mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

idk

Browse Source
This commit is contained in:
mjallen18
2025-03-23 12:53:44 -05:00
parent 70a34ec565
commit 094bca46d7
10 changed files with 306 additions and 301 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
flake.nix
View File

@@ -132,12 +132,6 @@
inputs.nixpkgs.follows = "pi4-nixpkgs";
};
pi4-argononed = {
url = "gitlab:ykis-0-0/argononed/feat/nixos";
flake = false;
};
#####################################################
# Steamdeck #
#####################################################
@@ -242,7 +236,6 @@
# Pi4
pi4-nixpkgs,
pi4-argononed,
pi4-home-manager,
pi4-impermanence,
pi4-nixos-hardware,

279
hosts/desktop/configuration.nix
View File

@@ -3,16 +3,91 @@
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
outputs,
lib,
pkgs,
...
}:
let
user = "matt";
passwordFile = config.sops.secrets."desktop/matt_password".path;
pkgsVersion = pkgs.unstable;
environmentVariables = {
STEAM_FORCE_DESKTOPUI_SCALING = "1.0";
GDK_SCALE = "1";
EDITOR = "code --wait";
VISUAL = "code --wait";
};
systemPackages = with pkgsVersion; [
aha
aspell
aspellDicts.en
aspellDicts.en-computers
aspellDicts.en-science
borgbackup
brscan5
clinfo
direnv
efibootmgr
gparted
grsync
kmod
kdePackages.ksvg
lact
memtest86-efi
memtest86plus
nano
onlyoffice-bin
os-prober
nil
papirus-icon-theme
pciutils
qemu_full
rclone
rclone-browser
restic
restic-browser
restic-integrity
rsync
sane-frontends
sbctl
smartmontools
usbutils
udisks2
vim
vulkan-tools
wget
winetricks
];
lactConfig = ''
daemon:
log_level: info
admin_groups:
- wheel
- sudo
disable_clocks_cleanup: false
apply_settings_timer: 5
gpus:
1002:73BF-1002:0E3A-0000:03:00.0:
fan_control_enabled: true
fan_control_settings:
mode: curve
static_speed: 1.0
temperature_key: edge
interval_ms: 500
curve:
30: 0.0
40: 0.2
50: 0.35
60: 0.5
70: 0.75
80: 1.0
spindown_delay_ms: 0
change_threshold: 0
pmfw_options: {}
power_cap: 293.0
performance_level: auto
voltage_offset: 0
power_states: {}
'';
in
{
imports = [
@@ -20,50 +95,54 @@ in
./filesystems.nix
./hardware-configuration.nix
./networking.nix
./nix.nix
./services.nix
./sops.nix
./users.nix
../default.nix
../../share/amd
];
chaotic.mesa-git.enable = true;
# Enable nix flakes and nix-command tools
nix = {
settings = {
substituters = [
# "https://cache.mjallen.dev"
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
# "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
warn-dirty = lib.mkForce false;
experimental-features = lib.mkForce [
"nix-command"
"flakes"
];
trusted-users = [ user ];
# Environment configuration
environment = {
systemPackages = systemPackages;
etc."lact/config.yaml".text = lactConfig;
variables = environmentVariables;
};
# Hardware configuration
hardware = {
# Enable the QMK firmware flashing tool.
keyboard = {
qmk.enable = true;
};
# Enable Sane and Brother printer support.
sane = {
enable = true;
brscan5.enable = true;
dsseries.enable = false;
extraBackends = [ pkgsVersion.brscan5 ];
};
};
share.hardware.amd = {
enable = lib.mkDefault true;
lact.enable = lib.mkDefault true;
# Nixpkgs configuration
nixpkgs = {
# add unstable and stable overlays
overlays = [
outputs.overlays.nixpkgs-unstable
outputs.overlays.nixpkgs-stable
];
config.permittedInsecurePackages = [
# ...
];
};
share.gaming.enable = true;
# Time config
time = {
hardwareClockInLocalTime = lib.mkDefault false;
