jacob/nix_config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Reformat nix code with alejandra

Browse Source
This commit is contained in:
Jacob Hinkle 2022-09-08 12:27:21 -04:00
parent 3f7ad45ebe
commit a897038529
10 changed files with 244 additions and 217 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
flake.nix
View File

@ -24,15 +24,20 @@
};
};
outputs = inputs @ { self, nixpkgs, nixos-hardware, home-manager, sops-nix, ... }:
let
outputs = inputs @ {
self,
nixpkgs,
nixos-hardware,
home-manager,
sops-nix,
...
}: let
system = "x86_64-linux";
homeManagerConfFor = config: { ... }: {
#nixpkgs.overlays = [ nur.overlay ];
imports = [ config ];
};
homeManagerConfFor = config: {...}: {
#nixpkgs.overlays = [ nur.overlay ];
imports = [config];
};
in {
nixosConfigurations = {
# Thinkpad T470 laptop
buck = nixpkgs.lib.nixosSystem {
@ -40,7 +45,8 @@
modules = [
nixos-hardware.nixosModules.lenovo-thinkpad-t470s
./machines/buck/configuration.nix
home-manager.nixosModules.home-manager {
home-manager.nixosModules.home-manager
{
home-manager.useUserPackages = true;
home-manager.users.jacob = homeManagerConfFor ./home/jacob.nix;
}
@ -53,8 +59,9 @@
modules = [
nixos-hardware.nixosModules.common-pc-hdd
nixos-hardware.nixosModules.common-cpu-intel-cpu-only
./machines/pedro/configuration.nix
home-manager.nixosModules.home-manager {
./machines/pedro/configuration.nix
home-manager.nixosModules.home-manager
{
home-manager.useUserPackages = true;
home-manager.users.jacob = homeManagerConfFor ./home/jacob.nix;
}

39
home/i3.nix
View File

@ -1,11 +1,11 @@
pkgs :
rec {
pkgs: rec {
menu = "${pkgs.dmenu}/bin/dmenu_run";
modifier = "Mod1";
terminal = "kitty";
keybindings = let
browser = "qutebrowser";
scrot2clip = pkgs.writeShellScript "scrot2clip"
scrot2clip =
pkgs.writeShellScript "scrot2clip"
"${pkgs.scrot}/bin/scrot -s - | ${pkgs.xclip}/bin/xclip -selection primary -i -t image/png";
in {
"${modifier}+Return" = "exec ${terminal} tmux new";
@ -54,31 +54,20 @@ rec {
"${modifier}+9" = "workspace number 9";
"${modifier}+0" = "workspace number 10";
"${modifier}+Shift+1" =
"move container to workspace number 1";
"${modifier}+Shift+2" =
"move container to workspace number 2";
"${modifier}+Shift+3" =
"move container to workspace number 3";
"${modifier}+Shift+4" =
"move container to workspace number 4";
"${modifier}+Shift+5" =
"move container to workspace number 5";
"${modifier}+Shift+6" =
"move container to workspace number 6";
"${modifier}+Shift+7" =
"move container to workspace number 7";
"${modifier}+Shift+8" =
"move container to workspace number 8";
"${modifier}+Shift+9" =
"move container to workspace number 9";
"${modifier}+Shift+0" =
"move container to workspace number 10";
"${modifier}+Shift+1" = "move container to workspace number 1";
"${modifier}+Shift+2" = "move container to workspace number 2";
"${modifier}+Shift+3" = "move container to workspace number 3";
"${modifier}+Shift+4" = "move container to workspace number 4";
"${modifier}+Shift+5" = "move container to workspace number 5";
"${modifier}+Shift+6" = "move container to workspace number 6";
"${modifier}+Shift+7" = "move container to workspace number 7";
"${modifier}+Shift+8" = "move container to workspace number 8";
"${modifier}+Shift+9" = "move container to workspace number 9";
"${modifier}+Shift+0" = "move container to workspace number 10";
"${modifier}+Shift+c" = "reload";
"${modifier}+Shift+r" = "restart";
"${modifier}+Shift+e" =
"exec i3-nagbar -t warning -m 'Do you want to exit i3?' -b 'Yes' 'i3-msg exit'";
"${modifier}+Shift+e" = "exec i3-nagbar -t warning -m 'Do you want to exit i3?' -b 'Yes' 'i3-msg exit'";
"${modifier}+r" = "mode resize";
};

