ngp.computer / nixos
Configuration for my NixOS based systems and Home Manager
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Splits stuff up

Noah Pederson 716c4450 17cfa46c

+207 -185
+6
boot.nix
··· 1 + { ... }: 2 + { 3 + # Use the systemd-boot EFI boot loader. 4 + boot.loader.systemd-boot.enable = true; 5 + boot.loader.efi.canTouchEfiVariables = true; 6 + }
+7 -185
configuration.nix
··· 8 8 imports = 9 9 [ # Include the results of the hardware scan. 10 10 ./hardware-configuration.nix 11 + ./boot.nix 12 + ./networking.nix 13 + ./gui.nix 14 + ./users.nix 15 + ./packages.nix 16 + ./services.nix 17 + # TOOD: check if we need this here still, it's imported in users.nix 11 18 <home-manager/nixos> 12 19 ]; 13 20 14 - 15 - # Use the systemd-boot EFI boot loader. 16 - boot.loader.systemd-boot.enable = true; 17 - boot.loader.efi.canTouchEfiVariables = true; 18 - 19 - # networking.hostName = "nixos"; # Define your hostname. 20 - # Pick only one of the below networking options. 21 - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. 22 - # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. 23 - 24 21 # Set your time zone. 25 22 time.timeZone = "America/Chicago"; 26 23 27 - # Configure network proxy if necessary 28 - # networking.proxy.default = "http://user:password@proxy:port/"; 29 - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 30 - 31 24 # Select internationalisation properties. 32 25 i18n.defaultLocale = "en_US.UTF-8"; 33 26 # console = { ··· 36 29 # useXkbConfig = true; # use xkb.options in tty. 37 30 # }; 38 31 39 - # Networking 40 - 41 - networking.hostName = "odin"; 42 - # I like systemd-networkd 43 - systemd.network.enable = true; 44 - systemd.network.networks."50-wlp2s0" = { 45 - matchConfig.name = "wlp2s0"; 46 - networkConfig.DHCP = "yes"; 47 - linkConfig.RequiredForOnline = "no"; 48 - }; 49 - networking.useNetworkd = true; 50 - # TODO: static IP @ 192.168.1.2 51 - 52 - # Enable the X11 windowing system. 53 - services.xserver.enable = true; 54 - 55 - 56 - 57 - 58 - # Configure keymap in X11 59 - # services.xserver.xkb.layout = "us"; 60 - # services.xserver.xkb.options = "eurosign:e,caps:escape"; 61 - 62 - # Enable CUPS to print documents. 63 - # services.printing.enable = true; 64 - 65 - # Enable sound. 66 - security.rtkit.enable = true; 67 - services.pipewire = { 68 - enable = true; 69 - alsa.enable = true; 70 - pulse.enable = true; 71 - }; 72 - 73 - # Graphics and parallel compute configuration 74 - hardware.opengl.extraPackages = [ 75 - # TODO: figure out why this doesn't work 76 - # Looks like it requires unfree 77 - # rocmPackages.clr.icd 78 - pkgs.amdvlk 79 - pkgs.libva 80 - ]; 81 - 82 - # Enable touchpad support (enabled default in most desktopManager). 83 - # services.xserver.libinput.enable = true; 84 - 85 - # Define a user account. Don't forget to set a password with ‘passwd’. 