diff --git a/flake.nix b/flake.nix index d315430..7132fdf 100644 --- a/flake.nix +++ b/flake.nix @@ -92,7 +92,10 @@ permittedInsecurePackages = [ "olm-3.2.16" ]; }; - systems.modules.nixos = with inputs; [ nix-topology.nixosModules.default ]; + systems.modules.nixos = with inputs; [ + nix-topology.nixosModules.default + disko.nixosModules.disko + ]; topology = with inputs; diff --git a/homes/x86_64-linux/julian@pianonix/default.nix b/homes/x86_64-linux/julian@pianonix/default.nix index 1bdadf6..8951c30 100644 --- a/homes/x86_64-linux/julian@pianonix/default.nix +++ b/homes/x86_64-linux/julian@pianonix/default.nix @@ -23,21 +23,26 @@ home.username = "julian"; home.homeDirectory = "/home/julian"; - # DO NOT CHANGE!!! - home.stateVersion = "23.11"; - modules = { + non-nixos.is-nixos = true; + shell = { fish.enable = true; }; + yazi.enable = true; topgrade.enable = true; neovim.enable = true; - alacritty.enable = true; + wezterm.enable = true; nix-helper.enable = true; - }; - home.packages = with pkgs; [ ]; + desktop.enable = true; + fonts.enable = true; + }; # Let Home Manager install and manage itself. programs.home-manager.enable = true; + + # ======================== DO NOT CHANGE THIS ======================== + home.stateVersion = "23.11"; + # ======================== DO NOT CHANGE THIS ======================== } diff --git a/systems/x86_64-linux/pianonix/default.nix b/systems/x86_64-linux/pianonix/default.nix index 29a6a85..9b5f892 100644 --- a/systems/x86_64-linux/pianonix/default.nix +++ b/systems/x86_64-linux/pianonix/default.nix @@ -10,115 +10,73 @@ ... }: { - imports = [ ./hardware-configuration.nix ]; + imports = [ ./disko-config.nix ]; - # Bootloader - # Use this for simple nix boot menu, if no dual boot required - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; + disko.devices.disk.main.device = "/dev/sda"; networking.networkmanager.enable = true; networking.hostName = "pianonix"; # Define your hostname. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Set your time zone. time.timeZone = "Europe/Berlin"; - # Set location used by redshift - location.provider = "manual"; - location.latitude = 47.92; - location.longitude = 10.12; - modules = { + nix-settings.enable = true; + xserver-defaults.enable = true; + keymap.enable = true; + builder.enable = false; + system.boot-efi.enable = true; + sound.enable = true; + locales.enable = true; + pcmanfm.enable = true; + + # i3.enable = true; + # gdm.enable = true; + redshift.enable = true; + + wayland.enable = true; + # hyprland.enable = true; + # tuigreet.enable = true; + + # virtualbox.enable = true; + users-julian.enable = true; + # syncthing.enable = true; + xdg-portal.enable = true; + polkit.enable = true; + keyring.enable = true; }; - nix.settings.auto-optimise-store = true; - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; + users.mutableUsers = false; + users.users.root.hashedPassword = "$y$j9T$mDQgl0GARH9fKg01akW1V0$2E5Z4TVra0RbY.tO2B6rW2YnVtJ6tbzZkJRvGWciSkB"; + # no password + users.users.julian.hashedPassword = "$y$j9T$khuv2ubKt48fkWS754jkL1$/YSqi4mWV9ccfnMAWCF0yumnwZrJ/ddg2TZTuZaDsi8"; - # Setup binary caches - nix.settings = { - substituters = [ - "https://nix-community.cachix.org" - "https://cache.nixos.org/" - ]; - trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; + # Enable the Desktop Environment. + # services.xserver.displayManager.lightdm.enable = true; + services.displayManager.autoLogin = { + enable = true; + user = "julian"; }; - # Enable the X11 windowing