48
home/jacob.nix
View File

@ -1,10 +1,14 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
imports = [
({ lib, ...}: {
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"zoom"
];
({lib, ...}: {
nixpkgs.config.allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) [
"zoom"
];
})
];
@ -16,7 +20,7 @@
keyboard = {
layout = "us";
options = [ "caps:swapescape" "ctrl:ralt_rctrl" ];
options = ["caps:swapescape" "ctrl:ralt_rctrl"];
};
packages = with pkgs; [
@ -58,8 +62,8 @@
stateVersion = "22.05";
};
accounts.email = {
accounts.gmail = {
accounts.email.accounts = {
gmail = {
address = "jacob.hinkle@gmail.com";
passwordCommand = "${pkgs.coreutils}/bin/cat /run/secrets/email/gmail/password";
flavor = "gmail.com";
@ -71,7 +75,7 @@
primary = true;
realName = "Jacob Hinkle";
};
accounts.jhink = {
jhink = {
address = "jacob.hinkle@jhink.org";
imap.host = "mail.privateemail.com";
smtp.host = "mail.privateemail.com";
@ -132,6 +136,7 @@
vim-nix
];
};
#notmuch.enable = true;
qutebrowser = import ./qutebrowser.nix;
rbw = {
enable = true;
@ -174,12 +179,12 @@
oh-my-zsh = {
enable = true;
plugins = [
"direnv"
"git"
"sudo"
"vi-mode"
"direnv"
"git"
"sudo"
"vi-mode"
];
theme = "michelebologna"; # nice clean theme that shows jobs
theme = "michelebologna"; # nice clean theme that shows jobs
};
# michelebologna theme doesn't have an RPROMPT, but I like the one from the clean theme
initExtra = ''
@ -223,13 +228,14 @@
xmonad = {
enable = true;
enableContribAndExtras = true;
extraPackages = haskellPackages: with haskellPackages; [
#dbus
#List
#monad-logger
xmonad
xmonad-contrib
];
extraPackages = haskellPackages:
with haskellPackages; [
#dbus
#List
#monad-logger
xmonad
xmonad-contrib
];
config = ./xmonad.hs;
};
};

4
home/tmux.nix
View File

@ -1,7 +1,7 @@
{
enable = true;
aggressiveResize = true;
clock24 = true;
clock24 = true;
escapeTime = 0;
historyLimit = 10000;
keyMode = "vi";
@ -26,6 +26,6 @@
set-window-option -g window-status-current-style fg=red
# align center the window list
set -g status-justify centre
'';
}

33
machines/buck/configuration.nix
View File

@ -1,14 +1,16 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, sops, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
config,
pkgs,
sops,
...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
];
sops = {
# This will add secrets.yml to the nix store
@ -16,7 +18,7 @@
# sops.defaultSopsFile = "/root/.sops/secrets/example.yaml";
defaultSopsFile = ../../secrets.yaml;
# This will automatically import SSH keys as age keys
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# This is using an age key that is expected to already be in the filesystem
#age.keyFile = "/var/lib/sops-nix/key.txt";
# This will generate a new key if the key specified above does not exist
@ -43,7 +45,7 @@
environmentFile = "/run/secrets/wifi/env";
networks = {
"@SSID_HOME@" = {
pskRaw = "@PSKRAW_HOME@";
pskRaw = "@PSKRAW_HOME@";
};
};
};
@ -61,7 +63,6 @@
# Select internationalisation properties.
i18n.defaultLocale = "en_US.utf8";
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
@ -85,7 +86,7 @@
# List services that you want to enable:
# Enable sound.
sound.enable = true;
#hardware.raspberry-pi."4".fkms-3d.enable = true;
# Enable touchpad support (enabled default in most desktopManager). services.xserver.libinput.enable = true;
@ -93,11 +94,11 @@
# Define a user account. Don't forget to set a password with passwd.
users.users.jacob = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
extraGroups = ["wheel"]; # Enable sudo for the user.
shell = pkgs.zsh;
};
security.rtkit.enable = true; # recommended for pipewire
security.rtkit.enable = true; # recommended for pipewire
# List services that you want to enable:
services = {
@ -133,7 +134,7 @@
enable = true;
greeter.enable = false;
};
};
};
libinput = {
enable = true;
touchpad = {
@ -148,7 +149,7 @@
i3status # gives you the default i3 status bar
i3lock #default i3 screen locker
i3blocks #if you are planning on using i3blocks over i3status
];
];
};
};
};
@ -179,6 +180,6 @@
gc = {
automatic = true;
};
settings.experimental-features = [ "nix-command" "flakes" ];
settings.experimental-features = ["nix-command" "flakes"];
};
}

40
machines/buck/hardware-configuration.nix
View File

@ -1,29 +1,33 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/cc13728f-a446-49db-98fc-51db875bba20";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/cc13728f-a446-49db-98fc-51db875bba20";
fsType = "ext4";
};
fileSystems."/boot/efi" =
{ device = "/dev/disk/by-uuid/164F-882B";
fsType = "vfat";
};
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/164F-882B";
fsType = "vfat";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