86 - users.users.noah = { 87 - isNormalUser = true; 88 - shell = pkgs.fish; 89 - extraGroups = [ "wheel" "video" ]; # Enable ‘sudo’ for the user. 90 - hashedPasswordFile = "/etc/nixos/noah-password"; 91 - openssh.authorizedKeys.keys = [ 92 - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnp/AcaPipgw4+HnqpYioG+DgheOWBYDOnVkXi42PC0R1FMc+bm4wVP8TA9DAWczaWmllqlA8N2/LSleaqp+46r980VgqmeYEem5aHJuR+Cq/Mg2Z2wcp9VT8njH72wIPIUOXAv+dnPnCe4yvoasgvhwZZCDE4BFTIImuTxrEFPg5ayvkr7b/mUg9LbxaVSjK7fk082pqlShizIKAVcgIIa0lCFSMUs1V/eLi5D11moVcxJU/QoEBh+6Qn5BVM0taPFA4Gbi+288LobQ8RcgRBXKpP03Dt+onYuZQ3KzFjd6USi/d4M+pByrWFcpBJfMXuXJLuwsSF7SfxsuqjjlDt Portable" 93 - ]; 94 - }; 95 - # I manage my home with home-manager 96 - # Don't store packages in ~/.nix-profile, use /etc/profiles so we can build-vm 97 - home-manager.useUserPackages = true; 98 - # No more NIX_PATH, use system pkgs 99 - home-manager.useGlobalPkgs = true; 100 - 101 - home-manager.users.noah = import ./noah-home.nix ; 102 - 103 - # List packages installed in system profile. To search, run: 104 - # $ nix search wget 105 - environment.systemPackages = with pkgs; [ 106 - neovim 107 - pkgs.appimage-run 108 - wget 109 - kitty 110 - w3m 111 - fishPlugins.fzf-fish 112 - fzf 113 - qemu 114 - OVMF 115 - ]; 116 - 117 - # Fonts 118 - fonts.packages = with pkgs; [ 119 - fira-code 120 - fira-code-symbols 121 - noto-fonts 122 - noto-fonts-cjk 123 - noto-fonts-emoji 124 - noto-fonts-extra 125 - (nerdfonts.override { fonts = ["FiraCode"]; }) 126 - ]; 127 - 128 - # Fix dynamically linked libraries for unpackaged binaries 129 - programs.nix-ld = { 130 - enable = true; 131 - libraries = with pkgs; [ 132 - # Add missing dynamic libraries for unpackaged programs HERE 133 - # NOT in environment.systemPackages 134 - zlib 135 - ]; 136 - }; 137 - 138 - # Some programs need SUID wrappers, can be configured further or are 139 - # started in user sessions. 140 - # programs.mtr.enable = true; 141 - programs.gnupg.agent = { 142 - enable = true; 143 - enableSSHSupport = true; 144 - }; 145 - 146 - # Fish shell, the best 147 - programs.fish.enable = true; 148 - 149 - # List services that you want to enable: 150 - 151 - # Enable the OpenSSH daemon. 152 - services.openssh.enable = true; 153 - 154 - # Open ports in the firewall. 155 - # networking.firewall.allowedTCPPorts = [ ... ]; 156 - # networking.firewall.allowedUDPPorts = [ ... ]; 157 - # Or disable the firewall altogether. 158 - # TODO: allow some ports 159 - networking.firewall.enable = true; 160 - 161 - services.avahi = { 162 - enable = true; 163 - publish = { 164 - enable = true; 165 - addresses = true; 166 - workstation = true; 167 - }; 168 - }; 169 - 170 32 # Copy the NixOS configuration file and link it from the resulting system 171 33 # (/run/current-system/configuration.nix). This is useful in case you 172 34 # accidentally delete configuration.nix. 173 35 system.copySystemConfiguration = true; 174 36 175 - # This option is for enabling the bolt daemon for managing Thunderbolt/USB4 Devices. 176 - services.hardware.bolt.enable = true; 177 - 178 - # Polkit is a dependency of Sway. It's responsible for handling security policies 179 - security.polkit.enable = true; 180 - 181 - # Enable the sway window manager 182 - programs.sway = { 183 - enable = true; 184 - wrapperFeatures.gtk = true; 185 - }; 186 - # Use greetd as the displaymanager 187 - #services.xserver.displayManager.greetd.enable = true; 188 - services.xserver.displayManager.lightdm.enable = false; 189 - xdg.portal = { 190 - enable = true; 191 - wlr.enable = true; 192 - extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; 193 - }; 194 - 195 37 # Automatic doc cache generation 196 38 documentation.man.generateCaches = true; 197 39 198 - # Declarative only optoins. 199 - # I don't want to allow ad-hoc modifying users on the system. 