ngp.computer / nixos
Configuration for my NixOS based systems and Home Manager
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Add odin submodule

Noah Pederson 310e9781 8f93b32e

+323 -47
+43 -43
flake.lock
··· 46 46 "determinate-nixd-aarch64-darwin": { 47 47 "flake": false, 48 48 "locked": { 49 - "narHash": "sha256-g1r0dPwlUi1h96c4BuHzv9M2lWDqRy9bPDW9tRSq35I=", 49 + "narHash": "sha256-uWDS94cAYprGj+AwuT42nuuDDicRLj1S0JwalZGeBRU=", 50 50 "type": "file", 51 - "url": "https://install.determinate.systems/determinate-nixd/tag/v3.13.2/macOS" 51 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/macOS" 52 52 }, 53 53 "original": { 54 54 "type": "file", 55 - "url": "https://install.determinate.systems/determinate-nixd/tag/v3.13.2/macOS" 55 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/macOS" 56 56 } 57 57 }, 58 58 "determinate-nixd-aarch64-linux": { 59 59 "flake": false, 60 60 "locked": { 61 - "narHash": "sha256-xn324irXG/EpUdUfUGFrlJNg23JN2cVArd5LsFPjGKc=", 61 + "narHash": "sha256-uHBcZCh2/Bj5/88TDihupA336tSQDk7s5lVP66IDAX0=", 62 62 "type": "file", 63 - "url": "https://install.determinate.systems/determinate-nixd/tag/v3.13.2/aarch64-linux" 63 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/aarch64-linux" 64 64 }, 65 65 "original": { 66 66 "type": "file", 67 - "url": "https://install.determinate.systems/determinate-nixd/tag/v3.13.2/aarch64-linux" 67 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/aarch64-linux" 68 68 } 69 69 }, 70 70 "determinate-nixd-x86_64-linux": { 71 71 "flake": false, 72 72 "locked": { 73 - "narHash": "sha256-VPM5FOGwEjl56b7Edvg3sduvauPHCyXZ11fN9hcUdTU=", 73 + "narHash": "sha256-y+l05H6GNv/1WcrMztDYem8VBWqjc9gNg4WjeQ1PQxo=", 74 74 "type": "file", 75 - "url": "https://install.determinate.systems/determinate-nixd/tag/v3.13.2/x86_64-linux" 75 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/x86_64-linux" 76 76 }, 77 77 "original": { 78 78 "type": "file", 79 - "url": "https://install.determinate.systems/determinate-nixd/tag/v3.13.2/x86_64-linux" 79 + "url": "https://install.determinate.systems/determinate-nixd/tag/v3.15.1/x86_64-linux" 80 80 } 81 81 }, 82 82 "determinite": { ··· 90 90 ] 91 91 }, 92 92 "locked": { 93 - "lastModified": 1763536872, 94 - "narHash": "sha256-QCYGGghBya+qsY59f1zzgYzxEzz+N9S7YRkVWDIDbgo=", 95 - "rev": "f4e598cbb10021c93f73dd4c0cf01ec791ea53f9", 96 - "revCount": 315, 93 + "lastModified": 1766549083, 94 + "narHash": "sha256-G1Hljg7vIBt8n9cxO382YAZWtZU/mYfQcg3icdNG8RQ=", 95 + "rev": "ba8999fac986e70f52b4cba15047be7bbb7b6346", 96 + "revCount": 318, 97 97 "type": "tarball", 98 - "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.13.2/019a9b01-c0c6-7e1c-959e-98ac5b7675de/source.tar.gz" 98 + "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/determinate/3.15.1/019b4e8a-dc22-75db-aef5-a447efbb1a13/source.tar.gz" 99 99 }, 100 100 "original": { 101 101 "type": "tarball", ··· 137 137 "flake-compat_3": { 138 138 "flake": false, 139 139 "locked": { 140 - "lastModified": 1696426674, 141 - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", 140 + "lastModified": 1761588595, 141 + "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=", 