103
machines/pedro/configuration.nix
View File

@ -1,11 +1,15 @@
# Edit this configuration file to define what should be installed on your system. Help is available in the configuration.nix(5) man page and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, options, sops, ... }:
{ imports =
[ # Include the results of the hardware scan.
./hardware-configuration-zfs.nix
];
{
config,
pkgs,
options,
sops,
...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration-zfs.nix
];
sops = {
# This will add secrets.yml to the nix store
@ -13,7 +17,7 @@
# sops.defaultSopsFile = "/root/.sops/secrets/example.yaml";
defaultSopsFile = ../../secrets.yaml;
# This will automatically import SSH keys as age keys
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
# This is using an age key that is expected to already be in the filesystem
#age.keyFile = "/var/lib/sops-nix/key.txt";
# This will generate a new key if the key specified above does not exist
@ -30,13 +34,14 @@
boot = {
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
loader = {
# Enables the generation of /extlinux/extlinux.conf grub.enable = true;
#grub.version = 2; grub.device = "/dev/sda"; grub.efiSupport = true;
systemd-boot.enable = true;
# Enables the generation of /extlinux/extlinux.conf grub.enable = true;
#grub.version = 2; grub.device = "/dev/sda"; grub.efiSupport = true;
systemd-boot.enable = true;
};
# ZFS settings
initrd.availableKernelModules = [ "usbhid" "usb_storage" ]; initrd.supportedFilesystems = [ "zfs" ]; # boot from zfs supportedFilesystems = [ "zfs" ]; zfs.devNodes = "/dev/";
initrd.availableKernelModules = ["usbhid" "usb_storage"];
initrd.supportedFilesystems = ["zfs"]; # boot from zfs supportedFilesystems = [ "zfs" ]; zfs.devNodes = "/dev/";
};
# Set your time zone.
@ -63,36 +68,51 @@
};
firewall = {
allowedTCPPorts = [
8384 22000 # syncthing
8080 8443 6789 8880 8843 27117 # unifi controller: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Network-Required-Ports-Reference
53 8088 # pihole
8384
22000 # syncthing
8080
8443
6789
8880
8843
27117 # unifi controller: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Network-Required-Ports-Reference
53
8088 # pihole
#3000 # gitea
#8081 # vaultwarden
#8000 # paperless
80 443 # reverse proxy
80
443 # reverse proxy
];
allowedUDPPorts = [
22000 21027 # syncthing
3478 5514 10001 1900 123 # unifi
53 # pihole
22000
21027 # syncthing
3478
5514
10001
1900
123 # unifi
53 # pihole
];
allowedUDPPortRanges = [
{ from = 5656; to = 5699; } # unifi
{
from = 5656;
to = 5699;
} # unifi
];
};
timeServers = [ "192.168.88.1" ] ++ options.networking.timeServers.default;
timeServers = ["192.168.88.1"] ++ options.networking.timeServers.default;
};
hardware.video.hidpi.enable = false;
hardware.enableRedistributableFirmware = true;
#hardware.pulseaudio = {
#enable = true;
#extraModules = [ pkgs.pulseaudio-modules-bt ];
#package = pkgs.pulseaudioFull;
#enable = true;
#extraModules = [ pkgs.pulseaudio-modules-bt ];
#package = pkgs.pulseaudioFull;
#};
hardware.bluetooth.enable = false;
services.blueman.enable = false;
# Enable CUPS to print documents.
services.printing.enable = false;
@ -103,28 +123,28 @@
# Define a user account. Don't forget to set a password with passwd.
users.users.jacob = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
extraGroups = ["wheel"]; # Enable sudo for the user.
shell = pkgs.zsh;
};
# List packages installed in system profile. To search, run: $ nix search wget
environment.systemPackages = with pkgs; [ vim git wget ];
environment.systemPackages = with pkgs; [vim git wget];
#environment.variables = {
#GDK_SCALE = "2";
#GDK_DPI_SCALE = "0.5";
#_JAVA_OPTIONS = "-Dsun.java2d.uiScale=2";
#GDK_SCALE = "2";
#GDK_DPI_SCALE = "0.5";
#_JAVA_OPTIONS = "-Dsun.java2d.uiScale=2";
#};
# Some programs need SUID wrappers, can be configured further or are started in user sessions. programs.mtr.enable = true; programs.gnupg.agent = {
# enable = true; enableSSHSupport = true;
# };
security.rtkit.enable = true; # recommended for pipewire
security.rtkit.enable = true; # recommended for pipewire
# enable acme for certbot
security.acme = {
acceptTerms = true;
acceptTerms = true;
defaults = {
email = "jacob.hinkle@gmail.com";
};
@ -192,7 +212,7 @@
enable = true;
greeter.enable = false;
};
};
};
layout = "us";
libinput.enable = true;
windowManager.i3 = {
@ -202,7 +222,7 @@
i3status # gives you the default i3 status bar
i3lock #default i3 screen locker
i3blocks #if you are planning on using i3blocks over i3status
];
];
};
};
@ -211,7 +231,7 @@
trim.enable = true;
autoScrub = {
enable = true;
pools = [ "rpool" ];
pools = ["rpool"];
};
autoSnapshot = {
enable = true;
@ -220,18 +240,17 @@
};
};
};
# Due to bug in home assistant, this workaround is suggested temporarily as of May 6, 2022
# https://github.com/nix-community/home-manager/issues/2942#issuecomment-1119760100
#nixpkgs.config.allowUnfree = true;
nixpkgs.config.allowUnfreePredicate = ( pkg: true );
nixpkgs.config.allowUnfreePredicate = (pkg: true);
powerManagement.cpuFreqGovernor = "ondemand";
# This value determines the NixOS release from which the default settings for stateful data, like file locations and database versions on your system were taken. Its perfectly fine and recommended to leave this value at the
# This value determines the NixOS release from which the default settings for stateful data, like file locations and database versions on your system were taken. Its perfectly fine and recommended to leave this value at the
# release version of the first install of this system. Before changing this value read the documentation for this option (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment?
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.experimental-features = ["nix-command" "flakes"];
}

