===== START FILE: ./flake.nix ===== # flake.nix { description = "NixOS configuration"; inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable/"; nixos-hardware.url = "github:NixOS/nixos-hardware/"; disko.url = "github:nix-community/disko"; disko.inputs.nixpkgs.follows = "nixpkgs"; home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; impermanence.url = "github:nix-community/impermanence"; }; outputs = { self, nixpkgs, home-manager, impermanence, disko, ... } @ inputs: let system = "x86_64-linux"; username = "xory"; opentrack-overlay = import ./overlays/opentrack.nix; mkNixosHost = hostName: nixpkgs.lib.nixosSystem { inherit system; specialArgs = { inherit inputs; }; modules = [ { nixpkgs.overlays = [ opentrack-overlay ]; } disko.nixosModules.disko impermanence.nixosModules.impermanence ./configuration.nix ./hosts/${hostName}/config.nix home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.extraSpecialArgs = { inherit inputs; }; # Imports the common home.nix from root home-manager.users.${username} = import ./home.nix; } ]; }; in { nixosConfigurations = nixpkgs.lib.mapAttrs' (name: value: { name = name; value = mkNixosHost name; }) (nixpkgs.lib.filterAttrs (name: value: value == "directory") (builtins.readDir ./hosts)); }; } ===== END FILE: ./flake.nix ===== ===== START FILE: ./home.nix ===== { config, pkgs, ... }: { home.username = "xory"; home.homeDirectory = "/home/xory"; home.packages = with pkgs; [ neovim fastfetch git cava kdePackages.qtwebsockets (python313.withPackages (python-pkgs: [ python313Packages.websockets python313Packages.requests # basic python test env ])) simplex-chat-desktop qbittorrent ffmpeg yt-dlp prismlauncher keepassxc (wrapOBS { plugins = with pkgs.obs-studio-plugins; [ obs-vaapi obs-gstreamer obs-vkcapture wlrobs obs-pipewire-audio-capture ]; }) mpv kdePackages.kdenlive gimp inkscape krita distrobox screen arduino-ide (lutris.override { extraLibraries = pkgs: [ wineWowPackages.stable winetricks ]; }) libadwaita # fucking winetricks zenity woeusb-ng ntfs3g hyprpaper hyprsunset grim slurp input-leap viber hyprpolkitagent pulsemixer feh opentrack aitrack progress croc libarchive ]; home.file = { ".config/nvim/init.lua" = { enable = true; source = ./config/nvim/init.lua; }; ".config/hypr" = { enable = true; recursive = true; source = ./config/hypr; }; ".config/waybar" = { enable = true; recursive = true; source = ./config/waybar; }; ".config/wofi" = { enable = true; recursive = true; source = ./config/wofi; }; }; programs.zsh = { enable = true; enableCompletion = true; shellAliases = { "rebuild" = "sudo nixos-rebuild switch --flake ~/dots"; }; syntaxHighlighting.enable = true; }; programs.starship.enable = true; programs.kitty = { enable = true; themeFile = "Catppuccin-Mocha"; font = { name = "Inconsolata Nerd Font"; package = pkgs.nerd-fonts.inconsolata; }; settings.background_opacity = 0.8; }; # TODO: Fix up Neovim # programs.vscode = { # enable = true; # extensions = with pkgs.vscode-extensions; [ # catppuccin.catppuccin-vsc # catppuccin.catppuccin-vsc-icons # dbaeumer.vscode-eslint # rust-lang.rust-analyzer # ms-python.python # biomejs.biome # ]; # }; wayland.windowManager.hyprland.enable = true; programs.waybar.enable = true; programs.wofi.enable = true; services.dunst.enable = true; home.stateVersion = "25.05"; } ===== END FILE: ./home.nix ===== ===== START FILE: ./hosts/voidspear/hardware/hardware-configuration.nix ===== # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. { config, lib, pkgs, modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; # networking.interfaces.enp42s0.useDHCP = lib.mkDefault true; # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } ===== END FILE: ./hosts/voidspear/hardware/hardware-configuration.nix ===== ===== START FILE: ./hosts/voidspear/hardware/disko.nix ===== { disko.devices = { disk = { main = { type = "disk"; device = "/dev/nvme0n1"; content = { type = "gpt"; partitions = { ESP = { size = "512M"; type = "EF00"; content = { type = "filesystem"; format = "vfat"; mountpoint = "/boot"; mountOptions = [ "umask=0077" ]; }; }; luks = { size = "100%"; content = { type = "luks"; name = "crypted"; # Critical for Samsung NVMe longevity/performance settings.allowDiscards = true; content = { type = "zfs"; pool = "zroot"; }; }; }; }; }; }; }; zpool = { zroot = { type = "zpool"; options = { ashift = "12"; autotrim = "on"; }; rootFsOptions = { acltype = "posixacl"; xattr = "sa"; dnodesize = "auto"; compression = "zstd"; normalization = "formD"; relatime = "on"; canmount = "off"; "com.sun:auto-snapshot" = "false"; }; datasets = { # Ephemeral root (rolls back to blank on boot) "root" = { type = "zfs_fs"; mountpoint = "/"; options.mountpoint = "legacy"; postCreateHook = "zfs snapshot zroot/root@blank"; }; # Nix store "nix" = { type = "zfs_fs"; mountpoint = "/nix"; options.mountpoint = "legacy"; options."com.sun:auto-snapshot" = "false"; }; # Persistent data "persist" = { type = "zfs_fs"; mountpoint = "/persist"; options.mountpoint = "legacy"; }; # Home directories "home" = { type = "zfs_fs"; mountpoint = "/home"; options.mountpoint = "legacy"; }; }; }; }; }; } ===== END FILE: ./hosts/voidspear/hardware/disko.nix ===== ===== START FILE: ./hosts/voidspear/config.nix ===== { config, pkgs, lib, inputs, ... }: { imports = [ ./hardware/hardware-configuration.nix ./hardware/disko.nix ]; networking.hostName = "voidspear"; networking.hostID = "ec82a76e"; # nVidia drivers. hardware.graphics.extraPackages = with pkgs; [ libvdpau-va-gl ]; services.xserver.videoDrivers = [ "nvidia"]; hardware.nvidia = { modesetting.enable = true; powerManagement.enable = false; open = false; nvidiaSettings = true; package = config.boot.kernelPackages.nvidiaPackages.stable; }; boot.blacklistedKernelModules = [ "nouveau" ]; services.ollama.acceleration = "cuda"; } ===== END FILE: ./hosts/voidspear/config.nix ===== ===== START FILE: ./hosts/nullstar/hardware/hardware-configuration.nix ===== # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. { config, lib, pkgs, modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; # networking.interfaces.enp42s0.useDHCP = lib.mkDefault true; # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } ===== END FILE: ./hosts/nullstar/hardware/hardware-configuration.nix ===== ===== START FILE: ./hosts/nullstar/hardware/disko.nix ===== { disko.devices = { disk = { main = { type = "disk"; device = "/dev/nvme0n1"; content = { type = "gpt"; partitions = { ESP = { size = "512M"; type = "EF00"; content = { type = "filesystem"; format = "vfat"; mountpoint = "/boot"; mountOptions = [ "umask=0077" ]; }; }; luks = { size = "100%"; content = { type = "luks"; name = "crypted"; # Disable this if you do not want to allow TRIM requests to pass through LUKS # (Security vs SSD longevity trade-off) settings.allowDiscards = true; # Uncomment if you want to use a keyfile during install: # settings.keyFile = "/tmp/secret.key"; content = { type = "zfs"; pool = "zroot"; }; }; }; }; }; }; }; zpool = { zroot = { type = "zpool"; options = { ashift = "12"; autotrim = "on"; }; rootFsOptions = { acltype = "posixacl"; xattr = "sa"; dnodesize = "auto"; compression = "zstd"; normalization = "formD"; relatime = "on"; canmount = "off"; # Prevent auto-snapshotting by default (enable explicitly on datasets that need it) "com.sun:auto-snapshot" = "false"; }; datasets = { # The ephemeral root dataset. # We create a blank snapshot immediately so you can rollback to it on boot. "root" = { type = "zfs_fs"; mountpoint = "/"; options.mountpoint = "legacy"; postCreateHook = "zfs snapshot zroot/root@blank"; }; # The Nix Store (reproducible, doesn't need backing up usually) "nix" = { type = "zfs_fs"; mountpoint = "/nix"; options.mountpoint = "legacy"; options."com.sun:auto-snapshot" = "false"; }; # Persisted state (for impermanence) "persist" = { type = "zfs_fs"; mountpoint = "/persist"; options.mountpoint = "legacy"; # Enable snapshots for data safety if using sanoid/syncoid # options."com.sun:auto-snapshot" = "true"; }; # Home directories "home" = { type = "zfs_fs"; mountpoint = "/home"; options.mountpoint = "legacy"; # options."com.sun:auto-snapshot" = "true"; }; }; }; }; }; } ===== END FILE: ./hosts/nullstar/hardware/disko.nix ===== ===== START FILE: ./hosts/nullstar/config.nix ===== { config, pkgs, lib, inputs, ... }: { imports = [ ./hardware/hardware-configuration.nix ./hardware/disko.nix (inputs.nixos-hardware.nixosModules.framework-16-7040-amd) ]; services.fwupd.enable = true; networking.hostName = "nullstar"; networking.hostID = "322d5212"; # Enable FL16 Input modules hardware.inputmodule.enable = true; hardware.keyboard.qmk.enable = true; hardware.graphics.extraPackages = with pkgs; [ libvdpau-va-gl rocmPackages.clr.icd ]; services.ollama.acceleration = "rocm"; environment.systemPackages = with pkgs; [ framework-tool inputmodule-control ]; } ===== END FILE: ./hosts/nullstar/config.nix ===== ===== START FILE: ./configuration.nix ===== # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, lib, inputs, ... }: { # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.initrd.postDeviceCommands = lib.mkAfter '' zfs rollback -r zroot/root@blank ''; # Use latest kernel. boot.kernelPackages = pkgs.linuxPackages_latest; environment.persistence."/persist" = { enable = true; hideMounts = true; directories = [ "/var/log" "/var/lib/bluetooth" "/var/lib/nixos" "/var/lib/libvirt" "/var/lib/ollama-models" "/var/lib/flatpak" "/var/lib/tailscale" "/etc/NetworkManager/system-connections" ]; files = [ "/etc/machine-id" "/etc/ssh/ssh_host_ed25519_key" "/etc/ssh/ssh_host_rsa" ]; }; # Enable networking networking.networkmanager.enable = true; # Set your time zone. time.timeZone = "Europe/Athens"; # Select internationalisation properties. i18n.defaultLocale = "en_GB.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_GB.UTF-8"; LC_IDENTIFICATION = "en_GB.UTF-8"; LC_MEASUREMENT = "en_GB.UTF-8"; LC_MONETARY = "en_GB.UTF-8"; LC_NAME = "en_GB.UTF-8"; LC_NUMERIC = "en_GB.UTF-8"; LC_PAPER = "en_GB.UTF-8"; LC_TELEPHONE = "en_GB.UTF-8"; LC_TIME = "en_GB.UTF-8"; }; # Define a user account. Don't forget to set a password with ‘passwd’. programs.zsh.enable = true; # home-manager already installs this but nixos complains w/o it users.users.xory = { isNormalUser = true; description = "xory"; extraGroups = [ "networkmanager" "wheel" "docker" "libvirt" "dialout" ]; shell = pkgs.zsh; initialHashedPassword = "redacted"; }; # tailscale services.tailscale.enable = true; # nix-ld programs.nix-ld.enable = true; programs.nix-ld.libraries = with pkgs; [ libGL SDL2 ]; # Firejail # TODO: add this back # Enable the KDE Plasma Desktop Environment. # I keep this enabled even if I main Hyprland because of QT. services.displayManager.sddm.enable = true; services.desktopManager.plasma6.enable = true; services.displayManager.defaultSession = "hyprland"; # Enable Hyprland. programs.hyprland.enable = true; services.flatpak.enable = true; # Enable CUPS to print documents. services.printing.enable = true; services.printing.drivers = [ pkgs.hplip ]; programs.gnupg.agent.enable = true; # Enable sound with pipewire. services.