};
virtualisation.libvirtd.enable = lib.mkDefault true;
virtualisation.waydroid.enable = lib.mkDefault true;
# Programs configuration
programs = {
gamemode.enable = true;
coolercontrol.enable = true;
@@ -74,129 +153,23 @@ in
};
};
# Configure environment
environment = {
# List packages installed in system profile. To search, run:
# $ nix search wget
systemPackages = with pkgsVersion; [
aha
aspell
aspellDicts.en
aspellDicts.en-computers
aspellDicts.en-science
borgbackup
brscan5
clinfo
direnv
efibootmgr
gparted
grsync
kmod
kdePackages.ksvg
lact
memtest86-efi
memtest86plus
nano
onlyoffice-bin
os-prober
nil
papirus-icon-theme
pciutils
qemu_full
rclone
rclone-browser
restic
restic-browser
restic-integrity
rsync
sane-frontends
sbctl
smartmontools
usbutils
udisks2
vim
vulkan-tools
wget
winetricks
];
etc."lact/config.yaml".text = ''
daemon:
log_level: info
admin_groups:
- wheel
- sudo
disable_clocks_cleanup: false
apply_settings_timer: 5
gpus:
1002:73BF-1002:0E3A-0000:03:00.0:
fan_control_enabled: true
fan_control_settings:
mode: curve
static_speed: 1.0
temperature_key: edge
interval_ms: 500
curve:
30: 0.0
40: 0.2
50: 0.35
60: 0.5
70: 0.75
80: 1.0
spindown_delay_ms: 0
change_threshold: 0
pmfw_options: {}
power_cap: 293.0
performance_level: auto
voltage_offset: 0
power_states: {}
'';
variables = {
STEAM_FORCE_DESKTOPUI_SCALING = "1.0";
GDK_SCALE = "1";
EDITOR = "code --wait";
VISUAL = "code --wait";
# Common Configuration
share = {
gaming.enable = true;
hardware.amd = {
enable = lib.mkDefault true;
lact.enable = lib.mkDefault true;
};
};
# Configure nixpkgs
nixpkgs = {
overlays = [
outputs.overlays.nixpkgs-unstable
outputs.overlays.nixpkgs-stable
];
config.permittedInsecurePackages = [
# ...
];
# Time configuration
time = {
hardwareClockInLocalTime = lib.mkDefault false;
};
# Define a user account. Don't forget to set a password with passwd.
users.users."${user}" = {
isNormalUser = lib.mkDefault true;
extraGroups = [
"wheel"
"keys"
"networkmanager"
"ratbagd"
"input"
"scanner"
"lp"
]; # Enable sudo for the user.
hashedPasswordFile = passwordFile;
shell = pkgsVersion.zsh;
};
hardware = {
keyboard = {
qmk.enable = true;
};
sane = {
enable = true;
brscan5.enable = true;
dsseries.enable = false;
extraBackends = [ pkgsVersion.brscan5 ];
};
# Virtualisation configuration
virtualisation = {
libvirtd.enable = lib.mkDefault true;
waydroid.enable = lib.mkDefault true;
};
}

45
hosts/desktop/filesystems.nix
View File

@@ -1,47 +1,32 @@
{ ... }:
let
defaultNetworkShareOptions = [
"sec=none"
"x-systemd.automount"
"auto"
"rw"
"file_mode=0775"
"dir_mode=0775"
"uid=matt"
"gid=wheel"
];
in
{
fileSystems."/media/nas/backup" = {
device = "//10.0.1.18/Backup";
fsType = "cifs";
options = [
"sec=none"
"x-systemd.automount"
"auto"
"rw"
"file_mode=0775"
"dir_mode=0775"
"uid=matt"
"gid=wheel"
];
options = defaultNetworkShareOptions;
};
fileSystems."/media/nas/isos" = {
device = "//10.0.1.18/isos";
fsType = "cifs";
options = [
"sec=none"
"x-systemd.automount"
"auto"
"rw"
"file_mode=0775"
"dir_mode=0775"
"uid=matt"
"gid=wheel"
];
options = defaultNetworkShareOptions;
};
fileSystems."/media/nas/3d_printer" = {
device = "//10.0.1.18/3d_printer";
fsType = "cifs";
options = [
"sec=none"
"x-systemd.automount"
"auto"
"rw"
"file_mode=0775"
"dir_mode=0775"
"uid=matt"
"gid=wheel"
];
options = defaultNetworkShareOptions;
};
}

