diff --git a/flake.nix b/flake.nix index 2859adb..0697675 100755 --- a/flake.nix +++ b/flake.nix @@ -132,12 +132,6 @@ inputs.nixpkgs.follows = "pi4-nixpkgs"; }; - pi4-argononed = { - url = "gitlab:ykis-0-0/argononed/feat/nixos"; - flake = false; - }; - - ##################################################### # Steamdeck # ##################################################### @@ -242,7 +236,6 @@ # Pi4 pi4-nixpkgs, - pi4-argononed, pi4-home-manager, pi4-impermanence, pi4-nixos-hardware, diff --git a/hosts/desktop/configuration.nix b/hosts/desktop/configuration.nix index fdc1b63..f2830ed 100755 --- a/hosts/desktop/configuration.nix +++ b/hosts/desktop/configuration.nix @@ -3,16 +3,91 @@ # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). { - config, outputs, lib, pkgs, ... }: let - user = "matt"; - passwordFile = config.sops.secrets."desktop/matt_password".path; pkgsVersion = pkgs.unstable; + environmentVariables = { + STEAM_FORCE_DESKTOPUI_SCALING = "1.0"; + GDK_SCALE = "1"; + EDITOR = "code --wait"; + VISUAL = "code --wait"; + }; + systemPackages = with pkgsVersion; [ + aha + aspell + aspellDicts.en + aspellDicts.en-computers + aspellDicts.en-science + borgbackup + brscan5 + clinfo + direnv + efibootmgr + gparted + grsync + kmod + kdePackages.ksvg + lact + memtest86-efi + memtest86plus + nano + onlyoffice-bin + os-prober + nil + papirus-icon-theme + pciutils + qemu_full + rclone + rclone-browser + restic + restic-browser + restic-integrity + rsync + sane-frontends + sbctl + smartmontools + usbutils + udisks2 + vim + vulkan-tools + wget + winetricks + ]; + lactConfig = '' + daemon: + log_level: info + admin_groups: + - wheel + - sudo + disable_clocks_cleanup: false + apply_settings_timer: 5 + gpus: + 1002:73BF-1002:0E3A-0000:03:00.0: + fan_control_enabled: true + fan_control_settings: + mode: curve + static_speed: 1.0 + temperature_key: edge + interval_ms: 500 + curve: + 30: 0.0 + 40: 0.2 + 50: 0.35 + 60: 0.5 + 70: 0.75 + 80: 1.0 + spindown_delay_ms: 0 + change_threshold: 0 + pmfw_options: {} + power_cap: 293.0 + performance_level: auto + voltage_offset: 0 + power_states: {} + ''; in { imports = [ @@ -20,50 +95,54 @@ in ./filesystems.nix ./hardware-configuration.nix ./networking.nix + ./nix.nix ./services.nix ./sops.nix + ./users.nix ../default.nix ../../share/amd ]; chaotic.mesa-git.enable = true; - # Enable nix flakes and nix-command tools - nix = { - settings = { - substituters = [ - # "https://cache.mjallen.dev" - "https://nix-community.cachix.org" - "https://cache.nixos.org/" - ]; - trusted-public-keys = [ - # "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; - warn-dirty = lib.mkForce false; - experimental-features = lib.mkForce [ - "nix-command" - "flakes" - ]; - trusted-users = [ user ]; + # Environment configuration + environment = { + systemPackages = systemPackages; + + etc."lact/config.yaml".text = lactConfig; + + variables = environmentVariables; + }; + + # Hardware configuration + hardware = { + # Enable the QMK firmware flashing tool. + keyboard = { + qmk.enable = true; + }; + + # Enable Sane and Brother printer support. + sane = { + enable = true; + brscan5.enable = true; + dsseries.enable = false; + extraBackends = [ pkgsVersion.brscan5 ]; }; }; - share.hardware.amd = { - enable = lib.mkDefault true; - lact.enable = lib.mkDefault true; + # Nixpkgs configuration + nixpkgs = { + # add unstable and stable overlays + overlays = [ + outputs.overlays.nixpkgs-unstable + outputs.overlays.nixpkgs-stable + ]; + config.permittedInsecurePackages = [ + # ... + ]; }; - share.gaming.enable = true; - - # Time config - time = { - hardwareClockInLocalTime = lib.mkDefault false; - }; - - virtualisation.libvirtd.enable = lib.mkDefault true; - virtualisation.waydroid.enable = lib.mkDefault true; - + # Programs configuration programs = { gamemode.enable = true; coolercontrol.enable = true; @@ -74,129 +153,23 @@ in }; }; - # Configure environment - environment = { - # List packages installed in system profile. To search, run: - # $ nix search wget - systemPackages = with pkgsVersion; [ - aha - aspell - aspellDicts.en - aspellDicts.en-computers - aspellDicts.en-science - borgbackup - brscan5 - clinfo - direnv - efibootmgr - gparted - grsync - kmod - kdePackages.ksvg - lact - memtest86-efi - memtest86plus - nano - onlyoffice-bin - os-prober - nil - papirus-icon-theme - pciutils - qemu_full - rclone - rclone-browser - restic - restic-browser - restic-integrity - rsync - sane-frontends - sbctl - smartmontools - usbutils - udisks2 - vim - vulkan-tools - wget - winetricks - ]; - - etc."lact/config.yaml".text = '' - daemon: - log_level: info - admin_groups: - - wheel - - sudo - disable_clocks_cleanup: false - apply_settings_timer: 5 - gpus: - 1002:73BF-1002:0E3A-0000:03:00.0: - fan_control_enabled: true - fan_control_settings: - mode: curve - static_speed: 1.0 - temperature_key: edge - interval_ms: 500 - curve: - 30: 0.0 - 40: 0.2 - 50: 0.35 - 60: 0.5 - 70: 0.75 - 80: 1.0 - spindown_delay_ms: 0 - change_threshold: 0 - pmfw_options: {} - power_cap: 293.0 - performance_level: auto - voltage_offset: 0 - power_states: {} - ''; - - variables = { - STEAM_FORCE_DESKTOPUI_SCALING = "1.0"; - GDK_SCALE = "1"; - EDITOR = "code --wait"; - VISUAL = "code --wait"; + # Common Configuration + share = { + gaming.enable = true; + hardware.amd = { + enable = lib.mkDefault true; + lact.enable = lib.mkDefault true; }; }; - # Configure nixpkgs - nixpkgs = { - overlays = [ - outputs.overlays.nixpkgs-unstable - outputs.overlays.nixpkgs-stable - ]; - config.permittedInsecurePackages = [ - # ... - ]; + # Time configuration + time = { + hardwareClockInLocalTime = lib.mkDefault false; }; - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users."${user}" = { - isNormalUser = lib.mkDefault true; - extraGroups = [ - "wheel" - "keys" - "networkmanager" - "ratbagd" - "input" - "scanner" - "lp" - ]; # Enable ‘sudo’ for the user. - hashedPasswordFile = passwordFile; - shell = pkgsVersion.zsh; - }; - - hardware = { - keyboard = { - qmk.enable = true; - }; - - sane = { - enable = true; - brscan5.enable = true; - dsseries.enable = false; - extraBackends = [ pkgsVersion.brscan5 ]; - }; + # Virtualisation configuration + virtualisation = { + libvirtd.enable = lib.mkDefault true; + waydroid.enable = lib.mkDefault true; }; } diff --git a/hosts/desktop/filesystems.nix b/hosts/desktop/filesystems.nix index 1f3d97c..699259e 100755 --- a/hosts/desktop/filesystems.nix +++ b/hosts/desktop/filesystems.nix @@ -1,47 +1,32 @@ { ... }: +let + defaultNetworkShareOptions = [ + "sec=none" + "x-systemd.automount" + "auto" + "rw" + "file_mode=0775" + "dir_mode=0775" + "uid=matt" + "gid=wheel" + ]; +in { fileSystems."/media/nas/backup" = { device = "//10.0.1.18/Backup"; fsType = "cifs"; - options = [ - "sec=none" - "x-systemd.automount" - "auto" - "rw" - "file_mode=0775" - "dir_mode=0775" - "uid=matt" - "gid=wheel" - ]; + options = defaultNetworkShareOptions; }; fileSystems."/media/nas/isos" = { device = "//10.0.1.18/isos"; fsType = "cifs"; - options = [ - "sec=none" - "x-systemd.automount" - "auto" - "rw" - "file_mode=0775" - "dir_mode=0775" - "uid=matt" - "gid=wheel" - ]; + options = defaultNetworkShareOptions; }; fileSystems."