142 142 "owner": "edolstra", 143 143 "repo": "flake-compat", 144 - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", 144 + "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5", 145 145 "type": "github" 146 146 }, 147 147 "original": { ··· 246 246 ] 247 247 }, 248 248 "locked": { 249 - "lastModified": 1764776959, 250 - "narHash": "sha256-d+5CGloq7Lo1u2SkzhF8oiOdUc6Z5emh22nTXUB9CFA=", 249 + "lastModified": 1766553861, 250 + "narHash": "sha256-ZbnG01yA3O8Yr1vUm3+NQ2qk9iRhS5bloAnuXHHy7+c=", 251 251 "owner": "nix-community", 252 252 "repo": "home-manager", 253 - "rev": "e1680d594a9281651cbf7d126941a8c8e2396183", 253 + "rev": "0999ed8f965bbbd991437ad9c5ed3434cecbc30e", 254 254 "type": "github" 255 255 }, 256 256 "original": { ··· 269 269 "nixpkgs-regression": "nixpkgs-regression" 270 270 }, 271 271 "locked": { 272 - "lastModified": 1763534330, 273 - "narHash": "sha256-gTuB2qBdSKCKnZwENTqScs/pPBaZQOv6zZ1KJvV/ohk=", 274 - "rev": "be871f9baf5366a220b5f25634eebab6f452a017", 275 - "revCount": 23278, 272 + "lastModified": 1766546676, 273 + "narHash": "sha256-GsC52VFF9Gi2pgP/haQyPdQoF5Qe2myk1tsPcuJZI28=", 274 + "rev": "51dacdd248e8071cd0243a8245c8c42ac1f33307", 275 + "revCount": 24299, 276 276 "type": "tarball", 277 - "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.13.2/019a9af6-3d7b-71bc-bccd-8b18e147ad77/source.tar.gz" 277 + "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/nix-src/3.15.1/019b4e84-d036-75db-b6c6-6bc2e2035c53/source.tar.gz" 278 278 }, 279 279 "original": { 280 280 "type": "tarball", ··· 287 287 "nixpkgs": "nixpkgs_3" 288 288 }, 289 289 "locked": { 290 - "lastModified": 1765483419, 291 - "narHash": "sha256-w6wznH1lBzlSH3+pWDkE+L6xA0F02drFAzu2E7PD/Jo=", 290 + "lastModified": 1765841014, 291 + "narHash": "sha256-55V0AJ36V5Egh4kMhWtDh117eE3GOjwq5LhwxDn9eHg=", 292 292 "owner": "nix-community", 293 293 "repo": "NixOS-WSL", 294 - "rev": "0c040f28b44b18e0d4240e027096078e34dbb029", 294 + "rev": "be4af8042e7a61fa12fda58fe9a3b3babdefe17b", 295 295 "type": "github" 296 296 }, 297 297 "original": { ··· 351 351 }, 352 352 "nixpkgs-unstable": { 353 353 "locked": { 354 - "lastModified": 1744463964, 355 - "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", 354 + "lastModified": 1766651565, 355 + "narHash": "sha256-QEhk0eXgyIqTpJ/ehZKg9IKS7EtlWxF3N7DXy42zPfU=", 356 356 "owner": "nixos", 357 357 "repo": "nixpkgs", 358 - "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", 358 + "rev": "3e2499d5539c16d0d173ba53552a4ff8547f4539", 359 359 "type": "github" 360 360 }, 361 361 "original": { ··· 381 381 }, 382 382 "nixpkgs_3": { 383 383 "locked": { 384 - "lastModified": 1764950072, 385 - "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", 384 + "lastModified": 1765472234, 385 + "narHash": "sha256-9VvC20PJPsleGMewwcWYKGzDIyjckEz8uWmT0vCDYK0=", 386 386 "owner": "NixOS", 387 387 "repo": "nixpkgs", 388 - "rev": "f61125a668a320878494449750330ca58b78c557", 388 + "rev": "2fbfb1d73d239d2402a8fe03963e37aab15abe8b", 389 389 "type": "github" 390 390 }, 391 391 "original": { ··· 397 397 }, 398 398 "nixpkgs_4": { 399 399 "locked": { 400 - "lastModified": 1764522689, 401 - "narHash": "sha256-SqUuBFjhl/kpDiVaKLQBoD8TLD+/cTUzzgVFoaHrkqY=", 400 + "lastModified": 1766736597, 401 + "narHash": "sha256-BASnpCLodmgiVn0M1MU2Pqyoz0aHwar/0qLkp7CjvSQ=", 402 402 "owner": "nixos", 403 403 "repo": "nixpkgs", 404 - "rev": "8bb5646e0bed5dbd3ab08c7a7cc15b75ab4e1d0f", 404 + "rev": "f560ccec6b1116b22e6ed15f4c510997d99d5852", 405 405 "type": "github" 406 406 }, 407 407 "original": { ··· 413 413 }, 414 414 "nixpkgs_5": { 415 415 "locked": { 416 - "lastModified": 1730768919, 417 - "narHash": "sha256-8AKquNnnSaJRXZxc5YmF/WfmxiHX6MMZZasRP6RRQkE=", 416 + "lastModified": 1764947035, 417 + "narHash": "sha256-EYHSjVM4Ox4lvCXUMiKKs2vETUSL5mx+J2FfutM7T9w=", 418 418 "owner": "NixOS", 419 419 "repo": "nixpkgs", 420 - "rev": "a04d33c0c3f1a59a2c1cb0c6e34cd24500e5a1dc", 420 + "rev": "a672be65651c80d3f592a89b3945466584a22069", 421 421 "type": "github" 422 422 }, 423 423 "original": { ··· 434 434 "nixpkgs": "nixpkgs_5" 435 435 }, 436 436 "locked": { 437 - "lastModified": 1742649964, 438 - "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", 437 + "lastModified": 1765911976, 438 + "narHash": "sha256-t3T/xm8zstHRLx+pIHxVpQTiySbKqcQbK+r+01XVKc0=", 439 439 "owner": "cachix", 440 440 "repo": "git-hooks.nix", 441 - "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", 441 + "rev": "b68b780b69702a090c8bb1b973bab13756cc7a27", 442 442 "type": "github" 443 443 }, 444 444 "original": {
+11
host-specific/odin/default.nix
··· 1 + { ... }: 2 + { 3 + imports = [ 4 + # WSL has no hardware configuration 5 + ./hardware-configuration.nix 6 + ../../users.nix 7 + ./networking.nix 8 + ./packages.nix 9 + ./services.nix 10 + ]; 11 + }
+93
host-specific/odin/hardware-configuration.nix
··· 1 + # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 + # and may be overwritten by future invocations. Please make changes 3 + # to /etc/nixos/configuration.nix instead. 4 + { 5 + config, 6 + lib, 7 + modulesPath, 8 + pkgs, 9 + ... 10 + }: 11 + 12 + { 13 + imports = [ 14 + (modulesPath + "/installer/scan/not-detected.nix") 15 + ]; 16 + 17 + boot.kernelPackages = pkgs.linuxPackages_latest; 18 + boot.initrd.availableKernelModules = [ 19 + "nvme" 20 + "xhci_pci" 21 + "thunderbolt" 22 + "usb_storage" 23 + "usbhid" 24 + "sd_mod" 25 + "sdhci_pci" 26 + ]; 27 + boot.initrd.kernelModules = [ 28 + "kvm-amd" 29 + "amdgpu" 30 + "nvme" 31 + "xhci_pci" 32 + "thunderbolt" 33 + "usb_storage" 34 + "usbhid" 35 + "sd_mod" 36 + "sdhci_pci" 37 + ]; 38 + boot.kernelModules = [ 39 + "kvm-amd" 40 + "amdgpu" 41 + "nvme" 42 + "xhci_pci" 43 + "thunderbolt" 44 + "usb_storage" 45 + "usbhid" 46 + "sd_mod" 47 + "sdhci_pci" 48 + ]; 49 + virtualisation.libvirtd = { 50 + enable = true; 51 + qemu = { 52 + runAsRoot = false; 53 + }; 54 + }; 55 + #boot.extraModulePackages = with config.boot.kernelPackages; [ ]; 56 + boot.kernelParams = [ ]; 57 + 58 + hardware.enableRedistributableFirmware = true; 59 + 60 + fileSystems."/" = { 61 + device = "/dev/disk/by-uuid/07019c69-2597-410d-a8a0-a8ffb0f58883"; 62 + fsType = "ext4"; 63 + }; 64 + 65 + fileSystems."