26
hosts/desktop/hardware-configuration.nix
View File

@@ -7,6 +7,12 @@
modulesPath,
...
}:
let
defeaultBtrfsOptions = [
"compress=zstd"
"autodefrag"
];
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
@@ -25,10 +31,8 @@
fsType = "btrfs";
options = [
"subvol=nix"
"compress=zstd"
"noatime"
"autodefrag"
];
] ++ defeaultBtrfsOptions;
};
fileSystems."/etc" = {
@@ -36,10 +40,8 @@
fsType = "btrfs";
options = [
"subvol=etc"
"compress=zstd"
"noatime"
"autodefrag"
];
] ++ defeaultBtrfsOptions;
};
fileSystems."/root" = {
@@ -47,10 +49,8 @@
fsType = "btrfs";
options = [
"subvol=root"
"compress=zstd"
"noatime"
"autodefrag"
];
] ++ defeaultBtrfsOptions;
};
fileSystems."/var/log" = {
@@ -58,10 +58,8 @@
fsType = "btrfs";
options = [
"subvol=log"
"compress=zstd"
"noatime"
"autodefrag"
];
] ++ defeaultBtrfsOptions;
};
fileSystems."/home" = {
@@ -69,9 +67,7 @@
fsType = "btrfs";
options = [
"subvol=home"
"compress=zstd"
"autodefrag"
];
] ++ defeaultBtrfsOptions;
};
fileSystems."/boot" = {