/media/nas/3d_printer" = { device = "//10.0.1.18/3d_printer"; fsType = "cifs"; - options = [ - "sec=none" - "x-systemd.automount" - "auto" - "rw" - "file_mode=0775" - "dir_mode=0775" - "uid=matt" - "gid=wheel" - ]; + options = defaultNetworkShareOptions; }; } diff --git a/hosts/desktop/hardware-configuration.nix b/hosts/desktop/hardware-configuration.nix index 8a6c927..31492ad 100755 --- a/hosts/desktop/hardware-configuration.nix +++ b/hosts/desktop/hardware-configuration.nix @@ -7,6 +7,12 @@ modulesPath, ... }: +let + defeaultBtrfsOptions = [ + "compress=zstd" + "autodefrag" + ]; +in { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; @@ -25,10 +31,8 @@ fsType = "btrfs"; options = [ "subvol=nix" - "compress=zstd" "noatime" - "autodefrag" - ]; + ] ++ defeaultBtrfsOptions; }; fileSystems."/etc" = { @@ -36,10 +40,8 @@ fsType = "btrfs"; options = [ "subvol=etc" - "compress=zstd" "noatime" - "autodefrag" - ]; + ] ++ defeaultBtrfsOptions; }; fileSystems."/root" = { @@ -47,10 +49,8 @@ fsType = "btrfs"; options = [ "subvol=root" - "compress=zstd" "noatime" - "autodefrag" - ]; + ] ++ defeaultBtrfsOptions; }; fileSystems."/var/log" = { @@ -58,10 +58,8 @@ fsType = "btrfs"; options = [ "subvol=log" - "compress=zstd" "noatime" - "autodefrag" - ]; + ] ++ defeaultBtrfsOptions; }; fileSystems."/home" = { @@ -69,9 +67,7 @@ fsType = "btrfs"; options = [ "subvol=home" - "compress=zstd" - "autodefrag" - ]; + ] ++ defeaultBtrfsOptions; }; fileSystems."/boot" = { diff --git a/hosts/desktop/home.nix b/hosts/desktop/home.nix index a83141f..801751a 100755 --- a/hosts/desktop/home.nix +++ b/hosts/desktop/home.nix @@ -48,6 +48,7 @@ in mangohud.enable = true; java.enable = true; home-manager.enable = true; + password-store.enable = true; zsh = { enable = true; @@ -98,6 +99,9 @@ in "services.sync.prefs.sync.privacy.clearOnShutdown_v2.siteSettings" = true; # Enable syncing site settings clear on shutdown "browser.newtabpage.activity-stream.feeds.topsites" = true; # Enable top sites on new tab page "browser.newtabpage.activity-stream.topSitesRows" = 3; # Set number of rows for top sites on new tab page + "layout.css.light-dark.enabled" = true; # Enable light/dark theme support + "extensions.activeThemeID" = "default-theme@mozilla.org"; # Set active theme + "extensions.webextensions.uuids" = "{\"formautofill@mozilla.org\":\"851c83b7-26d5-449c-8cc9-d8951a0ce78d\",\"pictureinpicture@mozilla.org\":\"42fa2650-5134-4bef-bafa-b73f9ae51bad\",\"screenshots@mozilla.org\":\"efd2b692-43c4-433a-aea5-0cb79f8312d4\",\"webcompat-reporter@mozilla.org\":\"c43a6be2-fb56-4253-b384-ce8e09a89999\",\"webcompat@mozilla.org\":\"e25fd1bb-7c53-413f-9528-bb922c322a56\",\"default-theme@mozilla.org\":\"610b67c3-9145-46f7-814f-d8ee2cc8edff\",\"addons-search-detection@mozilla.com\:\"caedb3ca-5cf5-4e23-a251-d742f23e6fc8\",\"uBlock0@raymondhill.net\":\"7e7d9fd9-12bf-42d3-9c7c-9ffd05420ec7\",\"78272b6fa58f4a1abaac99321d503a20@proton.me\":\"7242a067-06d8-430b-94a3-00d264cdd57b\",\"addon@darkreader.org\":\"2f02b112-6acd-4bdc-af2c-1432eb527339\",\"jid1-xUfzOsOFlzSOXg@jetpack\":\"d0c72046-9903-4118-8160-a028840bf928\",\"chrome-gnome-shell@gnome.org\":\"a1ab53e6-b765-4f25-8349-383cc04682a0\",\"user-agent-switcher@ninetailed.ninja\":\"259d07cc-bb32-4ed5-b90f-6d73abdeb7bb\",\"firefoxdav@icloud.com\":\"110e6e2c-18f8-461d-9f26-b8f04482b6f1\",\"ciscowebexstart1@cisco.com\":\"a4062240-e73a-4353-bddb-d608d84881f7\",\"{a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