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this #jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; hardware.bluetooth = { enable = true; powerOnBoot = true; settings = { General.Experimental = true; General.FastConnectable = true; Policy.AutoEnable = true; }; }; # AMDGPU stuff hardware.graphics = { enable = true; enable32Bit = true; }; services.ollama.enable = true; services.ollama.models = "/var/lib/ollama-models"; # Enable automatic login for the user. # We temporarily keep this enabled because I plan to switch to LVM on LUKS. services.displayManager.autoLogin.enable = true; services.displayManager.autoLogin.user = "xory"; # Install firefox. programs.firefox.enable = true; # Allow unfree packages nixpkgs.config.allowUnfree = true; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # wget neovim git ]; programs.steam.enable = true; nix.gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 2d"; }; programs.virt-manager.enable = true; virtualisation.libvirtd = { enable = true; qemu = { vhostUserPackages = with pkgs; [ virtiofsd ]; swtpm.enable = true; }; }; virtualisation.spiceUSBRedirection.enable = true; virtualisation.docker.enable = true; services = { syncthing = { enable = true; group = "users"; user = "xory"; }; }; services.openssh.enable = true; # TODO: add key-based auth # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # List services that you want to enable: # Enable the OpenSSH daemon. # services.openssh.enable = true; # Open ports in the firewall. networking.firewall.allowedTCPPorts = [ 8000 8080 25565 ]; networking.firewall.allowedUDPPorts = [ 8000 8080 ]; # Or disable the firewall altogether. # networking.firewall.enable = false; nix.settings.experimental-features = [ "nix-command" "flakes" ]; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "25.05"; # Did you read the comment? } ===== END FILE: ./configuration.nix ===== ===== START FILE: ./overlays/opentrack.nix ===== # ./overlays/opentrack.nix self: super: { opentrack = super.opentrack.overrideAttrs (oldAttrs: { # 1. Add dependencies for building (onnxruntime) and wrapping (makeWrapper) nativeBuildInputs = oldAttrs.nativeBuildInputs or [] ++ [ super.makeWrapper ]; buildInputs = oldAttrs.buildInputs or [] ++ [ self.onnxruntime ]; # 2. Enable the neuralnet tracker feature during compile time cmakeFlags = oldAttrs.cmakeFlags or [] ++ [ "-DSDK_NEURALNET=ON" ]; # 3. After installation, create a wrapper around the main binary postInstall = (oldAttrs.postInstall or "") + '' # Construct the full library path from all runtime dependencies lib_path="${super.lib.makeLibraryPath [ super.qt5.qtbase super.qt5.qtwayland super.opencv self.onnxruntime super.procps super.libevdev ]}" # Construct the full Qt plugin path qt_plugin_path="${super.qt5.qtbase.bin}/lib/qt-${super.qt5.qtbase.version}/plugins:${super.qt5.qtwayland}/lib/qt-${super.qt5.qtwayland.version}/plugins" # Use makeWrapper to prepend the environment variables to the executable # This modifies the binary at $out/bin/opentrack so it ALWAYS runs with this environment wrapProgram $out/bin/opentrack \ --prefix LD_LIBRARY_PATH : "$lib_path" \ --prefix QT_PLUGIN_PATH : "$qt_plugin_path" ''; }); } ===== END FILE: ./overlays/opentrack.nix =====