160
machines/pedro/hardware-configuration-zfs.nix
View File

@ -1,103 +1,106 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# high-resolution display
hardware.video.hidpi.enable = lib.mkDefault true;
fileSystems."/" =
{ device = "none";
fsType = "tmpfs";
};
fileSystems."/" = {
device = "none";
fsType = "tmpfs";
};
fileSystems."/boot" =
{
device = "/dev/disk/by-partuuid/e7ebac1e-eb4c-4a7d-8893-49a95f6014d4";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-partuuid/e7ebac1e-eb4c-4a7d-8893-49a95f6014d4";
fsType = "vfat";
};
fileSystems."/nix" =
{ device = "rpool/nixos/nix";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/nix" = {
device = "rpool/nixos/nix";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/etc" =
{ device = "rpool/nixos/etc";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/etc" = {
device = "rpool/nixos/etc";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/var" =
{ device = "rpool/nixos/var";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/var" = {
device = "rpool/nixos/var";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/var/lib" =
{ device = "rpool/nixos/var/lib";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/var/lib" = {
device = "rpool/nixos/var/lib";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/var/log" =
{ device = "rpool/nixos/var/log";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/var/log" = {
device = "rpool/nixos/var/log";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/var/spool" =
{ device = "rpool/nixos/var/spool";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/var/spool" = {
device = "rpool/nixos/var/spool";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/serverdata/pihole" =
{ device = "rpool/serverdata/pihole";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/serverdata/gitea" =
{ device = "rpool/serverdata/gitea";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/serverdata/home-assistant" =
{ device = "rpool/serverdata/home-assistant";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/serverdata/pihole" = {
device = "rpool/serverdata/pihole";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/serverdata/gitea" = {
device = "rpool/serverdata/gitea";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/serverdata/home-assistant" = {
device = "rpool/serverdata/home-assistant";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/home" =
{ device = "rpool/userdata/home";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/home" = {
device = "rpool/userdata/home";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/root" =
{ device = "rpool/userdata/home/root";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/root" = {
device = "rpool/userdata/home/root";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/home/jacob" =
{ device = "rpool/userdata/home/jacob";
fsType = "zfs";
options = [ "zfsutil" ];
};
fileSystems."/home/jacob" = {
device = "rpool/userdata/home/jacob";
fsType = "zfs";
options = ["zfsutil"];
};
swapDevices = [
{
@ -105,5 +108,4 @@
randomEncryption = true;
}
];
}

2
machines/pedro/nginx.nix
View File

@ -2,7 +2,7 @@
enable = true;
recommendedProxySettings = true;
virtualHosts = let
simpleProxy = ip : {
simpleProxy = ip: {
forceSSL = true;
enableACME = true;
extraConfig = ''

5
machines/pedro/pihole.nix
View File

@ -1,5 +1,4 @@
serverIP :
{
serverIP: {
image = "pihole/pihole:2022.07.1";
ports = [
"${serverIP}:53:53/tcp"
@ -21,6 +20,6 @@ serverIP :
"/run/secrets/pihole:/run/secrets/pihole"
];
extraOptions = [
"--no-hosts" # do not populate internal /etc/hosts with container host's
"--no-hosts" # do not populate internal /etc/hosts with container host's
];
}