thoth.ptnote.dev / nixos-config
the configuration for all my nixos machines (hacky! bad! ugly!)
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

migration to unstable, lots of improvements (it's still bad though)

Joshua Barrett 8cf42487 c0ff7416

+128 -126
+11
all.nix
··· 1 + # Configuration options I want set on every system. 2 + { config, pkgs, lib, ... }: 3 + { 4 + nix = { 5 + settings.experimental-features = ["nix-command" "flakes"]; 6 + gc = { 7 + automatic = true; 8 + dates = "monthly"; 9 + }; 10 + }; 11 + }
+8 -4
dt-common.nix
··· 2 2 # environment. 3 3 { config, pkgs, lib, ... }: 4 4 { 5 - nix.settings.experimental-features = ["nix-command" "flakes"]; 6 5 networking.networkmanager.enable = true; 7 6 8 7 virtualisation = { ··· 12 11 }; 13 12 }; 14 13 14 + # this allows for rootless container runtimes to set resource limits. Still 15 + # not using this yet because there are some kinks with rootless runtimes, but 16 + # hopefully I will eventually. 15 17 systemd.services."user@".serviceConfig.Delegate="cpu cpuset io memory pids"; 16 18 17 19 systemd.packages = [( ··· 56 58 services.xserver.xkb = { 57 59 layout = "us"; 58 60 variant = ""; 61 + options = "ctrl:swapcaps,compose:ralt"; 59 62 }; 60 - 63 + console.useXkbConfig = true; 64 + 61 65 # Enable CUPS to print documents. 62 66 services.printing.enable = true; 63 67 ··· 125 129 rustup 126 130 pkg-config 127 131 passt 128 - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. 129 - # wget 132 + # vim # Do not forget to add an editor to edit configuration.nix! The Nano 133 + # editor is also installed by default. wget 130 134 ]; 131 135 networking.nftables.enable = true; 132 136 networking.firewall = {
+21 -4
flake.lock
··· 22 22 }, 23 23 "nixpkgs": { 24 24 "locked": { 25 - "lastModified": 1771574726, 26 - "narHash": "sha256-D1PA3xQv/s4W3lnR9yJFSld8UOLr0a/cBWMQMXS+1Qg=", 25 + "lastModified": 1772963539, 26 + "narHash": "sha256-9jVDGZnvCckTGdYT53d/EfznygLskyLQXYwJLKMPsZs=", 27 + "owner": "NixOS", 28 + "repo": "nixpkgs", 29 + "rev": "9dcb002ca1690658be4a04645215baea8b95f31d", 30 + "type": "github" 31 + }, 32 + "original": { 33 + "owner": "NixOS", 34 + "ref": "nixos-unstable", 35 + "repo": "nixpkgs", 36 + "type": "github" 37 + } 38 + }, 39 + "nixpkgs-stable": { 40 + "locked": { 41 + "lastModified": 1773068389, 42 + "narHash": "sha256-vMrm7Pk2hjBRPnCSjhq1pH0bg350Z+pXhqZ9ICiqqCs=", 27 43 "owner": "NixOS", 28 44 "repo": "nixpkgs", 29 - "rev": "c217913993d6c6f6805c3b1a3bda5e639adfde6d", 45 + "rev": "44bae273f9f82d480273bab26f5c50de3724f52f", 30 46 "type": "github" 31 47 }, 32 48 "original": { ··· 39 55 "root": { 40 56 "inputs": { 41 57 "home-manager": "home-manager", 42 - "nixpkgs": "nixpkgs" 58 + "nixpkgs": "nixpkgs", 59 + "nixpkgs-stable": "nixpkgs-stable" 43 60 } 44 61 } 45 62 },
+15 -8
flake.nix
··· 1 1 { 2 2 inputs = { 3 - nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; 3 + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; 4 + nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.11"; 4 5 home-manager = { 5 6 url = "github:nix-community/home-manager"; 6 7 inputs.nixpkgs.follows = "nixpkgs"; 7 8 }; 8 9 }; 9 10 10 - outputs = {self, home-manager, nixpkgs, ...}: 11 + outputs = {self, home-manager, nixpkgs, nixpkgs-stable, ...}: 11 12 { 12 13 #TODO put home-manager in dtcommon 13 14 nixosConfigurations.prospero = nixpkgs.lib.nixosSystem { 14 15 system = "x86_64-linux"; 15 - modules = [ home-manager.nixosModules.home-manager 16 - ./dt-common.nix 17 - ./prospero/configuration.nix ]; 16 + modules = [ 17 + ./all.nix 18 + home-manager.nixosModules.home-manager 19 + ./dt-common.nix 20 + ./prospero/configuration.nix 21 + ]; 18 22 }; 19 23 nixosConfigurations.uruk = nixpkgs.lib.nixosSystem { 20 24 system = "x86_64-linux"; 21 - modules = [ home-manager.nixosModules.home-manager 22 - ./dt-common.nix 23 - ./uruk/configuration.nix ]; 25 + modules = [ 26 + ./all.nix 27 + home-manager.nixosModules.home-manager 28 + ./dt-common.nix 29 + ./uruk/configuration.nix 30 + ]; 24 31 }; 25 32 }; 26 33 }
-1
home-manager/.#default.nix
··· 1 - joshua@prospero.1084246:1771686841
+2 -2
home-manager/home.nix
··· 32 32 tilt 33 33 # # It is sometimes useful to fine-tune packages, for example, by applying 34 34 # # overrides. You can do that directly here, just don't forget the 35 - # # parentheses. Maybe you want to install Nerd Fonts with a limited number of 36 - # # fonts? 35 + # # parentheses. Maybe you want to install Nerd Fonts with a limited number 36 + # # of fonts? 37 37 # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) 38 38 39 39 # # You can also create simple shell scripts directly inside your
+62
modules/zfs.nix
··· 1 + { 2 + lib, 3 + pkgs, 4 + config, 5 + ... 6 + }: let 7 + cfg = config.profiles.zfs; 8 + in 9 + with lib; { 10 + options.profiles.zfs = { 11 + enable = mkEnableOption "ZFS profile"; 12 + }; 13 + 14 + config = mkIf cfg.enable ( 15 + let 16 + isUnstable = config.boot.zfs.package == pkgs.zfs_unstable; 17 + zfsCompatibleKernelPackages = 18 + lib.filterAttrs 19 + ( 20 + name: kernelPackages: 21 + (builtins.match "linux_[0-9]+_[0-9]+" name) 22 + != null 23 + && (builtins.tryEval kernelPackages).success 24 + && ( 25 + (!isUnstable && 26 + !kernelPackages.${pkgs.zfs.kernelModuleAttribute}.meta.broken) 27 + || (isUnstable && !kernelPackages.zfs_unstable.meta.broken) 28 + ) 29 + ) 30 + pkgs.linuxKernel.packages; 31 + latestZfsKernel = lib.last ( 32 + lib.sort 33 + (a: b: (lib.versionOlder a.kernel.version b.kernel.version)) ( 34 + builtins.attrValues zfsCompatibleKernelPackages 35 + ) 36 + ); 37 + in { 38 + boot = { 39 + # Note this might jump back and worth as kernel get added or removed. 40 + kernelPackages = latestZfsKernel; 41 + supportedFilesystems = ["zfs"]; 42 + zfs.devNodes = "/dev/disk/by-id"; 43 + }; 44 + 45 + # ZFS configuration 46 + services.zfs = { 47 + # Enable TRIM 48 + trim.enable = mkDefault true; 49 + # Enable automatic scrubbing and snapshotting. 50 + autoScrub.enable = mkDefault true; 51 + autoSnapshot = { 52 + enable = mkDefault true; 53 + frequent = mkDefault 4; 54 + daily = mkDefault 3; 55 + weekly = mkDefault 2; 56 + monthly = mkDefault 2; 57 + }; 58 + zed.enableMail = false; 59 + }; 60 + } 61 + ); 62 + }
+5 -95
uruk/configuration.nix
··· 8 8 imports = 9 9 [ # Include the results of the hardware scan. 10 10 ./hardware-configuration.nix 11 + ../modules/zfs.nix 11 12 ]; 12 13 13 14 # Use the systemd-boot EFI boot loader. 14 15 boot.loader.systemd-boot.enable = true; 15 16 boot.loader.efi.canTouchEfiVariables = true; 17 + hardware.amdgpu.initrd.enable = true; 18 + hardware.bluetooth.enable = true; 19 + profiles.zfs.enable = true; 16 20 networking.hostId = "5398fbbf"; 17 21 networking.hostName = "uruk"; # Define your hostname. 18 - 19 - # Configure network connections interactively with nmcli or nmtui. 20 - 21 - # Set your time zone. 22 - # time.timeZone = "Europe/Amsterdam"; 23 - 24 - # Configure network proxy if necessary 25 - # networking.proxy.default = "http://user:password@proxy:port/"; 26 - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; 27 - 28 - # Select internationalisation properties. 29 - # i18n.defaultLocale = "en_US.UTF-8"; 30 - #console = { 31 - # font = "Lat2-Terminus16"; 32 - # keyMap = "us"; 33 - # useXkbConfig = true; # use xkb.options in tty. 34 - #}; 35 - 36 - # Configure keymap in X11 37 - # services.xserver.xkb.layout = "us"; 38 - # services.xserver.xkb.options = "eurosign:e,caps:escape"; 39 - 40 - # Enable CUPS to print documents. 41 - # services.printing.enable = true; 42 - 43 - # Enable sound. 44 - # services.pulseaudio.enable = true; 45 - # OR 46 - # services.pipewire = { 47 - # enable = true; 48 - # pulse.enable = true; 49 - # }; 50 - 51 - # Enable touchpad support (enabled default in most desktopManager). 52 - # services.libinput.enable = true; 53 - 54 - # Define a user account. Don't forget to set a password with ‘passwd’. 55 - # users.users.alice = { 56 - # isNormalUser = true; 57 - # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. 58 - # packages = with pkgs; [ 59 - # tree 60 - # ]; 61 - # }; 62 - 63 - # programs.firefox.enable = true; 64 - 65 - # List packages installed in system profile. 66 - # You can use https://search.nixos.org/ to find more packages (and options). 67 - # environment.systemPackages = with pkgs; [ 68 - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. 69 - # wget 70 - # ]; 71 - 72 - # Some programs need SUID wrappers, can be configured further or are 73 - # started in user sessions. 74 - # programs.mtr.enable = true; 75 - # programs.gnupg.agent = { 76 - # enable = true; 77 - # enableSSHSupport = true; 78 - # }; 79 - 80 - # List services that you want to enable: 81 - 82 - # Enable the OpenSSH daemon. 83 - # services.openssh.enable = true; 84 - 85 - # Open ports in the firewall. 86 - # networking.firewall.allowedTCPPorts = [ ... ]; 87 - # networking.firewall.allowedUDPPorts = [ ... ]; 88 - # Or disable the firewall altogether. 89 - # networking.firewall.enable = false; 90 - 91 - # Copy the NixOS configuration file and link it from the resulting system 92 - # (/run/current-system/configuration.nix). This is useful in case you 93 - # accidentally delete configuration.nix. 94 - # system.copySystemConfiguration = true; 95 - 96 - # This option defines the first version of NixOS you have installed on this particular machine, 97 - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. 98 - # 99 - # Most users should NEVER change this value after the initial install, for any reason, 100 - # even if you've upgraded your system to a new NixOS release. 101 - # 102 - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, 103 - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how 104 - # to actually do that. 105 - # 106 - # This value being lower than the current NixOS release does NOT mean your system is 107 - # out of date, out of support, or vulnerable. 108 - # 109 - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, 110 - # and migrated your data accordingly. 111 - # 112 - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . 22 + services.openssh.enable = true; 113 23 system.stateVersion = "25.11"; # Did you read the comment? 114 24 115 25 }
+4 -12
uruk/hardware-configuration.nix
··· 8 8 [ (modulesPath + "/installer/scan/not-detected.nix") 9 9 ]; 10 10 11 - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; 11 + boot.initrd.availableKernelModules = 12 + [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; 12 13 boot.initrd.kernelModules = [ ]; 13 14 boot.kernelModules = [ "kvm-amd" ]; 14 15 boot.extraModulePackages = [ ]; ··· 27 28 fsType = "zfs"; 28 29 }; 29 30 30 - fileSystems."/var" = 31 - { device = "zpool/var"; 32 - fsType = "zfs"; 33 - }; 34 - 35 - fileSystems."/home" = 36 - { device = "zpool/home"; 37 - fsType = "zfs"; 38 - }; 39 - 40 31 swapDevices = [{ 41 32 device = "/dev/disk/by-id/nvme-INTEL_SSDPEKNW010T9_BTNR014314861P0B-part3"; 42 33 randomEncryption = true; ··· 47 38 }]; 48 39 49 40 nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 50 - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 41 + hardware.cpu.amd.updateMicrocode = lib.mkDefault 42 + config.hardware.enableRedistributableFirmware; 51 43 }