7}\":\"9164e437-812b-4a07-8dfd-2fd73b39329b\",\"{036a55b4-5e72-4d05-a06c-cba2dfcc134a}\":\"648fc678-a6fb-47cd-9792-fb9520678c17\",\"{446900e4-71c2-419f-a6a7-df9c091e268b}\":\"f0b43422-070e-466e-85c9-6543f209f075\",\"jid1-MnnxcxisBPnSXQ@jetpack\":\"4c448202-c843-4cae-b5c3-d11f2da58fa3\",\"soundfixer@unrelenting.technology\":\"59b35eb8-1c85-4919-a905-80d120993ddc\",\"floccus@handmadeideas.org\":\"8ad2956c-8091-41af-a689-7d2108f5958d\",\"{79b9dbcf-cc5a-4cda-89ef-c4ab097eb074}\":\"c2a223a7-32e0-4726-9f20-17236702b1f5\",\"linkgopher@oooninja.com\":\"a257858c-0dce-415b-b123-6222876cf843\"}"; }; }; diff --git a/hosts/desktop/nix.nix b/hosts/desktop/nix.nix new file mode 100644 index 0000000..af710cd --- /dev/null +++ b/hosts/desktop/nix.nix @@ -0,0 +1,25 @@ +{ lib, ... }: +let + user = "matt"; +in +{ + nix = { + settings = { + substituters = [ + # "https://cache.mjallen.dev" + "https://nix-community.cachix.org" + "https://cache.nixos.org/" + ]; + trusted-public-keys = [ + # "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + warn-dirty = lib.mkForce false; + experimental-features = lib.mkForce [ + "nix-command" + "flakes" + ]; + trusted-users = [ user ]; + }; + }; +} \ No newline at end of file diff --git a/hosts/desktop/services.nix b/hosts/desktop/services.nix index 5f317bf..eb212db 100755 --- a/hosts/desktop/services.nix +++ b/hosts/desktop/services.nix @@ -1,80 +1,5 @@ { config, lib, pkgs, ... }: -let - fixWifiScript = pkgs.writeScriptBin "fix-wifi" '' - #!/usr/bin/env python3 - - import subprocess - import socket - import logging - from typing import List, Optional - - def check_internet_connection(hosts_to_check: Optional[List[str]] = None) -> bool: - """ - Check internet connectivity by attempting to connect to reliable hosts. - - :param hosts_to_check: Optional list of hosts to check. - :return: Boolean indicating if internet connection is available - """ - if hosts_to_check is None: - hosts_to_check = [ - "8.8.8.8", # Google DNS - "1.1.1.1", # Cloudflare DNS - "9.9.9.9" # Quad9 DNS - ] - - for host in hosts_to_check: - try: - # Create a socket connection with a 5-second timeout - socket.create_connection((host, 53), timeout=5) - return True - except (socket.error, socket.timeout): - continue - - return False - - def reset_wifi_card() -> bool: - """ - Execute WiFi card reset commands. - - :return: Boolean indicating if reset commands were successful - """ - reset_commands = [ - "echo 1 | sudo -u root tee /sys/bus/pci/devices/0000:09:00.0/reset", - "sudo rmmod iwlwifi", - "sudo modprobe iwlwifi" - ] - - try: - for command in reset_commands: - result = subprocess.run( - command, - shell=True, - check=True, - stdout=subprocess.PIPE, - stderr=subprocess.PIPE, - text=True - ) - print(f"Executed: {command}") - print(f"Output: {result.stdout}") - return True - except subprocess.CalledProcessError as e: - print(f"Error resetting WiFi: {e}") - print(f"Error output: {e.stderr}") - return False - - def main(): - """ - Check internet connection and reset WiFi if not connected. - """ - if not check_internet_connection(): - print("No internet connection detected. Attempting WiFi reset...") - reset_wifi_card() - else: - print("Internet connection is stable. No reset needed.") - - if __name__ == "__main__": - main() - ''; +let pkgsVersion = pkgs.unstable; in { @@ -163,25 +88,6 @@ in }; systemd = { - services = { - fix-wifi = { - enable = lib.mkDefault true; - path = with pkgsVersion; [ - bash - python3 - networkmanager - kmod - fixWifiScript - ]; - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - serviceConfig = { - Type = "oneshot"; - ExecStart = [ "${fixWifiScript}/bin/fix-wifi" ]; - }; - }; - }; - user.services = { rclone-home-proton = { enable = lib.mkDefault false; diff --git a/hosts/desktop/users.nix b/hosts/desktop/users.nix new file mode 100644 index 0000000..f1ee414 --- /dev/null +++ b/hosts/desktop/users.nix @@ -0,0 +1,22 @@ +{ config, lib, pkgs, ... }: +let + user = "matt"; + passwordFile = config.sops.secrets."desktop/matt_password".path; + pkgsVersion = pkgs.unstable; +in +{ + users.users."${user}" = { + isNormalUser = lib.mkDefault true; + extraGroups = [ + "wheel" + "keys" + "networkmanager" + "ratbagd" + "input" + "scanner" + "lp" + ]; # Enable ‘sudo’ for the user. + hashedPasswordFile = passwordFile; + shell = pkgsVersion.zsh; + }; +} \ No newline at end of file diff --git a/hosts/desktop/wifi-fixer.nix b/hosts/desktop/wifi-fixer.nix new file mode 100644 index 0000000..1a615a6 --- /dev/null +++ b/hosts/desktop/wifi-fixer.nix @@ -0,0 +1,101 @@ +{ lib, pkgs, ... }: +let + fixWifiScript = pkgs.writeScriptBin "fix-wifi" '' + #!/usr/bin/env python3 + + import subprocess + import socket + import logging + from typing import List, Optional + + def check_internet_connection(hosts_to_check: Optional[List[str]] = None) -> bool: + """ + Check internet connectivity by attempting to connect to reliable hosts. + + :param hosts_to_check: Optional list of hosts to check. + :return: Boolean indicating if internet connection is available + """ + if hosts_to_check is None: + hosts_to_check = [ + "8.8.8.8", # Google DNS + "1.1.1.1", # Cloudflare DNS + "9.9.9.9" # Quad9 DNS + ] + + for host in hosts_to_check: + try: + # Create a socket connection with a 5-second timeout + socket.create_connection((host, 53), timeout=5) + return True + except (socket.error, socket.timeout): + continue + + return False + + def reset_wifi_card() -> bool: + """ + Execute WiFi card reset commands. + + :return: Boolean indicating if reset commands were successful + """ + reset_commands = [ + "echo 1 | sudo -u root tee /sys/bus/pci/devices/0000:09:00.0/reset", + "sudo rmmod iwlwifi", + "sudo modprobe iwlwifi" + ] + + try: + for command in reset_commands: + result = subprocess.run( + command, + shell=True, + check=True, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + text=True + ) + print(f"Executed: {command}") + print(f"Output: {result.stdout}") + return True + except subprocess.CalledProcessError as e: + print(f"Error resetting WiFi: {e}") + print(f"Error output: {e.stderr}") + return False + + def main(): + """ + Check internet connection and reset WiFi if not connected. + """ + if not check_internet_connection(): + print("No internet connection detected. Attempting WiFi reset...") + reset_wifi_card() + else: + print("Internet connection is stable. No reset needed.") + + if __name__ == "__main__": + main() + ''; + pkgsVersion = pkgs.unstable; +in +{ + systemd = { + services = { + fix-wifi = { + enable = lib.mkDefault true; + path = with pkgsVersion; [ + bash + python3 + networkmanager + kmod + fixWifiScript + ]; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + serviceConfig = { + Type = "oneshot"; + ExecStart = [ "${fixWifiScript}/bin/fix-wifi" ]; + }; + }; + }; + }; +} \ No newline at end of file diff --git a/hosts/nas/home.nix b/hosts/nas/home.nix index 7eb42a2..85240e3 100755 --- a/hosts/nas/home.nix +++ b/hosts/nas/home.nix @@ -64,7 +64,7 @@ in fish.enable = false; mangohud.enable = true; java.enable = true; - + password-store.enable = true; btop.enable = true; neovim = {