.value) options;
| ^
243|
… while evaluating the option `environment.etc."iproute2/bpf_pinning".source':
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:822:28:
821| # Process mkMerge and mkIf properties.
822| defs' = concatMap (m:
| ^
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
… while evaluating definitions from `/nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/system/etc/etc.nix':
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:823:137:
822| defs' = concatMap (m:
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
| ^
824| ) defs;
… while calling 'dischargeProperties'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:894:25:
893| */
894| dischargeProperties = def:
| ^
895| if def._type or "" == "merge" then
… while calling 'g'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:629:19:
628| g =
629| name: value:
| ^
630| if isAttrs value && cond value
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/attrsets.nix:632:20:
631| then recurse (path ++ [name]) value
632| else f (path ++ [name]) value;
| ^
633| in mapAttrs g;
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:242:72:
241| # For definitions that have an associated option
242| declaredConfig = mapAttrsRecursiveCond (v: ! isOption v) (_: v: v.value) options;
| ^
243|
… while evaluating the option `environment.etc."iproute2/bpf_pinning".text':
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:822:28:
821| # Process mkMerge and mkIf properties.
822| defs' = concatMap (m:
| ^
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
… while evaluating definitions from `/nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/config/iproute2.nix':
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:823:137:
822| defs' = concatMap (m:
823| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
| ^
824| ) defs;
… while calling 'dischargeProperties'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/modules.nix:894:25:
893| */
894| dischargeProperties = def:
| ^
895| if def._type or "" == "merge" then
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/nixos/modules/config/iproute2.nix:21:70:
20| config = mkIf cfg.enable {
21| environment.etc."iproute2/bpf_pinning" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/bpf_pinning"; };
| ^
22| environment.etc."iproute2/ematch_map" = { mode = "0644"; text = fileContents "${pkgs.iproute2}/etc/iproute2/ematch_map"; };
… while calling 'fileContents'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/strings.nix:1139:18:
1138| */
1139| fileContents = file: removeSuffix "\n" (readFile file);
| ^
1140|
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/strings.nix:1139:24:
1138| */
1139| fileContents = file: removeSuffix "\n" (readFile file);
| ^
1140|
… while calling 'removeSuffix'
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/strings.nix:653:5:
652| # Input string
653| str:
| ^
654| # Before 23.05, paths would be copied to the store before converting them
… from call site
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/strings.nix:656:5:
655| # to strings and comparing. This was surprising and confusing.
656| warnIf
| ^
657| (isPath suffix)
… while calling anonymous lambda
at /nix/store/z1nvpjx9vd4151vx2krxzmx2p1a36pf9-source/lib/trivial.nix:357:50:
356| */
357| warnIf = cond: msg: if cond then warn msg else x: x;
| ^
358|
error: getting status of '/nix/store/fijy0dlyk5b06ay7nxg88lr7bp13hpjb-iproute2-6.5.0/etc': No such file or directory

12
flake.lock
View File

@ -7,11 +7,11 @@
]
},
"locked": {
"lastModified": 1695738267,
"narHash": "sha256-LTNAbTQ96xSj17xBfsFrFS9i56U2BMLpD0BduhrsVkU=",
"lastModified": 1701728041,
"narHash": "sha256-x0pyrI1vC8evVDxCxyO6olOyr4wlFg9+VS3C3p4xFYQ=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "0f4e5b4999fd6a42ece5da8a3a2439a50e48e486",
"rev": "ac7216918cd65f3824ba7817dea8f22e61221eaf",
"type": "github"
},
"original": {
@ -22,11 +22,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1698611440,
"narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=",
"lastModified": 1701718080,
"narHash": "sha256-6ovz0pG76dE0P170pmmZex1wWcQoeiomUZGggfH9XPs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735",
"rev": "2c7f3c0fb7c08a0814627611d9d7d45ab6d75335",
"type": "github"
},
"original": {

17
home-manager/all.nix
View File

@ -40,6 +40,11 @@
"*~"
"*.swp"
];
extraConfig = {
global = {
init.defaultbranch = "main";
};
};
};
programs.neovim = {
enable = true;
@ -54,8 +59,11 @@
set relativenumber
set splitbelow
set splitright
set tabstop=4
set shiftwidth=4
set tabstop=2
set shiftwidth=2
if filereadable(expand(".vim-project"))
source .vim-project
endif
'';
};
programs.lf = {
@ -70,6 +78,7 @@
};
};
programs.tmux = {
enable = true;
baseIndex = 1;
clock24 = true;
keyMode = "vi";
@ -110,6 +119,10 @@
bind -n C-j select-pane -D
bind -n C-k select-pane -U
bind -n C-l select-pane -R
bind -n M-h select-pane -L
bind -n M-j select-pane -D
bind -n M-k select-pane -U
bind -n M-l select-pane -R
# Set status bar postition
set -g status-position top

5
home-manager/dots/bashrc
View File

@ -4,11 +4,14 @@ set -o vi
unset HISTFILE
# Functions
function search() {
surfraw $(surfraw -elvi | fzf | awk '{print $1;}')
}
function mkcd {
mkdir -p $1
cd $1
}
function ukr () {
function ukr() {
read -rsp "Password: " PASS
export $(echo -n "$PASS" | gnome-keyring-daemon --replace --unlock)
unset PASS

31
home-manager/dots/bspwm/bspwmrc
View File

@ -1,31 +0,0 @@
#! /bin/sh
bspc monitor DP-1 -d 1 2 3 4 5
bspc monitor DP-2 -d 6 7 8 9 0
bspc config border_width 1
bspc config focus_follows_pointer true
bspc config pointer_follows_focus false
bspc config top_padding 0
bspc config window_gap 24
bspc config split_ratio 0.55
bspc config borderless_monocle false
bspc config gapless_monocle false
bspc config focused_border_color '#bd93f9'
bspc config normal_border_color '#282a36'
bspc config presel_feedback_color '#282a36'
bspc rule -a Wrapper-2.0 \
state=floating border=off focus=on
bspc rule -a mpv \
state=floating sticky=on follow=off focus=on \
rectangle=640x360+1920+1080
bspc rule -a "*:Toolkit:Picture-in-Picture" \
state=floating sticky=on follow=off focus=on \
rectangle=640x360+1920+1080
bspc rule -a discord:discord: desktop='2'
bspc rule -a Signal:signal: desktop='2'
bspc rule -a steam:steamwebhelper: desktop='9'
bspc rule -a trayer:panel: border=off manage=off
bspc rule -a xdragon:Xdragon state=floating sticky=on

1
home-manager/dots/catgirl/libera
View File

@ -1,3 +1,4 @@
nick = iiogama
real = iiogama
host = irc.libera.chat
join = #nixos

33
home-manager/dots/sxhkd/sxhkdrc
View File

@ -8,11 +8,11 @@ super + Return
# terminal emulator with tmux session menu
super + shift + Return
st -e tmux
st -e "iitmux"
# program launcher
super + @space
iixm
iixmenu
# screenshot shortcut
super + shift + s
@ -23,26 +23,21 @@ super + v
clipmenu
# volume controls
super + shift + comma
notify-desktop "Volume is now $(amixer sset Master 5%- | awk -F '[][]' '/Right:/ \{ print $2 \}')"
super + shift + period
notify-desktop "Volume is now $(amixer sset Master 5%+ | awk -F '[][]' '/Right:/ \{ print $2 \}')"
super + shift + bracket{left,right}
notify-desktop "Volume is now $(amixer sset Master 5%{-,+} | awk -F '[][]' '/Right:/ \{ print $2 \}')"
# make sxhkd reload its configuration files:
super + shift + r
super + r
pkill -USR1 -x sxhkd; notify-desktop "sxhkd config reloaded"
#
# bspwm hotkeys
#
# quit/restart bspwm
super + alt + {q,r}
bspc {quit,wm -r}
super + shift + r
bspc wm -r; notify-desktop "bspwm config reloaded"
# close and kill
super + {_,shift + }w
bspc node -{c,k}
super + w
bspc node -c
super + q
test "$(printf 'Yes\nNo\n' | dmenu -i -p 'Kill node? ')" = "Yes" && bspc node -k
# alternate between the tiled and monocle layout
super + z
@ -61,8 +56,10 @@ super + g
#
# set the window state
super + {t,shift + t,f,shift + f}
bspc node -t {\~tiled,\~pseudo_tiled,\~fullscreen,\~floating}
super + {t,shift + t,f}
bspc node -t {\~tiled,\~pseudo_tiled,\~floating}
F11
bspc node -t \~fullscreen
# set the node flags
super + ctrl + {m,x,y,z}

