Compare commits

...
Sign in to create a new pull request.

1 commit

Author SHA1 Message Date
55e6188abd init: create minimal ver of config 2026-01-07 15:02:17 +02:00
8 changed files with 9 additions and 408 deletions

View file

@ -58,11 +58,11 @@
"/var/log" "/var/log"
"/var/lib/bluetooth" "/var/lib/bluetooth"
"/var/lib/nixos" "/var/lib/nixos"
"/var/lib/libvirt" # "/var/lib/libvirt"
"/var/lib/ollama-models" # "/var/lib/ollama-models"
"/var/lib/flatpak" # "/var/lib/flatpak"
"/var/lib/tailscale" "/var/lib/tailscale"
"/var/lib/syncthing" # "/var/lib/syncthing"
"/etc/NetworkManager/system-connections" "/etc/NetworkManager/system-connections"
"/etc/ssh" "/etc/ssh"
]; ];
@ -149,26 +149,6 @@
"--env=GTK_THEME=Adwaita:dark" "--env=GTK_THEME=Adwaita:dark"
]; ];
}; };
signal-desktop-bin = {
executable = "${pkgs.signal-desktop-bin}/bin/signal-desktop";
profile = "${pkgs.firejail}/etc/firejail/signal-desktop.profile";
extraArgs = [
"--env=GTK_THEME=Adwaita:dark"
"--noblacklist=~/Pictures"
"--noblacklist=~/Documents"
"--whitelist=~/Pictures"
"--whitelist=~/Documents"
"--dbus-user.talk=org.freedesktop.Notifications"
"--dbus-user.talk=org.kde.StatusNotifierWatcher"
];
};
obsidian = {
executable = "${pkgs.obsidian}/bin/obsidian";
profile = "${pkgs.firejail}/etc/firejail/obsidian.profile";
extraArgs = [
"--env=GTK_THEME=Adwaita:dark"
];
};
}; };
}; };
@ -181,11 +161,11 @@
# Enable Hyprland. # Enable Hyprland.
programs.hyprland.enable = true; programs.hyprland.enable = true;
services.flatpak.enable = true; # services.flatpak.enable = true;
# Enable CUPS to print documents. # Enable CUPS to print documents.
services.printing.enable = true; # services.printing.enable = true;
services.printing.drivers = [ pkgs.hplip ]; # services.printing.drivers = [ pkgs.hplip ];
programs.gnupg.agent.enable = true; programs.gnupg.agent.enable = true;
@ -221,8 +201,8 @@
enable32Bit = true; enable32Bit = true;
}; };
services.ollama.enable = true; # services.ollama.enable = true;
services.ollama.models = "/var/lib/ollama-models"; # services.ollama.models = "/var/lib/ollama-models";
# Enable automatic login for the user. # Enable automatic login for the user.
# We temporarily keep this enabled because I plan to switch to LVM on LUKS. # We temporarily keep this enabled because I plan to switch to LVM on LUKS.
@ -244,32 +224,12 @@
git git
]; ];
programs.steam.enable = true;
nix.gc = { nix.gc = {
automatic = true; automatic = true;
dates = "weekly"; dates = "weekly";
options = "--delete-older-than 2d"; options = "--delete-older-than 2d";
}; };
programs.virt-manager.enable = true;
virtualisation.libvirtd = {
enable = true;
qemu = {
vhostUserPackages = with pkgs; [ virtiofsd ];
swtpm.enable = true;
};
};
virtualisation.spiceUSBRedirection.enable = true;
virtualisation.docker.enable = true;
services = {
syncthing = {
enable = true;
group = "users";
user = "xory";
};
};
services.openssh.enable = true; # TODO: add declarative key-based auth services.openssh.enable = true; # TODO: add declarative key-based auth
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are

View file

@ -1,7 +1,6 @@
{ config, pkgs, inputs, ... }: { config, pkgs, inputs, ... }:
{ {
imports = [ inputs.spicetify-nix.homeManagerModules.default ];
home.username = "xory"; home.username = "xory";
home.homeDirectory = "/home/xory"; home.homeDirectory = "/home/xory";
@ -11,39 +10,8 @@
git git
cava cava
kdePackages.qtwebsockets kdePackages.qtwebsockets
(python313.withPackages (python-pkgs: [
python313Packages.websockets
python313Packages.requests # basic python test env
]))
simplex-chat-desktop
qbittorrent
ffmpeg
yt-dlp
prismlauncher
keepassxc keepassxc
(wrapOBS {
plugins = with pkgs.obs-studio-plugins; [
obs-vaapi
obs-gstreamer
obs-vkcapture
wlrobs
obs-pipewire-audio-capture
];
})
mpv
kdePackages.kdenlive
gimp
inkscape
krita
distrobox
screen screen
arduino-ide
(lutris.override {
extraLibraries = pkgs: [
wineWowPackages.stable
winetricks
];
})
libadwaita # fucking winetricks libadwaita # fucking winetricks
zenity zenity
woeusb-ng woeusb-ng
@ -52,13 +20,9 @@
hyprsunset hyprsunset
grim grim
slurp slurp
input-leap
viber
hyprpolkitagent hyprpolkitagent
pulsemixer pulsemixer
feh feh
opentrack
aitrack
progress progress
croc croc
libarchive libarchive
@ -111,40 +75,6 @@ eval "$(direnv hook zsh)"
settings.window_padding_width = 5; settings.window_padding_width = 5;
}; };
programs.spicetify =
let
spicePkgs = inputs.spicetify-nix.legacyPackages.${pkgs.stdenv.hostPlatform.system};
in
{
enable = true;
theme = spicePkgs.themes.catppuccin;
colorScheme = "mocha";
enabledExtensions = with spicePkgs.extensions; [
hidePodcasts
shuffle
betterGenres
beautifulLyrics
];
enabledCustomApps = with spicePkgs.apps; [
newReleases
ncsVisualizer
];
};
# firejail
xdg.desktopEntries.spotify = {
name = "Spotify";
genericName = "Music Player";
icon = "spotify-client";
exec = "${pkgs.firejail}/bin/firejail ${config.programs.spicetify.spicedSpotify}/bin/spotify %U";
terminal = false;
categories = [ "Audio" "Music" "Player" "AudioVideo" ];
mimeType = [ "x-scheme-handler/spotify" ];
};
wayland.windowManager.hyprland.enable = true; wayland.windowManager.hyprland.enable = true;
programs.waybar.enable = true; programs.waybar.enable = true;
programs.wofi.enable = true; programs.wofi.enable = true;