4
hosts/desktop/home.nix
View File

@@ -48,6 +48,7 @@ in
mangohud.enable = true;
java.enable = true;
home-manager.enable = true;
password-store.enable = true;
zsh = {
enable = true;
@@ -98,6 +99,9 @@ in
"services.sync.prefs.sync.privacy.clearOnShutdown_v2.siteSettings" = true; # Enable syncing site settings clear on shutdown
"browser.newtabpage.activity-stream.feeds.topsites" = true; # Enable top sites on new tab page
"browser.newtabpage.activity-stream.topSitesRows" = 3; # Set number of rows for top sites on new tab page
"layout.css.light-dark.enabled" = true; # Enable light/dark theme support
"extensions.activeThemeID" = "default-theme@mozilla.org"; # Set active theme
"extensions.webextensions.uuids" = "{\"formautofill@mozilla.org\":\"851c83b7-26d5-449c-8cc9-d8951a0ce78d\",\"pictureinpicture@mozilla.org\":\"42fa2650-5134-4bef-bafa-b73f9ae51bad\",\"screenshots@mozilla.org\":\"efd2b692-43c4-433a-aea5-0cb79f8312d4\",\"webcompat-reporter@mozilla.org\":\"c43a6be2-fb56-4253-b384-ce8e09a89999\",\"webcompat@mozilla.org\":\"e25fd1bb-7c53-413f-9528-bb922c322a56\",\"default-theme@mozilla.org\":\"610b67c3-9145-46f7-814f-d8ee2cc8edff\",\"addons-search-detection@mozilla.com\:\"caedb3ca-5cf5-4e23-a251-d742f23e6fc8\",\"uBlock0@raymondhill.net\":\"7e7d9fd9-12bf-42d3-9c7c-9ffd05420ec7\",\"78272b6fa58f4a1abaac99321d503a20@proton.me\":\"7242a067-06d8-430b-94a3-00d264cdd57b\",\"addon@darkreader.org\":\"2f02b112-6acd-4bdc-af2c-1432eb527339\",\"jid1-xUfzOsOFlzSOXg@jetpack\":\"d0c72046-9903-4118-8160-a028840bf928\",\"chrome-gnome-shell@gnome.org\":\"a1ab53e6-b765-4f25-8349-383cc04682a0\",\"user-agent-switcher@ninetailed.ninja\":\"259d07cc-bb32-4ed5-b90f-6d73abdeb7bb\",\"firefoxdav@icloud.com\":\"110e6e2c-18f8-461d-9f26-b8f04482b6f1\",\"ciscowebexstart1@cisco.com\":\"a4062240-e73a-4353-bddb-d608d84881f7\",\"{a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7}\":\"9164e437-812b-4a07-8dfd-2fd73b39329b\",\"{036a55b4-5e72-4d05-a06c-cba2dfcc134a}\":\"648fc678-a6fb-47cd-9792-fb9520678c17\",\"{446900e4-71c2-419f-a6a7-df9c091e268b}\":\"f0b43422-070e-466e-85c9-6543f209f075\",\"jid1-MnnxcxisBPnSXQ@jetpack\":\"4c448202-c843-4cae-b5c3-d11f2da58fa3\",\"soundfixer@unrelenting.technology\":\"59b35eb8-1c85-4919-a905-80d120993ddc\",\"floccus@handmadeideas.org\":\"8ad2956c-8091-41af-a689-7d2108f5958d\",\"{79b9dbcf-cc5a-4cda-89ef-c4ab097eb074}\":\"c2a223a7-32e0-4726-9f20-17236702b1f5\",\"linkgopher@oooninja.com\":\"a257858c-0dce-415b-b123-6222876cf843\"}";
};
};

25
hosts/desktop/nix.nix Normal file
View File

@@ -0,0 +1,25 @@
{ lib, ... }:
let
user = "matt";
in
{
nix = {
settings = {
substituters = [
# "https://cache.mjallen.dev"
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
# "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
warn-dirty = lib.mkForce false;
experimental-features = lib.mkForce [
"nix-command"
"flakes"
];
trusted-users = [ user ];
};
};
}

96
hosts/desktop/services.nix
View File

@@ -1,80 +1,5 @@
{ config, lib, pkgs, ... }:
let
fixWifiScript = pkgs.writeScriptBin "fix-wifi" ''
#!/usr/bin/env python3
import subprocess
import socket
import logging
from typing import List, Optional
def check_internet_connection(hosts_to_check: Optional[List[str]] = None) -> bool:
"""
Check internet connectivity by attempting to connect to reliable hosts.
:param hosts_to_check: Optional list of hosts to check.
:return: Boolean indicating if internet connection is available
"""
if hosts_to_check is None:
hosts_to_check = [
"8.8.8.8", # Google DNS
"1.1.1.1", # Cloudflare DNS
"9.9.9.9" # Quad9 DNS
]
for host in hosts_to_check:
try:
# Create a socket connection with a 5-second timeout
socket.create_connection((host, 53), timeout=5)
return True
except (socket.error, socket.timeout):
continue
return False
def reset_wifi_card() -> bool:
"""
Execute WiFi card reset commands.
:return: Boolean indicating if reset commands were successful
"""
reset_commands = [
"echo 1 | sudo -u root tee /sys/bus/pci/devices/0000:09:00.0/reset",
"sudo rmmod iwlwifi",
"sudo modprobe iwlwifi"
]
try:
for command in reset_commands:
result = subprocess.run(
command,
shell=True,
check=True,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
text=True
)
print(f"Executed: {command}")
print(f"Output: {result.stdout}")
return True
except subprocess.CalledProcessError as e:
print(f"Error resetting WiFi: {e}")
print(f"Error output: {e.stderr}")
return False
def main():
"""
Check internet connection and reset WiFi if not connected.
"""
if not check_internet_connection():
print("No internet connection detected. Attempting WiFi reset...")
reset_wifi_card()
else:
print("Internet connection is stable. No reset needed.")
if __name__ == "__main__":
main()
'';
let
pkgsVersion = pkgs.unstable;
in
{
@@ -163,25 +88,6 @@ in
};
systemd = {
services = {
fix-wifi = {
enable = lib.mkDefault true;
path = with pkgsVersion; [
bash
python3
networkmanager
kmod
fixWifiScript
];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Type = "oneshot";
ExecStart = [ "${fixWifiScript}/bin/fix-wifi" ];
};
};
};
user.services = {
rclone-home-proton = {
enable = lib.mkDefault false;