5
home-manager/dots/xinitrc
View File

@ -3,15 +3,14 @@ test -z "$DBUS_SESSION_BUS_ADDRESS" && eval $(dbus-launch --exit-with-session --
systemctl --user import-environment DISPLAY XAUTHORITY
command -v dbus-update-activation-environment >/dev/null 2>&1 && dbus-update-activation-environment DISPLAY XAUTHORITY
xrdb ~/.Xresources &
hsetroot -solid "#282a36" &
xrandr --output DP-1 --primary --mode 2560x1440 --pos 0x560 --rotate normal --rate "164.99" --output DP-2 --mode 2560x1440 --pos 2560x0 --rotate left --rate "164.99" --output DP-3 --off --output HDMI-1 --off --output HDMI-1-2 --off &
picom &
hsetroot -solid "#282a36" &
xbanish &
dunst &
clipmenud &
trayer --edge bottom --align right --margin 0 --widthtype request --SetDockType true --transparent true --alpha 255 &
nm-applet &
#pa-applet &
mullvad-gui &
sxhkd &
xrandr --output DP-1 --primary --mode 2560x1440 --rotate normal --rate "164.99" --output DP-2 --mode 2560x1440 --rotate normal --rate "164.99" --right-of DP-1 &
exec bspwm

113
home-manager/gui.nix
View File

@ -1,5 +1,5 @@
# GUI home.nix
{ config, lib, pkgs, inputs, user, ... }:
# GUI home.nix
{ config, lib, pkgs, inputs, user, ... }:
{
xresources.properties = {
"*.foreground" = "#f8f8f2";
@ -40,13 +40,51 @@
target = ".xinitrc";
};
};
xdg.configFile = {
"bspwm" = {
source = ./dots/bspwm;
target = "bspwm";
recursive = true;
executable = true;
xsession.windowManager.bspwm = {
enable = true;
rules = {
"Wrapper-2.0" = {
state = "floating";
border = false;
focus = true;
};
"mpv" = {
state = "floating";
sticky = true;
follow = false;
focus = true;
};
"*:Toolkit:Picture-in-Picture" = {
state = "floating";
sticky = true;
follow = false;
focus = true;
};
"trayer:panel:" = {
border = false;
manage = false;
};
"xdragon:Xdragon:" = {
state = "floating";
sticky = true;
};
};
settings = {
automatic_scheme = "alternate";
split_ratio = 0.60;
focus_follows_pointer = true;
pointer_follows_focus = false;
border_width = 1;
top_padding = 0;
window_gap = 24;
borderless_monocle = false;
gapless_monocle = false;
focused_border_color = "#bd93f9";
normal_border_color = "#282a36";
presel_feedback_color = "#282a36";
};
};
xdg.configFile = {
"dunst" = {
source = ./dots/dunst;
target = "dunst";
@ -77,63 +115,4 @@
name = "Comic Mono";
};
};
programs = {
hexchat = {
enable = true;
channels = {
darkscience = {
autojoin = [
"#darkscience"
];
nickname = "${user.long}";
userName = "${user.long}";
servers = [
"irc.darkscience.net"
];
};
libera = {
autojoin = [
"#nixos"
];
loginMethod = "sasl";
nickname = "${user.long}";
servers = [
"irc.libera.chat"
];
userName = "${user.long}";
};
sdf = {
autojoin = [
"#anonradio"
"#sdf"
];
nickname = "${user.long}";
userName = "${user.long}";
servers = [
"irc.sdf.org"
];
};
tilde = {
autojoin = [
"#ascii.town"
];
nickname = "${user.long}";
userName = "${user.long}";
servers = [
"irc.tilde.chat"
];
};
};
};
};
#home.packages = with pkgs; [
# (dmenu.overrideAttrs (oldAttrs: rec {
# configFile = writeText "config.def.h" (builtins.readFile ../patches/dmenu/config.h);
# postPatch = "${oldAttrs.postPatch}\n cp ${configFile} config.def.h";
# }))
# (st.overrideAttrs (oldAttrs: rec {
# configFile = writeText "config.def.h" (builtins.readFile ../patches/st/config.h);
# postPatch = "${oldAttrs.postPatch}\n cp ${configFile} config.def.h";
# }))
#];
}