200 - # Users must be declared either as part of a package or in this file. 201 - users.mutableUsers = false; 202 - 203 - 204 40 # Automatic system upgrades 205 41 system.autoUpgrade = { 206 42 enable = true; ··· 208 44 randomizedDelaySec = "45min"; 209 45 }; 210 46 211 - # Unfree packages need to be whitelisted here 212 - 213 - nixpkgs.config.allowUnfreePredicate = pkg: 214 - builtins.elem (lib.getName pkg) [ 215 - "discord" 216 - "spotify" 217 - "obsidian" 218 - "tailscale" 219 - "rust-rover" 220 - ]; 221 - # Logseq uses an ancient version of Electron, so we enable that 222 - nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; 223 - 224 47 # This option defines the first version of NixOS you have installed on this particular machine, 225 48 # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. 226 49 # ··· 240 63 system.stateVersion = "23.11"; # Did you read the comment? 241 64 242 65 } 243 -
+61
gui.nix
··· 1 + { pkgs, ... }: 2 + { 3 + # Enable the X11 windowing system. 4 + services.xserver.enable = true; 5 + 6 + # Configure keymap in X11 7 + # services.xserver.xkb.layout = "us"; 8 + # services.xserver.xkb.options = "eurosign:e,caps:escape"; 9 + 10 + # Enable CUPS to print documents. 11 + # services.printing.enable = true; 12 + 13 + # Enable sound. 14 + security.rtkit.enable = true; 15 + services.pipewire = { 16 + enable = true; 17 + alsa.enable = true; 18 + pulse.enable = true; 19 + }; 20 + 21 + # Graphics and parallel compute configuration 22 + hardware.opengl.extraPackages = [ 23 + # TODO: figure out why this doesn't work 24 + # Looks like it requires unfree 25 + # rocmPackages.clr.icd 26 + pkgs.amdvlk 27 + pkgs.libva 28 + ]; 29 + 30 + # Enable touchpad support (enabled default in most desktopManager). 31 + # services.xserver.libinput.enable = true; 32 + 33 + # Fonts 34 + fonts.packages = with pkgs; [ 35 + fira-code 36 + fira-code-symbols 37 + noto-fonts 38 + noto-fonts-cjk 39 + noto-fonts-emoji 40 + noto-fonts-extra 41 + (nerdfonts.override { fonts = ["FiraCode"]; }) 42 + ]; 43 + 44 + # Polkit is a dependency of Sway. It's responsible for handling security policies 45 + security.polkit.enable = true; 46 + 47 + # Enable the sway window manager 48 + programs.sway = { 49 + enable = true; 50 + wrapperFeatures.gtk = true; 51 + }; 52 + # Use greetd as the displaymanager 53 + #services.xserver.displayManager.greetd.enable = true; 54 + services.xserver.displayManager.lightdm.enable = false; 55 + xdg.portal = { 56 + enable = true; 57 + wlr.enable = true; 58 + extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; 59 + }; 60 + 61 + }
+22
networking.nix
··· 1 + { ... }: 2 + { 3 + # networking.hostName = "nixos"; # Define your hostname. 4 + # Pick only one of the below networking options. 5 + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. 6 + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. 7 + networking.hostName = "odin"; 8 + # I like systemd-networkd 9 + systemd.network.enable = true; 10 + systemd.network.networks."50-wlp2s0" = { 11 + matchConfig.name = "wlp2s0"; 12 + networkConfig.DHCP = "yes"; 13 + linkConfig.RequiredForOnline = "no"; 14 + }; 15 + networking.useNetworkd = true; 16 + # TODO: static IP @ 192.168.1.2 17 + 18 + # Configure network proxy if necessary 19 + # networking.proxy.default = "http://user:password@proxy:port/"; 20 + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 21 + 22 + }
+29
packages.nix
