julian/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Add aspi system, use sops

Browse Source
This commit is contained in:
Julian Mutter
2024-06-12 19:29:50 +02:00
parent 061f196afc
commit ff40093b83
9 changed files with 373 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

247
systems/x86_64-linux/aspi/default.nix Normal file
View File

@ -0,0 +1,247 @@
{
# Snowfall Lib provides a customized `lib` instance with access to your flake's library
# as well as the libraries available from your flake's inputs.
lib,
# An instance of `pkgs` with your overlays and packages applied is also available.
pkgs,
# You also have access to your flake's inputs.
inputs,
# Additional metadata is provided by Snowfall Lib.
namespace, # The namespace used for your flake, defaulting to "internal" if not set.
system, # The system architecture for this host (eg. `x86_64-linux`).
target, # The Snowfall Lib target for this system (eg. `x86_64-iso`).
format, # A normalized name for the system target (eg. `iso`).
virtual, # A boolean to determine whether this system is a virtual target using nixos-generators.
systems, # An attribute map of your defined hosts.
# All other arguments come from the system system.
config,
...
}:
{
imports = [ ./hardware-configuration.nix ];
nix.buildMachines = [
{
hostName = "192.168.3.118";
system = "x86_64-linux";
protocol = "ssh";
# if the builder supports building for multiple architectures,
# replace the previous line by, e.g.
# systems = ["x86_64-linux" "aarch64-linux"];
maxJobs = 4;
speedFactor = 3;
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
mandatoryFeatures = [ ];
}
];
nix.distributedBuilds = true;
# optional, useful when the builder has a faster internet connection than yours
nix.extraOptions = " builders-use-substitutes = true\n";
# Bootloader
# Use this for simple nix boot menu, if no dual boot required
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.supportedFilesystems = [
"btrfs"
"ntfs"
"nfs"
"cifs"
];
networking.hostName = "aspi";
networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Set location used by redshift
location.provider = "manual";
location.latitude = 47.92;
location.longitude = 10.12;
modules = {
locales.enable = true;
};
nix.settings.auto-optimise-store = true;
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
# Setup binary caches
nix.settings = {
substituters = [
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
};
# Enable the X11 windowing system.
services.xserver.enable = true;
hardware.opengl.enable = true;
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
# Enable the XFCE Desktop Environment.
services.xserver.displayManager.lightdm.enable = true;
services.xserver.desktopManager = {
xterm.enable = false;
xfce = {
enable = true;
noDesktop = true;
enableXfwm = false;
};
};
services.displayManager.defaultSession = "none+i3";
services.xserver.windowManager.i3.enable = true;
services.xserver.windowManager.i3.package = pkgs.i3-gaps;
# Configure keymap in X11
services.xserver = {
xkb.layout = "de";
xkb.variant = "";
};
# Configure console keymap
console.keyMap = "de";
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# Enable touchpad support (enabled default in most desktopManager).
services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.julian = {
isNormalUser = true;
description = "Julian";
uid = 1000;
group = "julian";
shell = pkgs.fish;
extraGroups = [
"networkmanager"
"wheel"
"docker"
];
};
# home-manager.useGlobalPkgs = true; # make overlays for nixpkgs work for home-manager, not only the system
# home-manager.useUserPackages = true;
programs.fish.enable = true;
programs.nix-ld.enable = true;
users.groups.julian = {
gid = 1000;
};
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = false;
services.syncthing.enable = true;
services.syncthing.user = "julian";
services.syncthing.group = "julian";
services.syncthing.key = config.sops.secrets."aspi/syncthing/key".path;
services.syncthing.cert = config.sops.secrets."aspi/syncthing/cert".path;
# overrideDevices = true; # overrides any devices added or deleted through the WebUI
# overrideFolders = true; # overrides any folders added or deleted through the WebUI
# settings = {
# devices = {
# "device1" = {
# id = "DEVICE-ID-GOES-HERE";
# };
# "device2" = {
# id = "DEVICE-ID-GOES-HERE";
# };
# };
# folders = {
# "Documents" = {
# # Name of folder in Syncthing, also the folder ID
# path = "/home/myusername/Documents"; # Which folder to add to Syncthing
# devices = [
# "device1"
# "device2"
# ]; # Which devices to share the folder with
# };
# "Example" = {
# path = "/home/myusername/Example";
# devices = [ "device1" ];
# ignorePerms = false; # By default, Syncthing doesn't sync file permissions. This line enables it for this folder.
# };
# };
# };
services.redshift.enable = true;
services.flatpak.enable = true;
xdg.portal.enable = true;
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
# services.emacs.enable = true;
# services.gnome.gnome-keyring.enable = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
# Packages needed as root
environment.systemPackages = with pkgs; [
vim
htop
mc
];
virtualisation.docker.enable = true;
virtualisation.virtualbox.host.enable = true;
# virtualisation.virtualbox.host.enableExtensionPack = true;
# virtualisation.virtualbox.guest.enable = true;
# virtualisation.virtualbox.guest.x11 = true;
users.extraGroups.vboxusers.members = [ "julian" ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# ======================== DO NOT CHANGE THIS ========================
system.stateVersion = "24.05";
# ======================== DO NOT CHANGE THIS ========================
}

2
systems/x86_64-linux/kardorf/default.nix
View File

@ -7,6 +7,7 @@
inputs,
config,
pkgs,
systems,
...
}:
{
@ -161,7 +162,6 @@
"wheel"
"docker"
];
packages = with pkgs; [ ]; # Using home-manager instead
};
# home-manager.useGlobalPkgs = true; # make overlays for nixpkgs work for home-manager, not only the system

37
systems/x86_64-linux/kardorf/home.nix
View File

@ -1,37 +0,0 @@
{ config, pkgs, ... }:
{
# Home Manager needs a bit of information about you and the
# paths it should manage.
home.username = "julian";
home.homeDirectory = "/home/julian";
# This value determines the Home Manager release that your
# configuration is compatible with. This helps avoid breakage
# when a new Home Manager release introduces backwards
# incompatible changes.
#
# You can update Home Manager without changing this value. See
# the Home Manager release notes for a list of state version
# changes in each release.
home.stateVersion = "23.05";
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
home.packages = [
# pkgs.cowsay
];
# home.file
# home.sessionVariables
gtk = {
enable = true;
theme.name = "Adwaita-dark";
# theme.package = pkgs.materia-theme;
# cursorTheme.name = "Bibata-Modern-Ice";
# iconTheme.name = "GruvboxPlus";
};
}