103
hosts/buckwheat/configuration.nix
View File

@ -17,32 +17,21 @@ in
efi.efiSysMountPoint = "/boot/efi";
timeout = 2;
};
# Hardware-configuration edits
kernel.sysctl."net.ipv4.ip_forward" = 1;
# Clean /tmp at boot
tmp.cleanOnBoot = true;
};
networking = {
hostName = "${hostname}"; # Define your hostname.
hostName = "${hostname}";
firewall = {
# To disable the firewall altogether:
# enable = false;
allowedTCPPorts = [ 445 139 ];
allowedUDPPorts = [ 137 138 ];
};
# Proxy configuration
# proxy = {
# default = "http://user:password@proxy:port/";
# noProxy = "127.0.0.1,localhost,internal.domain";
# };
};
users.users.${user.name} = {
extraGroups = [ "libvirtd" "transmission" "davfs2" ];
packages = [
environment = {
systemPackages = with pkgs; [
virtiofsd
];
};
virtualisation.libvirtd.enable = true;
services = {
davfs2 = {
enable = true;
@ -59,63 +48,35 @@ in
enable = true;
mountOnMedia = true;
};
# Enable automatic login for the user.
# getty.autologinUser = "${user.name}";
};
virtualisation.libvirtd.enable = true;
# Borg backup configuration
services.borgbackup.jobs."daily" = {
paths = [
"/home"
];
exclude = [
"/home/*/go/bin"
"/home/*/go/pkg"
];
repo = "/mnt/daily/buckwheat";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /root/borgbackup/passphrase";
};
compression = "auto,lzma";
startAt = "daily";
prune.keep = {
within = "7d";
borgbackup = {
jobs."daily" = {
paths = [
"/home"
"/var"
];
exclude = [
"/home/*/go/bin"
"/home/*/go/pkg"
];
repo = "/mnt/archive/buckwheat";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /root/borgbackup/passphrase";
};
compression = "auto,lzma";
startAt = "daily";
prune.keep = {
within = "30d";
};
};
};
};
services.borgbackup.jobs."weekly" = {
paths = [
"/home"
programs.virt-manager.enable = true;
users.users.${user.name} = {
extraGroups = [ "davfs2" "libvirtd" "transmission" ];
packages = with pkgs; [
mixxx
polychromatic
];
exclude = [
"/home/*/go/bin"
"/home/*/go/pkg"
];
repo = "/mnt/weekly/buckwheat";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /root/borgbackup/passphrase";
};
compression = "auto,lzma";
startAt = "weekly";
};
#services.borgbackup.jobs."borgbase" = {
# paths = [
# "/home"
# ];
# exclude = [
# "/home/*/go/bin"
# "/home/*/go/pkg"
# ];
# repo = "<repo_hash>.repo.borgbase.com:repo";
# encryption = {
# mode = "repokey-blake2";
# passCommand = "cat /root/borgbackup/passphrase";
# };
# environment.BORG_RSH = "ssh -i /root/borgbackup/ssh_key";
# compression = "auto,lzma";
# startAt = "daily";
#};
}