··· 1 + { pkgs, lib, ... }: 2 + { 3 + # List packages installed in system profile. To search, run: 4 + # $ nix search wget 5 + environment.systemPackages = with pkgs; [ 6 + neovim 7 + appimage-run 8 + wget 9 + kitty 10 + w3m 11 + fishPlugins.fzf-fish 12 + fzf 13 + qemu 14 + OVMF 15 + ]; 16 + 17 + # Unfree packages need to be whitelisted here 18 + nixpkgs.config.allowUnfreePredicate = pkg: 19 + builtins.elem (lib.getName pkg) [ 20 + "discord" 21 + "spotify" 22 + "obsidian" 23 + "tailscale" 24 + "jetbrains-toolbox" 25 + ]; 26 + # Logseq uses an ancient version of Electron, so we enable that 27 + nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; 28 + 29 + }
+50
services.nix
··· 1 + { pkgs, ... }: 2 + { 3 + 4 + # Fix dynamically linked libraries for unpackaged binaries 5 + programs.nix-ld = { 6 + enable = true; 7 + libraries = with pkgs; [ 8 + # Add missing dynamic libraries for unpackaged programs HERE 9 + # NOT in environment.systemPackages 10 + zlib 11 + ]; 12 + }; 13 + 14 + # Some programs need SUID wrappers, can be configured further or are 15 + # started in user sessions. 16 + # programs.mtr.enable = true; 17 + programs.gnupg.agent = { 18 + enable = true; 19 + enableSSHSupport = true; 20 + }; 21 + 22 + # Fish shell, the best 23 + programs.fish.enable = true; 24 + 25 + # List services that you want to enable: 26 + 27 + # Enable the OpenSSH daemon. 28 + services.openssh.enable = true; 29 + 30 + # Open ports in the firewall. 31 + # networking.firewall.allowedTCPPorts = [ ... ]; 32 + # networking.firewall.allowedUDPPorts = [ ... ]; 33 + # Or disable the firewall altogether. 34 + # TODO: allow some ports 35 + networking.firewall.enable = true; 36 + 37 + services.avahi = { 38 + enable = true; 39 + publish = { 40 + enable = true; 41 + addresses = true; 42 + workstation = true; 43 + }; 44 + }; 45 + 46 + # This option is for enabling the bolt daemon for managing Thunderbolt/USB4 Devices. 47 + services.hardware.bolt.enable = true; 48 + 49 + 50 + }
+32
users.nix
··· 1 + { pkgs, ... }: 2 + { 3 + 4 + imports = 5 + [ 6 + <home-manager/nixos> 7 + ]; 8 + 9 + # Declarative only optoins. 10 + # I don't want to allow ad-hoc modifying users on the system. 11 + # Users must be declared either as part of a package or in this file. 12 + users.mutableUsers = false; 13 + 14 + 15 + # Define a user account. Don't forget to set a password with ‘passwd’. 16 + users.users.noah = { 17 + isNormalUser = true; 18 + shell = pkgs.fish; 19 + extraGroups = [ "wheel" "video" ]; # Enable ‘sudo’ for the user. 20 + hashedPasswordFile = "/etc/nixos/noah-password"; 21 + openssh.authorizedKeys.keys = [ 22 + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDnp/AcaPipgw4+HnqpYioG+DgheOWBYDOnVkXi42PC0R1FMc+bm4wVP8TA9DAWczaWmllqlA8N2/LSleaqp+46r980VgqmeYEem5aHJuR+Cq/Mg2Z2wcp9VT8njH72wIPIUOXAv+dnPnCe4yvoasgvhwZZCDE4BFTIImuTxrEFPg5ayvkr7b/mUg9LbxaVSjK7fk082pqlShizIKAVcgIIa0lCFSMUs1V/eLi5D11moVcxJU/QoEBh+6Qn5BVM0taPFA4Gbi+288LobQ8RcgRBXKpP03Dt+onYuZQ3KzFjd6USi/d4M+pByrWFcpBJfMXuXJLuwsSF7SfxsuqjjlDt Portable" 23 + ]; 24 + }; 25 + # I manage my home with home-manager 26 + # Don't store packages in ~/.nix-profile, use /etc/profiles so we can build-vm 27 + home-manager.useUserPackages = true; 28 + # No more NIX_PATH, use system pkgs 29 + home-manager.useGlobalPkgs = true; 30 + 31 + home-manager.users.noah = import ./noah-home.nix ; 32 + }