moritz/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/nixos' into nixos-work

Browse source
This commit is contained in:
Moritz Böhme 2023-10-09 09:10:36 +02:00
commit 89991861ed
40 changed files with 1149 additions and 768 deletions
Download patch file Download diff file Expand all files Collapse all files

66
hosts/nixos-desktop/default.nix
View file

@ -17,23 +17,41 @@
gaming.enable = true;
personal.enable = true;
};
programs.hyprland.nvidiaSupport = true;
programs.hyprland.keyboardLayouts = [ "us" "de" ];
programs.hyprland = {
nvidiaSupport = true;
monitors = [ "HDMI-A-1,3840x2160,auto,1.2" ",preferred,auto,1" ];
extraConfig = "exec=hyprctl keyword monitor HDMI-A-1,3840x2160@120,auto,1.2";
keyboardLayouts = [ "us" "de" ];
};
services.mullvad.enable = true;
services.wallpaper.enable = true;
programs.ledger.enable = true;
};
home-manager.users.moritz.home.packages = with pkgs; [
jetbrains.idea-community
];
hardware = {
keyboard.qmk.enable = true;
nvidia.modesetting.enable = true;
opengl = {
enable = true;
driSupport32Bit = true;
driSupport = true;
};
hardware.keyboard.qmk.enable = true;
# sensors
enableAllFirmware = true;
# KERNEL
boot.kernelPackages = pkgs.linuxPackages_latest;
bluetooth.enable = true;
};
# BOOT
boot = {
# KERNEL
kernelPackages = pkgs.linuxPackages_latest;
# BOOT
supportedFilesystems = [ "btrfs" "ntfs" ];
loader = {
grub = {
@ -44,6 +62,8 @@
};
efi.canTouchEfiVariables = true;
};
kernelModules = [ "lm92" "drivetemp" ];
};
# NETWORKING
@ -68,33 +88,23 @@
};
networkmanager.enable = true;
};
hardware.nvidia.modesetting.enable = true;
services.xserver.videoDrivers = [ "nvidia" ];
hardware.opengl = {
enable = true;
driSupport32Bit = true;
driSupport = true;
services = {
xserver.videoDrivers = [ "nvidia" ];
xserver.xrandrHeads = [
{ output = "HDMI-1"; }
{
output = "HDMI-0";
primary = true;
}
];
# Powersaving
tlp.enable = true;
};
services.xserver.xrandrHeads = [
{ output = "HDMI-1"; }
{
output = "HDMI-0";
primary = true;
}
];
console.keyMap = "de";
# Powersaving
services.tlp.enable = true;
powerManagement.enable = true;
# sensors
hardware.enableAllFirmware = true;
environment.systemPackages = with pkgs; [ lm_sensors ];
boot.kernelModules = [ "lm92" "drivetemp" ];
hardware.bluetooth.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions

75
hosts/nixos-desktop/hardware-configuration.nix
View file

@ -7,51 +7,56 @@
, ...
}: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" ];
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
kernelModules = [ ];
luks.devices."enc".device = "/dev/disk/by-uuid/30025a9f-44cf-4074-8ae2-d4925efd67dd";
};
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" ];
};
boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/30025a9f-44cf-4074-8ae2-d4925efd67dd";
"/home" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" ];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" ];
};
"/nix" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" ];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" ];
};
"/var/log" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" ];
neededForBoot = true;
};
fileSystems."/var/log" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" ];
neededForBoot = true;
};
"/boot" = {
device = "/dev/disk/by-uuid/297B-C04C";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/297B-C04C";
fsType = "vfat";
};
fileSystems."/media/games" = {
device = "/dev/disk/by-uuid/8f92ff36-a685-4a67-a3d4-55136dc5f286";
fsType = "ext4";
"/media/games" = {
device = "/dev/disk/by-uuid/8f92ff36-a685-4a67-a3d4-55136dc5f286";
fsType = "ext4";
};
};
swapDevices = [{ device = "/dev/disk/by-uuid/00ad6f74-f23e-4ac0-abfb-89bdfe5ab8ae"; }];
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

1
hosts/nixos-desktop/system.nix
View file

@ -1 +0,0 @@
"x86_64-linux"

117
hosts/nixos-laptop/default.nix
View file

@ -3,37 +3,46 @@
# and in the NixOS manual (accessible by running nixos-help).
{ pkgs
, inputs
, lib
, ...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
./disko.nix
./impermanence.nix
];
my = {
virtualisation.libvirtd.enable = true;
yubikey.luksSupport.enable = false;
profiles = {
desktop.enable = true;
personal.enable = true;
webis.enable = true;
# webis.enable = true;
};
};
environment.systemPackages = [
(
pkgs.writeShellApplication {
name = "zfs-diff";
runtimeInputs = with pkgs; [ zfs coreutils parallel tree ];
text = ''
zfs diff -F zroot/encrypted/root@blank | awk '$2 == "F" && system("test -e /persist/"$3) != 0 { print $3 }' 2>/dev/null | tree --fromfile . "$@"
'';
}
)
];
home-manager.users.moritz.home.packages = with pkgs; [
jetbrains.idea-ultimate
# jetbrains.idea-ultimate
];
# BOOT
boot = {
supportedFilesystems = [ "btrfs" ];
loader = {
grub = {
enable = true;
device = "nodev";
efiSupport = true;
};
efi.canTouchEfiVariables = true;
};
supportedFilesystems = [ "zfs" ];
loader.systemd-boot.enable = true;
};
# SERVICES
@ -65,54 +74,56 @@
services.tlp.enable = true;
powerManagement.enable = true;
# Hibernare on low battery
systemd.timers.hibernate-on-low-battery = {
wantedBy = [ "multi-user.target" ];
timerConfig = {
OnUnitActiveSec = "120";
OnBootSec = "120";
systemd = {
# Hibernare on low battery
timers.hibernate-on-low-battery = {
wantedBy = [ "multi-user.target" ];
timerConfig = {
OnUnitActiveSec = "120";
OnBootSec = "120";
};
};
services.hibernate-on-low-battery =
let
batteryLevelSufficient =
let
batteryPath = "/sys/class/power_supply/BATT";
in
pkgs.writeShellScriptBin "battery-level-sufficient" ''
test "$(cat ${batteryPath}/status)" != Discharging \
|| test "$(cat ${batteryPath}/capacity)" -ge 5
'';
in
{
serviceConfig.Type = "oneshot";
onFailure = [ "hibernate.target" ];
script = "${batteryLevelSufficient}/bin/battery-level-sufficient";
};
services.asus-touchpad-numpad = {
description = "Activate Numpad inside the touchpad with top right corner switch";
documentation = [ "https://github.com/mohamed-badaoui/asus-touchpad-numpad-driver" ];
path = [ pkgs.i2c-tools ];
script = ''
cd ${inputs.asus-touchpad-numpad-driver}
# In the last argument here you choose your layout.
${
pkgs.python3.withPackages (ps: [ps.libevdev])
}/bin/python asus_touchpad.py m433ia
'';
# Probably needed because it fails on boot seemingly because the driver
# is not ready yet. Alternativly, you can use `sleep 3` or similar in the
# `script`.
serviceConfig = {
RestartSec = "1s";
Restart = "on-failure";
};
wantedBy = [ "multi-user.target" ];
};
};
systemd.services.hibernate-on-low-battery =
let
batteryLevelSufficient =
let
batteryPath = "/sys/class/power_supply/BATT";
in
pkgs.writeShellScriptBin "battery-level-sufficient" ''
test "$(cat ${batteryPath}/status)" != Discharging \
|| test "$(cat ${batteryPath}/capacity)" -ge 5
'';
in
{
serviceConfig.Type = "oneshot";
onFailure = [ "hibernate.target" ];
script = "${batteryLevelSufficient}/bin/battery-level-sufficient";
};
# Trackpad
# i2c for https://github.com/mohamed-badaoui/asus-touchpad-numpad-driver
hardware.i2c.enable = true;
systemd.services.asus-touchpad-numpad = {
description = "Activate Numpad inside the touchpad with top right corner switch";
documentation = [ "https://github.com/mohamed-badaoui/asus-touchpad-numpad-driver" ];
path = [ pkgs.i2c-tools ];
script = ''
cd ${inputs.asus-touchpad-numpad-driver}
# In the last argument here you choose your layout.
${
pkgs.python3.withPackages (ps: [ps.libevdev])
}/bin/python asus_touchpad.py m433ia
'';
# Probably needed because it fails on boot seemingly because the driver
# is not ready yet. Alternativly, you can use `sleep 3` or similar in the
# `script`.
serviceConfig = {
RestartSec = "1s";
Restart = "on-failure";
};
wantedBy = [ "multi-user.target" ];
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions

94
hosts/nixos-laptop/disko.nix Normal file
View file

@ -0,0 +1,94 @@
{ lib, ... }:
{
# needed for zfs pool
networking.hostId = "9c85d185";
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "64M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "false";
};
mountpoint = null;
datasets = {
encrypted = {
type = "zfs_fs";
options = {
mountpoint = "none";
encryption = "aes-256-gcm";
keyformat = "passphrase";
};
# use this to read the key during boot
postCreateHook = ''
zfs set keylocation="prompt" "zroot/$name";
'';
};
"encrypted/root" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/";
postCreateHook = "zfs snapshot zroot/encrypted/root@blank";
};
"encrypted/nix" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/nix";
};
"encrypted/persist" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/persist";
options."com.sun:auto-snapshot" = "true";
};
};
};
};
};
# rollback to blank
boot.initrd.postDeviceCommands = lib.mkAfter ''
zfs rollback -r zroot/encrypted/root@blank
'';
fileSystems."/persist".neededForBoot = true;
# HACK: to fix issue of agenix running before impermanence
age.identityPaths = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_rsa_key"
"/persist/etc/ssh/ssh_host_ed25519_key"
"/persist/etc/ssh/ssh_host_rsa_key"
];
services.zfs = {
autoScrub.enable = true;
trim.enable = true;
autoSnapshot.enable = true;
};
}

51
hosts/nixos-laptop/hardware-configuration.nix
View file

@ -2,53 +2,16 @@
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ modulesPath
, lib
, ...
}: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" ];
boot = {
initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "rtsx_pci_sdmmc" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/078b81ba-238e-471d-9951-b743588532b8";
fileSystems."/log" = {
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" ];
neededForBoot = true;
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" ];
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/938D-F813";
fsType = "vfat";
};
fileSystems."/persist" = {
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
fsType = "btrfs";
options = [ "subvol=persist" "compress=zstd" ];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" ];
};
swapDevices = [{ device = "/dev/disk/by-uuid/29ebf65f-e6ca-4625-9f72-a9321152be1b"; }];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

71
hosts/nixos-laptop/impermanence.nix Normal file
View file

@ -0,0 +1,71 @@
{ config, ... }:
{
age.secrets = {
root-password.file = ../../secrets/root-password.age;
moritz-password.file = ../../secrets/moritz-password.age;
};
users.users = {
root.hashedPasswordFile = config.age.secrets.root-password.path;
moritz.hashedPasswordFile = config.age.secrets.moritz-password.path;
};
users.mutableUsers = false;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/etc/NetworkManager/system-connections"
"/var/db/dhcpcd/"
"/var/lib/NetworkManager/"
"/var/lib/bluetooth"
"/var/lib/nixos"
"/var/lib/systemd/coredump"
"/var/log"
];
files = [
"/etc/machine-id"
"/etc/nix/id_rsa"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
users.moritz = {
directories = [
".SynologyDrive/data"
".SynologyDrive/log"
".cache/keepassxc"
".cache/nvim/luac"
".config/Nextcloud"
".config/keepassxc"
".local/share/direnv"
".local/share/nvim"
".local/share/zoxide"
".local/state/nvim"
".mozilla"
"Documents"
"Downloads"
"Music"
"Pictures"
"Videos"
{ directory = ".gnupg"; mode = "0700"; }
{ directory = ".local/share/keyrings"; mode = "0700"; }
{ directory = ".ssh"; mode = "0700"; }
];
files = [
".local/share/fish/fish_history"
".local/share/nix/trusted-settings.json"
".parallel/will-cite"
];
};
users.root = {
home = "/root";
directories = [
{ directory = ".gnupg"; mode = "0700"; }
{ directory = ".ssh"; mode = "0700"; }
];
files = [
".local/share/nix/trusted-settings.json"
];
};
};
}

1
hosts/nixos-laptop/system.nix
View file

@ -1 +0,0 @@
"x86_64-linux"

17
hosts/scadspc25/default.nix
View file

@ -21,12 +21,18 @@
services.synology-drive.enable = true;
programs.hyprland.keyboardLayouts = [ "us" "de" ];
};
boot = {
loader = {
grub = {
# Use the systemd-boot EFI boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "nodev";
boot.loader.grub.efiSupport = true;
boot.loader.efi.canTouchEfiVariables = true;
# Use the systemd-boot EFI boot loader.
enable = true;
device = "nodev";
efiSupport = true;
};
efi.canTouchEfiVariables = true;
};
};
networking.hostName = "scadspc25"; # Define your hostname.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
@ -53,4 +59,3 @@
system.stateVersion = "23.05"; # Did you read the comment?
}

83
hosts/scadspc25/hardware-configuration.nix
View file

@ -8,52 +8,55 @@
[
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
};
fileSystems = {
"/" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
};
fileSystems."/" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
};
"/home" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" "noatime" ];
};
fileSystems."/home" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" "noatime" ];
};
"/nix" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
};
fileSystems."/nix" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
};
"/var/log" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
};
fileSystems."/var/log" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
};
"/snapshots" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=snapshots" "compress=zstd" "noatime" ];
};
fileSystems."/snapshots" =
{
device = "/dev/disk/by-uuid/cfc2d232-f833-4ecf-8098-fe805afd390d";
fsType = "btrfs";
options = [ "subvol=snapshots" "compress=zstd" "noatime" ];
};
fileSystems."/boot" =
{
device = "/dev/disk/by-uuid/3B2B-63DB";
fsType = "vfat";
};
"/boot" =
{
device = "/dev/disk/by-uuid/3B2B-63DB";
fsType = "vfat";
};
};
swapDevices =
[{ device = "/dev/disk/by-uuid/c08ff6b6-d6e2-4620-95fc-6c20b04c7363"; }];

1
hosts/scadspc25/system.nix
View file

@ -1 +0,0 @@
"x86_64-linux"