35
hosts/buckwheat/hardware-configuration.nix
View File

@ -1,50 +1,32 @@
# Buckwheat hardware-configuration.nix
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "uas" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [ "kvm-intel" ];
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/c9833e85-0ea9-45a9-b65d-039c8c4f71f3";
fsType = "ext4";
};
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/5E0D-1487";
fsType = "vfat";
};
fileSystems."/mnt/daily" = {
device = "/dev/disk/by-uuid/bfdd61f6-2d26-4140-94ac-e60c21636dde";
fileSystems."/home" = {
device = "/dev/disk/by-uuid/eab792a7-ffd3-4963-9b9a-fd0c7dd63cf8";
fsType = "ext4";
};
fileSystems."/mnt/weekly" = {
device = "/dev/disk/by-uuid/56f7fd65-bf5d-4ce6-830a-ea8fbf6610af";
fileSystems."/mnt/archive" = {
device = "/dev/disk/by-uuid/9c89ad29-6fba-47b7-b239-09e7ed7eb49f";
fsType = "ext4";
};
fileSystems."/mnt/videos" = {
device = "/dev/disk/by-uuid/e1f9cf9a-4147-4849-83e2-4baa342b6400";
fsType = "ext4";
};
#fileSystems."/media" =
# { device = "/mnt/videos";
# fsType = "none";
# options = [ "bind" ];
# };
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
@ -57,7 +39,6 @@
# networking.interfaces.virbr3.useDHCP = lib.mkDefault true;
# networking.interfaces.wg-mullvad.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

61
hosts/buckwheat/home.nix
View File

@ -1,10 +1,32 @@
# Buckwheat home.nix
{ config, lib, pkgs, inputs, user, ... }:
{
home.packages = with pkgs; [
mixxx
virt-manager
];
xsession.windowManager.bspwm = {
monitors = {
DP-1 = [
"1"
"2"
"3"
"4"
"5"
];
DP-2 = [
"6"
"7"
"8"
"9"
"0"
];
};
rules = {
"mpv" = {
rectangle = "640x360+1920+1080";
};
"*:Toolkit:Picture-in-Picture" = {
rectangle = "640x360+1920+1080";
};
};
};
services = {
udiskie = {
enable = true;
@ -20,4 +42,35 @@
};
};
};
systemd.user.services = {
cmus-library-refresh = {
Unit = {
Description = "cmus library refresh to add any new songs";
};
Service = {
Type = "oneshot";
ExecStart = toString (
pkgs.writeShellScript "cmus-library-refresh" ''
set -eou pipefail
${pkgs.bash}/bin/bash "/home/${user.name}/.local/bin/cmus_library_refresh.sh";
''
);
};
Install.WantedBy = [ "default.target" ];
};
};
systemd.user.timers = {
cmus_library_refresh = {
Unit = {
Description = "cmus library refresh to add any new songs";
Documentation = [ "man:cmus-remote(1)" ];
};
Timer = {
Unit = "cmus_library_refresh";
OnBootSec = "5m";
OnUnitActiveSec = "1h";
};
Install.WantedBy = [ "timers.target" ];
};
};
}

48
hosts/default.nix
View File

@ -7,8 +7,10 @@
modules = [
../nixos/all.nix
../nixos/cli.nix
../nixos/chat.nix
../nixos/gui.nix
../nixos/gaming.nix
../nixos/office.nix
./buckwheat/configuration.nix
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
@ -25,4 +27,50 @@
}
];
};
fireweed = lib.nixosSystem {
inherit system;
specialArgs = { inherit user inputs; };
modules = [
../nixos/all.nix
../nixos/cli.nix
../nixos/gui.nix
../nixos/office.nix
../nixos/pentest.nix
./fireweed/configuration.nix
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user.name} = {
imports = [
../home-manager/all.nix
../home-manager/cli.nix
../home-manager/gui.nix
./fireweed/home.nix
];
};
}
];
};
vm = lib.nixosSystem {
inherit system;
specialArgs = { inherit user inputs; };
modules = [
../nixos/all.nix
../nixos/cli.nix
./vm/configuration.nix
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user.name} = {
imports = [
../home-manager/all.nix
../home-manager/cli.nix
./vm/home.nix
];
};
}
];
};
}