View file

@ -1,31 +0,0 @@
{ config, pkgs, lib, inputs, ... }:
{
imports =
[
./hardware/hardware-configuration.nix
./hardware/disko.nix
(inputs.nixos-hardware.nixosModules.framework-16-7040-amd)
];
services.fwupd.enable = true;
networking.hostName = "nullstar";
networking.hostId = "322d5212";
# Enable FL16 Input modules
hardware.inputmodule.enable = true;
hardware.keyboard.qmk.enable = true;
hardware.graphics.extraPackages = with pkgs; [
libvdpau-va-gl
rocmPackages.clr.icd
];
services.ollama.package = pkgs.ollama-rocm;
environment.systemPackages = with pkgs; [
framework-tool
inputmodule-control
];
}

View file

@ -1,96 +0,0 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
# Disable this if you do not want to allow TRIM requests to pass through LUKS
# (Security vs SSD longevity trade-off)
settings.allowDiscards = true;
# Uncomment if you want to use a keyfile during install:
# settings.keyFile = "/tmp/secret.key";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
options = {
ashift = "12";
autotrim = "on";
};
rootFsOptions = {
acltype = "posixacl";
xattr = "sa";
dnodesize = "auto";
compression = "zstd";
normalization = "formD";
relatime = "on";
canmount = "off";
# Prevent auto-snapshotting by default (enable explicitly on datasets that need it)
"com.sun:auto-snapshot" = "false";
};
datasets = {
# The ephemeral root dataset.
# We create a blank snapshot immediately so you can rollback to it on boot.
"root" = {
type = "zfs_fs";
mountpoint = "/";
options.mountpoint = "legacy";
postCreateHook = "zfs snapshot zroot/root@blank";
};
# The Nix Store (reproducible, doesn't need backing up usually)
"nix" = {
type = "zfs_fs";
mountpoint = "/nix";
options.mountpoint = "legacy";
options."com.sun:auto-snapshot" = "false";
};
# Persisted state (for impermanence)
"persist" = {
type = "zfs_fs";
mountpoint = "/persist";
options.mountpoint = "legacy";
# Enable snapshots for data safety if using sanoid/syncoid
# options."com.sun:auto-snapshot" = "true";
};
# Home directories
"home" = {
type = "zfs_fs";
mountpoint = "/home";
options.mountpoint = "legacy";
# options."com.sun:auto-snapshot" = "true";
};
};
};
};
};
}

View file

@ -1,23 +0,0 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp42s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

View file

@ -1,28 +0,0 @@
{ config, pkgs, lib, inputs, ... }:
{
imports = [
./hardware/hardware-configuration.nix
./hardware/disko.nix
];
networking.hostName = "voidspear";
networking.hostID = "ec82a76e";
# nVidia drivers.
hardware.graphics.extraPackages = with pkgs; [
libvdpau-va-gl
];
services.xserver.videoDrivers = [ "nvidia"];
hardware.nvidia = {
modesetting.enable = true;
powerManagement.enable = false;
open = false;
nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
};
boot.blacklistedKernelModules = [ "nouveau" ];
services.ollama.package = pkgs.ollama-cuda;
}

View file

@ -1,88 +0,0 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
# Critical for Samsung NVMe longevity/performance
settings.allowDiscards = true;
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
options = {
ashift = "12";
autotrim = "on";
};
rootFsOptions = {
acltype = "posixacl";
xattr = "sa";
dnodesize = "auto";
compression = "zstd";
normalization = "formD";
relatime = "on";
canmount = "off";
"com.sun:auto-snapshot" = "false";
};
datasets = {
# Ephemeral root (rolls back to blank on boot)
"root" = {
type = "zfs_fs";
mountpoint = "/";
options.mountpoint = "legacy";
postCreateHook = "zfs snapshot zroot/root@blank";
};
# Nix store
"nix" = {
type = "zfs_fs";
mountpoint = "/nix";
options.mountpoint = "legacy";
options."com.sun:auto-snapshot" = "false";
};
# Persistent data
"persist" = {
type = "zfs_fs";
mountpoint = "/persist";
options.mountpoint = "legacy";
};
# Home directories
"home" = {
type = "zfs_fs";
mountpoint = "/home";
options.mountpoint = "legacy";
};
};
};
};
};
}

View file

@ -1,23 +0,0 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp42s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}