/boot" = { 66 + device = "/dev/disk/by-uuid/4B85-C90A"; 67 + fsType = "vfat"; 68 + }; 69 + 70 + swapDevices = [ 71 + { 72 + device = "/swapfile"; 73 + size = 32 * 1024; 74 + } 75 + ]; 76 + 77 + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 78 + # (the default) this is the recommended approach. When using systemd-networkd it's 79 + # still possible to use this option, but it's recommended to use it in conjunction 80 + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. 81 + networking.useDHCP = lib.mkDefault true; 82 + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; 83 + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; 84 + 85 + nixpkgs.hostPlatform = { 86 + #gcc.arch = "znver2"; 87 + #gcc.tune = "znver2"; 88 + system = "x86_64-linux"; 89 + #gcc.arch = "x86-64-v3"; 90 + }; 91 + #nix.settings.system-features = ["gccarch-znver2" "big-parallel" "nixos-test" "benchmark" "kvm"]; 92 + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 93 + }
+39
host-specific/odin/networking.nix
··· 1 + { ... }: 2 + { 3 + # networking.hostName = "nixos"; # Define your hostname. 4 + # Pick only one of the below networking options. 5 + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. 6 + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. 7 + networking.hostName = "odin"; 8 + # I like systemd-networkd 9 + systemd.network.enable = true; 10 + systemd.network.networks."50-wlp2s0" = { 11 + matchConfig.name = "wlp2s0"; 12 + networkConfig.DHCP = "yes"; 13 + linkConfig.RequiredForOnline = "no"; 14 + }; 15 + networking.useNetworkd = true; 16 + # TODO: static IP @ 192.168.1.2 17 + 18 + # Configure network proxy if necessary 19 + # networking.proxy.default = "http://user:password@proxy:port/"; 20 + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 21 + # Open ports in the firewall. 22 + # networking.firewall.allowedTCPPorts = [ ... ]; 23 + # networking.firewall.allowedUDPPorts = [ ... ]; 24 + # Or disable the firewall altogether. 25 + # TODO: allow some ports 26 + networking.firewall.enable = true; 27 + 28 + services.avahi = { 29 + enable = true; 30 + nssmdns = true; 31 + openFirewall = true; 32 + publish = { 33 + enable = true; 34 + addresses = true; 35 + workstation = true; 36 + }; 37 + }; 38 + 39 + }
+98
host-specific/odin/packages.nix
··· 1 + { pkgs, lib, ... }: 2 + let # bash script to let dbus know about important env variables and 3 + # propagate them to relevent services run at the end of sway config 4 + # see 5 + # https://github.com/emersion/xdg-desktop-portal-wlr/wiki/"It-doesn't-work"-Troubleshooting-Checklist 6 + # note: this is pretty much the same as /etc/sway/config.d/nixos.conf but also restarts 7 + # some user services to make sure they have the correct environment variables 8 + dbus-sway-environment = pkgs.writeTextFile { 9 + name = "dbus-sway-environment"; 10 + destination = "/bin/dbus-sway-environment"; 11 + executable = true; 12 + 13 + text = '' 14 + dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway 15 + systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr 16 + systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr 17 + ''; 18 + }; 19 + 20 + # currently, there is some friction between sway and gtk: 21 + # https://github.com/swaywm/sway/wiki/GTK-3-settings-on-Wayland 22 + # the suggested way to set gtk settings is with gsettings 23 + # for gsettings to work, we need to tell it where the schemas are 24 + # using the XDG_DATA_DIR environment variable 25 + # run at the end of sway config 26 + configure-gtk = pkgs.writeTextFile { 27 + name = "configure-gtk"; 28 + destination = "/bin/configure-gtk"; 29 + executable = true; 30 + text = 31 + let 32 + # TODO: figure out why these bindings exist or where they're used 33 + schema = pkgs.gsettings-desktop-schemas; 34 + datadir = "${schema}/share/gsettings-schemas/${schema.name}"; 35 + in 36 + '' 37 + 6 gnome_schema=org.gnome.desktop.interface 38 + gsettings set $gnome_schema gtk-theme 'Dracula' 39 + ''; 40 + }; 41 + in 42 + { 43 + 44 + # List packages installed in system profile. To search, run: 45 + # $ nix search wget 46 + environment.systemPackages = with pkgs; [ 47 + neovim 48 + appimage-run 49 + wget 50 + kitty 51 + w3m 52 + fishPlugins.fzf-fish 53 + fzf 54 + qemu 55 + OVMF 56 + 57 + # Sway stuff 58 + wdisplays 59 + mako 60 + bemenu 61 + wl-clipboard 62 + slurp 63 + grim 64 + swayidle 65 + swaylock 66 + gnome3.adwaita-icon-theme 67 + dracula-theme 68 + glib 69 + xdg-utils 70 + wayland 71 + configure-gtk 72 + dbus-sway-environment 73 + dbus 74 + ]; 75 + 76 + # Fix dynamically linked libraries for unpackaged binaries 77 + programs.nix-ld = { 78 + enable = true; 79 + libraries = with pkgs; [ 80 + # Add missing dynamic libraries for unpackaged programs HERE 81 + # NOT in environment.systemPackages 82 + zlib 83 + ]; 84 + }; 85 + 86 + # Logseq uses an ancient version of Electron, so we enable that 87 + nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; 88 + 89 + # Whitelist some unfree packages 90 + nixpkgs.config.allowUnfreePredicate = 91 + pkg: 92 + builtins.elem (lib.getName pkg) [ 93 + "discord" 94 + "spotify" 95 + "obsidian" 96 + "tailscale" 97 + ]; 98 + }
+36
host-specific/odin/services.nix
··· 1 + { ... }: 2 + { 3 + # Some programs need SUID wrappers, can be configured further or are 4 + # started in user sessions. 5 + # programs.mtr.enable = true; 6 + programs.gnupg.agent = { 7 + enable = true; 8 + enableSSHSupport = true; 9 + }; 10 + 11 + # Fish shell, the best 12 + programs.fish.enable = true; 13 + 14 + # List services that you want to enable: 15 + 16 + # Enable the OpenSSH daemon. 17 + services.openssh.enable = true; 18 + 19 + # This option is for enabling the bolt daemon for managing Thunderbolt/USB4 Devices. 20 + services.hardware.bolt.enable = true; 21 + 22 + # Tailscale 23 + services.tailscale = { 24 + enable = true; 25 + useRoutingFeatures = "client"; 26 + }; 27 + 28 + # Containers and VMs 29 + virtualisation = { 30 + podman = { 31 + enable = true; 32 + dockerCompat = true; 33 + defaultNetwork.settings.dns_enabled = true; 34 + }; 35 + }; 36 + }
+3 -1
services.nix
··· 1 - { ... }: { 1 + { ... }: 2 + { 3 + 2 4 # Some programs need SUID wrappers, can be configured further or are 3 5 # started in user sessions. 4 6 programs.mtr.enable = true;
-3
users.nix
··· 1 1 { pkgs, lib, ... }: 2 - let 3 - home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz"; 4 - in 5 2 { 6 3 7 4 # Declarative only optoins.