61
hosts/fireweed/configuration.nix Normal file
View File

@ -0,0 +1,61 @@
# Fireweed configuration.nix
{ config, lib, pkgs, inputs, user, ... }:
let
hostname="fireweed";
in
{
imports = [
./hardware-configuration.nix
];
boot = {
loader = {
systemd-boot = {
enable = true;
configurationLimit = 10;
};
efi.canTouchEfiVariables = true;
efi.efiSysMountPoint = "/boot/efi";
timeout = 2;
};
# Hardware-configuration edits
kernel.sysctl."net.ipv4.ip_forward" = 1;
# Clean /tmp at boot
tmp.cleanOnBoot = true;
};
networking = {
hostName = "${hostname}"; # Define your hostname.
firewall = {
# To disable the firewall altogether:
# enable = false;
allowedTCPPorts = [ 445 139 ];
allowedUDPPorts = [ 137 138 ];
};
# Proxy configuration
# proxy = {
# default = "http://user:password@proxy:port/";
# noProxy = "127.0.0.1,localhost,internal.domain";
# };
};
users.users.${user.name} = {
extraGroups = [ "davfs2" ];
packages = with pkgs; [
];
};
services = {
davfs2 = {
enable = true;
};
mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
udisks2 = {
enable = true;
mountOnMedia = true;
};
# Enable automatic login for the user.
# getty.autologinUser = "${user.name}";
};
}

64
hosts/fireweed/hardware-configuration.nix Normal file
View File

@ -0,0 +1,64 @@
# Fireweed hardware-configuration.nix
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "uas" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ "amdgpu" ];
boot.kernelModules = [ "kvm-intel" ];
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/c9833e85-0ea9-45a9-b65d-039c8c4f71f3";
fsType = "ext4";
};
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/5E0D-1487";
fsType = "vfat";
};
fileSystems."/mnt/daily" = {
device = "/dev/disk/by-uuid/bfdd61f6-2d26-4140-94ac-e60c21636dde";
fsType = "ext4";
};
fileSystems."/mnt/weekly" = {
device = "/dev/disk/by-uuid/56f7fd65-bf5d-4ce6-830a-ea8fbf6610af";
fsType = "ext4";
};
fileSystems."/mnt/videos" = {
device = "/dev/disk/by-uuid/e1f9cf9a-4147-4849-83e2-4baa342b6400";
fsType = "ext4";
};
#fileSystems."/media" =
# { device = "/mnt/videos";
# fsType = "none";
# options = [ "bind" ];
# };
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.virbr0.useDHCP = lib.mkDefault true;
# networking.interfaces.virbr1.useDHCP = lib.mkDefault true;
# networking.interfaces.virbr2.useDHCP = lib.mkDefault true;
# networking.interfaces.virbr3.useDHCP = lib.mkDefault true;
# networking.interfaces.wg-mullvad.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

19
hosts/fireweed/home.nix Normal file
View File

@ -0,0 +1,19 @@
# Fireweed home.nix
{ config, lib, pkgs, inputs, user, ... }:
{
services = {
udiskie = {
enable = true;
automount = true;
notify = true;
settings = {
program_options = {
udisks_version = 2;
};
icon_names.media = [
"media-optical"
];
};
};
};
}

47
hosts/vm/configuration.nix Normal file
View File

@ -0,0 +1,47 @@
# NixOS VM configuration.nix
{ config, lib, pkgs, inputs, user, ... }:
let
hostname="nixos";
in
{
imports = [
./hardware-configuration.nix
];
boot = {
loader.grub = {
enable = true;
device = "/dev/vda";
useOSProber = true;
};
# Hardware-configuration edits
kernel.sysctl."net.ipv4.ip_forward" = 1;
# Clean /tmp at boot
tmp.cleanOnBoot = true;
};
networking = {
hostName = "${hostname}"; # Define your hostname.
firewall = {
# To disable the firewall altogether:
# enable = false;
allowedTCPPorts = [ 445 139 ];
allowedUDPPorts = [ 137 138 ];
};
# Proxy configuration
# proxy = {
# default = "http://user:password@proxy:port/";
# noProxy = "127.0.0.1,localhost,internal.domain";
# };
};
users.users.${user.name} = {
extraGroups = [
];
packages = with pkgs; [
];
};
services = {
# Enable automatic login for the user.
getty.autologinUser = "${user.name}";
};
}