22
hosts/desktop/users.nix Normal file
View File

@@ -0,0 +1,22 @@
{ config, lib, pkgs, ... }:
let
user = "matt";
passwordFile = config.sops.secrets."desktop/matt_password".path;
pkgsVersion = pkgs.unstable;
in
{
users.users."${user}" = {
isNormalUser = lib.mkDefault true;
extraGroups = [
"wheel"
"keys"
"networkmanager"
"ratbagd"
"input"
"scanner"
"lp"
]; # Enable sudo for the user.
hashedPasswordFile = passwordFile;
shell = pkgsVersion.zsh;
};
}

101
hosts/desktop/wifi-fixer.nix Normal file
View File

@@ -0,0 +1,101 @@
{ lib, pkgs, ... }:
let
fixWifiScript = pkgs.writeScriptBin "fix-wifi" ''
#!/usr/bin/env python3
import subprocess
import socket
import logging
from typing import List, Optional
def check_internet_connection(hosts_to_check: Optional[List[str]] = None) -> bool:
"""
Check internet connectivity by attempting to connect to reliable hosts.
:param hosts_to_check: Optional list of hosts to check.
:return: Boolean indicating if internet connection is available
"""
if hosts_to_check is None:
hosts_to_check = [
"8.8.8.8", # Google DNS
"1.1.1.1", # Cloudflare DNS
"9.9.9.9" # Quad9 DNS
]
for host in hosts_to_check:
try:
# Create a socket connection with a 5-second timeout
socket.create_connection((host, 53), timeout=5)
return True
except (socket.error, socket.timeout):
continue
return False
def reset_wifi_card() -> bool:
"""
Execute WiFi card reset commands.
:return: Boolean indicating if reset commands were successful
"""
reset_commands = [
"echo 1 | sudo -u root tee /sys/bus/pci/devices/0000:09:00.0/reset",
"sudo rmmod iwlwifi",
"sudo modprobe iwlwifi"
]
try:
for command in reset_commands:
result = subprocess.run(
command,
shell=True,
check=True,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
text=True
)
print(f"Executed: {command}")
print(f"Output: {result.stdout}")
return True
except subprocess.CalledProcessError as e:
print(f"Error resetting WiFi: {e}")
print(f"Error output: {e.stderr}")
return False
def main():
"""
Check internet connection and reset WiFi if not connected.
"""
if not check_internet_connection():
print("No internet connection detected. Attempting WiFi reset...")
reset_wifi_card()
else:
print("Internet connection is stable. No reset needed.")
if __name__ == "__main__":
main()
'';
pkgsVersion = pkgs.unstable;
in
{
systemd = {
services = {
fix-wifi = {
enable = lib.mkDefault true;
path = with pkgsVersion; [
bash
python3
networkmanager
kmod
fixWifiScript
];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Type = "oneshot";
ExecStart = [ "${fixWifiScript}/bin/fix-wifi" ];
};
};
};
};
}

2
hosts/nas/home.nix
View File

@@ -64,7 +64,7 @@ in
fish.enable = false;
mangohud.enable = true;
java.enable = true;
password-store.enable = true;
btop.enable = true;
neovim = {