diff options
| -rw-r--r-- | flake.nix | 18 | ||||
| -rw-r--r-- | machines/lemptop.nix | 41 | ||||
| -rw-r--r-- | machines/wsl.nix | 12 | ||||
| -rw-r--r-- | profiles/core/configuration.nix | 58 | ||||
| -rw-r--r-- | profiles/core/secrets.nix | 5 | ||||
| -rw-r--r-- | profiles/station/packages.nix | 18 |
6 files changed, 86 insertions, 66 deletions
@@ -42,6 +42,24 @@ ]))); }; + nixosConfigurations.wsl = nixpkgs.lib.nixosSystem { + inherit lib system; + specialArgs = {inherit inputs;}; + modules = [ + ({config, ... }: { + nixpkgs.overlays = with lib; [(composeManyExtensions [ + (import ./overlays/vimPlugins.nix {inherit pkgs;}) + (import ./overlays/suckless.nix {inherit pkgs; home = config.users.users.mike.home;}) + ])]; + }) + ./machines/wsl.nix + ] ++ (attrValues + (attrsets.mergeAttrsList (map modulesIn [ + ./profiles/core + ./profiles/station + ]))); + }; + templates = { default = { path = ./templates/flake; diff --git a/machines/lemptop.nix b/machines/lemptop.nix index 83bc2c9..24cf703 100644 --- a/machines/lemptop.nix +++ b/machines/lemptop.nix @@ -8,9 +8,49 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; + documentation.dev.enable = true; + networking.hostName = "lemptop"; + networking.networkmanager.enable = true; + + programs.slock.enable = true; + services.transmission = { + enable = true; + }; + services.xserver.enable = true; + services.xserver.displayManager.startx.enable = true; + services.xserver.libinput.enable = true; + + services.pcscd.enable = true; + security.pam.services = { + login.u2fAuth = true; + sudo.u2fAuth = true; + }; + services.udev.packages = [ pkgs.yubikey-personalization ]; + services.udev.extraRules = '' + # Yubico Yubikey II + ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0010|0110|0111|0114|0116|0401|0403|0405|0407|0410", \ + ENV{ID_SECURITY_TOKEN}="1" + + KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120|0200|0402|0403|0406|0407|0410", TAG+="uaccess" + ''; + + virtualisation.docker.enable = true; + sound.enable = true; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + hardware.bluetooth.enable = true; + services.blueman.enable = true; + hardware.keyboard.qmk.enable = true; hardware.system76.enableAll = true; services.xserver.videoDrivers = [ "intel" ]; + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; boot.kernelPackages = pkgs.linuxPackages_latest; boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.kernelModules = [ ]; @@ -33,6 +73,7 @@ networking.useDHCP = lib.mkDefault true; # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + system.stateVersion = "23.05"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/machines/wsl.nix b/machines/wsl.nix new file mode 100644 index 0000000..d5ea21c --- /dev/null +++ b/machines/wsl.nix @@ -0,0 +1,12 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + <nixos-wsl/modules> + ]; + + wsl.enable = true; + wsl.defaultUser = "mike"; + system.stateVersion = "23.05"; + virtualisation.docker.enable = true; +} diff --git a/profiles/core/configuration.nix b/profiles/core/configuration.nix index dd1cca6..211522d 100644 --- a/profiles/core/configuration.nix +++ b/profiles/core/configuration.nix @@ -8,64 +8,24 @@ extraGroups = ["wheel" "networkmanager" "docker" "transmission"]; }; - virtualisation.docker.enable = true; - - hardware.keyboard.qmk.enable = true; - services.udev.extraRules = '' - # Yubico Yubikey II - ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0010|0110|0111|0114|0116|0401|0403|0405|0407|0410", \ - ENV{ID_SECURITY_TOKEN}="1" - - KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0113|0114|0115|0116|0120|0200|0402|0403|0406|0407|0410", TAG+="uaccess" - ''; - - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "lemptop"; - networking.networkmanager.enable = true; - time.timeZone = "Europe/Amsterdam"; - - services.xserver.enable = true; - services.xserver.displayManager.startx.enable = true; - services.xserver.libinput.enable = true; - - services.udev.packages = [ pkgs.yubikey-personalization ]; - services.pcscd.enable = true; - security.pam.services = { - login.u2fAuth = true; - sudo.u2fAuth = true; - }; - - sound.enable = true; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; - - services.transmission = { - enable = true; - }; - - hardware.bluetooth.enable = true; - services.blueman.enable = true; - - programs.slock.enable = true; - - documentation.dev.enable = true; environment.systemPackages = with pkgs; [ man-pages man-pages-posix vim wget git + curl pinentry-curses + gnused + gnugrep + htop + dnsutils + iputils + inetutils + usbutils ]; - system.stateVersion = "23.05"; + nix.package = pkgs.nixUnstable; nix.extraOptions = '' experimental-features = nix-command flakes diff --git a/profiles/core/secrets.nix b/profiles/core/secrets.nix index 69ddca5..9d38c95 100644 --- a/profiles/core/secrets.nix +++ b/profiles/core/secrets.nix @@ -26,7 +26,10 @@ }; environment = { - systemPackages = [ pkgs.sops ]; + systemPackages = [ + pkgs.sops + pkgs.age + ]; }; hm = { diff --git a/profiles/station/packages.nix b/profiles/station/packages.nix index 19e7ad1..2912f22 100644 --- a/profiles/station/packages.nix +++ b/profiles/station/packages.nix @@ -6,26 +6,14 @@ }: let core-packages = with pkgs; [ - # nixopsnixops - age - sops - # k8s and friends kubernetes-helm kubectl kind krew - jq - yq-go dasel initool python311Packages.editorconfig gnutls - # other stuff - coreutils - dnsutils - iputils - inetutils - usbutils gcc pkgsi686Linux.glibc gnumake @@ -35,6 +23,8 @@ calcurse profanity file + jq + yq-go lf ueberzug mypaint @@ -45,12 +35,8 @@ k9s powershell azure-cli - htop subversion ripgrep - gnused - gnugrep - curl inotify-tools alejandra statix |