123
hosts/vm/configuration.nix_ Normal file
View File

@ -0,0 +1,123 @@
# Buckwheat configuration.nix
{ config, lib, pkgs, inputs, user, ... }:
let
hostname="buckwheat";
in
{
imports = [
./hardware-configuration.nix
];
boot = {
loader = {
systemd-boot = {
enable = true;
configurationLimit = 10;
};
efi.canTouchEfiVariables = true;
efi.efiSysMountPoint = "/boot/efi";
timeout = 2;
};
# Hardware-configuration edits
kernel.sysctl."net.ipv4.ip_forward" = 1;
# Clean /tmp at boot
tmp.cleanOnBoot = true;
};
networking = {
hostName = "${hostname}"; # Define your hostname.
firewall = {
# To disable the firewall altogether:
# enable = false;
allowedTCPPorts = [ 445 139 ];
allowedUDPPorts = [ 137 138 ];
};
# Proxy configuration
# proxy = {
# default = "http://user:password@proxy:port/";
# noProxy = "127.0.0.1,localhost,internal.domain";
# };
};
users.users.${user.name} = {
extraGroups = [ "davfs2" "libvirtd" "transmission" ];
packages = with pkgs; [
mixxx
virt-manager
];
};
services = {
davfs2 = {
enable = true;
};
mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
transmission = {
enable = true;
openFirewall = true;
};
udisks2 = {
enable = true;
mountOnMedia = true;
};
# Enable automatic login for the user.
# getty.autologinUser = "${user.name}";
};
virtualisation.libvirtd.enable = true;
# Borg backup configuration
services.borgbackup.jobs."daily" = {
paths = [
"/home"
];
exclude = [
"/home/*/go/bin"
"/home/*/go/pkg"
];
repo = "/mnt/daily/buckwheat";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /root/borgbackup/passphrase";
};
compression = "auto,lzma";
startAt = "daily";
prune.keep = {
within = "7d";
};
};
services.borgbackup.jobs."weekly" = {
paths = [
"/home"
];
exclude = [
"/home/*/go/bin"
"/home/*/go/pkg"
];
repo = "/mnt/weekly/buckwheat";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /root/borgbackup/passphrase";
};
compression = "auto,lzma";
startAt = "weekly";
};
#services.borgbackup.jobs."borgbase" = {
# paths = [
# "/home"
# ];
# exclude = [
# "/home/*/go/bin"
# "/home/*/go/pkg"
# ];
# repo = "<repo_hash>.repo.borgbase.com:repo";
# encryption = {
# mode = "repokey-blake2";
# passCommand = "cat /root/borgbackup/passphrase";
# };
# environment.BORG_RSH = "ssh -i /root/borgbackup/ssh_key";
# compression = "auto,lzma";
# startAt = "daily";
#};
}

31
hosts/vm/hardware-configuration.nix Normal file
View File

@ -0,0 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/3df45abe-2951-4346-a792-f03ce89e16bb";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

6
hosts/vm/home.nix Normal file
View File

@ -0,0 +1,6 @@
# NixOS VM home.nix
{ config, lib, pkgs, inputs, user, ... }:
{
services = {
};
}

17
nixos/all.nix
View File

@ -49,6 +49,7 @@
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
};
allowSFTP = false; # Don't set this if you need sftp
extraConfig = ''
@ -110,11 +111,17 @@
];
};
system = {
autoUpgrade = {
enable = true;
allowReboot = false;
channel = "https://channels.nixos.org/nixos-unstable";
};
#autoUpgrade = {
# enable = true;
# allowReboot = false;
# channel = "https://channels.nixos.org/nixos-unstable";
# flake = "<git repo url>";
# flags = [
# "--update-input"
# "nixpkgs"
# "--commit-lockfile"
# ];
#};
stateVersion = "22.11";
};
}

11
nixos/chat.nix Normal file
View File

@ -0,0 +1,11 @@
# Office packages configuration.nix
{ config, lib, pkgs, inputs, user, ... }:
{
users.users.${user.name}.packages = with pkgs; [
catgirl
discord
halloy
profanity
signal-desktop
];
}

13
nixos/cli.nix
View File

@ -69,10 +69,9 @@
};
users.users.${user.name}.packages = with pkgs; [
btfs
catgirl
cava
cifs-utils
#cmus
cmus
curlie
dig
dogdns
@ -82,9 +81,11 @@
fq
fx
gitui
glow
gpg-tui
gping
gron
gum
hexyl
htmlq
hugo
@ -93,18 +94,18 @@
jo
john
jq
ledger
lynis
mdp
mediainfo
nb
nom
oed
pandoc
pdfgrep
profanity
phetch
recutils
surfraw
shellcheck
ssss
surfraw
tut
unrar
unzip

37
nixos/gui.nix
View File

@ -58,6 +58,22 @@
slock.enable = true;
};
users.users.${user.name}.packages = with pkgs; [
ani-cli
bashmount
feh
glib
lagrange
librewolf
mangal
mpv
mullvad-browser
mupdf
#onionshare-gui
scrot
tor-browser-bundle-bin
urlview
];
environment.systemPackages = with pkgs; [
(dmenu.overrideAttrs (oldAttrs: rec {
configFile = writeText "config.def.h" (builtins.readFile ./patches/dmenu/config.h);
postPatch = "${oldAttrs.postPatch}\n cp ${configFile} config.def.h";
@ -66,32 +82,11 @@
configFile = writeText "config.def.h" (builtins.readFile ./patches/st/config.h);
postPatch = "${oldAttrs.postPatch}\n cp ${configFile} config.def.h";
}))
ani-cli
bashmount
discord
feh
glib
lagrange
libreoffice
mangal
mpv
mullvad-browser
mupdf
#onionshare-gui
scrot
signal-desktop
surf
tabbed
tor-browser-bundle-bin
urlview
];
environment.systemPackages = with pkgs; [
clipmenu
dunst
hsetroot
networkmanagerapplet
notify-desktop
#pa_applet
sxhkd
trayer
xbanish

12
nixos/office.nix Normal file
View File

@ -0,0 +1,12 @@
# Office packages configuration.nix
{ config, lib, pkgs, inputs, user, ... }:
{
users.users.${user.name}.packages = with pkgs; [
claws-mail
ledger
libreoffice
pandoc
pdftk
#sc-im
];
}

35
nixos/server_defense.nix Normal file
View File

@ -0,0 +1,35 @@
# All configuration.nix
{ config, lib, pkgs, inputs, user, ... }:
{
services = {
openssh = {
enable = true;
ports = [
22
8282
];
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
allowSFTP = false; # Don't set this if you need sftp
extraConfig = ''
AllowTcpForwarding yes
X11Forwarding no
AllowAgentForwarding no
AllowStreamLocalForwarding no
AuthenticationMethods publickey
'';
};
endlessh = {
enable = true;
openFirewall = true;
port = 22;
extraOptions = [
"-6"
"-d 9000"
"-v"
];
};
}
}

6
todo.md Normal file
View File

@ -0,0 +1,6 @@
- [ ] Create additional host configurations
- [ ] Implement the Impermanence module
- [ ] Implement [Agenix](https://nixos.wiki/wiki/Agenix) or Sopsnix
- [ ] Implement [Stylix](https://danth.github.io/stylix/)
- [ ] Implement [MicroVM.nix](https://github.com/astro/microvm.nix)
- [ ] Figure out urlview and yank conflict with tmux plugins