system. - services.xserver.enable = true; - hardware.opengl.enable = true; - - nix.gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 30d"; - }; - - # Enable the XFCE Desktop Environment. - services.xserver.displayManager.lightdm.enable = true; services.xserver.desktopManager = { - xterm.enable = false; - xfce = { + # xterm.enable = false; + lxqt = { enable = true; - noDesktop = true; - enableXfwm = false; }; }; + xdg.portal.lxqt.enable = true; - # Configure keymap in X11 - services.xserver = { - xkb.layout = "de"; - xkb.variant = ""; - }; - - # Configure console keymap - console.keyMap = "de"; - - # Enable sound with pipewire. - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { + services.openssh = { enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; + # require public key authentication for better security + settings.PasswordAuthentication = false; + settings.KbdInteractiveAuthentication = false; + settings.PermitRootLogin = "yes"; }; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.julian = { - isNormalUser = true; - description = "Julian"; - uid = 1000; - group = "julian"; - extraGroups = [ - "networkmanager" - "wheel" - "docker" - ]; - packages = with pkgs; [ ]; # Using home-manager instead - }; - users.groups.julian = { - gid = 1000; - }; - - programs.nix-ld.enable = true; - - # List services that you want to enable: - services.openssh.enable = false; - - services.syncthing.enable = true; - services.syncthing.user = "julian"; - services.syncthing.group = "julian"; - - services.redshift.enable = true; - - services.gnome.gnome-keyring.enable = true; + users.users."root".openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDVk/m4ydcYXzHxTWeNw2MlwxKU+JirTVOeHsYR4wdTokwYyNWZ3/zPcU4+XekSRatwJW1LJYrZ1Y5IJkobzgnOvYVI7SXZ1Tbzb1kAcnChSt+Dp/pKdMPZ8yY3PTFZh+R5F3rWFA/YZqTRhh0vuxPIVbLl7zOPExWwYGn9crkZaYZvKHVvgE5660hXo9pxbUKsSs+DIy/AE7gfKiZLusY95nk9T/jZ7Vmhl0UsF0RiDsfxgE664/vEKe8b+82kKCDt5nJVe8THSrjaw4+NUhef6R8UoUO1/Pn4TKq3Gil3Z36wPEPdkw2lYzX+d1EFyaC3hZJedSUfdFliPOejIbNvvhPBBD1wAGxxyuJZB5KLwWN7/efwCgw45buLbVfUuwwug7K7GK84A3yzqClbZKKv8rYdO04UG64A+Taq2LeyxQIDjygTgGk/1j/0Neb1RO0FbjlbTeNMZ54P+u7BTEcikJCsbFeseWDtYzupQtLt96KMbcdRgHy0CTGqFHE+my8= julian@julian-aspi" + ]; # Packages needed as root environment.systemPackages = with pkgs; [ @@ -127,11 +85,19 @@ mc ]; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.11"; # Did you read the comment? + ## Raspberry pi specific config + # Prevent host becoming unreachable on wifi after some time (for raspberry pi) + networking.networkmanager.wifi.powersave = false; + # Enable audio devices on raspberry pi + boot.kernelParams = [ + "snd_bcm2835.enable_hdmi=1" + "snd_bcm2835.enable_headphones=1" + ]; + boot.loader.raspberryPi.firmwareConfig = '' + dtparam=audio=on + ''; + + # ======================== DO NOT CHANGE THIS ======================== + system.stateVersion = "22.11"; + # ======================== DO NOT CHANGE THIS ======================== } diff --git a/systems/x86_64-linux/pianonix/disko-config.nix b/systems/x86_64-linux/pianonix/disko-config.nix new file mode 100644 index 0000000..d68cc85 --- /dev/null +++ b/systems/x86_64-linux/pianonix/disko-config.nix @@ -0,0 +1,41 @@ +# USAGE in your configuration.nix. +# Update devices to match your hardware. +# { +# imports = [ ./disko-config.nix ]; +# disko.devices.disk.main.device = "/dev/sda"; +# } +{ + disko.devices = { + disk = { + main = { + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; # for grub MBR + }; + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +}