diff --git a/.gitignore b/.gitignore index dbee5b9..53ef102 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ /result *.qcow2 +# diff --git a/home/features/cli/default.nix b/home/features/cli/default.nix index 82f2cb8..1f43015 100644 --- a/home/features/cli/default.nix +++ b/home/features/cli/default.nix @@ -5,6 +5,7 @@ ./fish.nix ./neofetch.nix ./starship.nix + ./tmux.nix ]; home.packages = with pkgs; [ diff --git a/home/features/cli/tmux.nix b/home/features/cli/tmux.nix index 756f569..f20faae 100644 --- a/home/features/cli/tmux.nix +++ b/home/features/cli/tmux.nix @@ -1,4 +1,13 @@ -{ +{ config, lib, pkgs, ... }: + +with lib; + +let cfg = config.features.tmux; + +in { + + options.features.neofetch.enable = mkEnableOption "enable neofetch shell"; + programs.tmux = { enable = true; shortcut = "a"; diff --git a/home/users/m3tam3re/#m3-nix.nix# b/home/users/m3tam3re/#m3-nix.nix# new file mode 100644 index 0000000..6840344 --- /dev/null +++ b/home/users/m3tam3re/#m3-nix.nix# @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: + +{ + +imports = [ + +]; + +features = { + fish.enable = true; + neofetch.enable = true; + startship.enable = true; + tmux.enable = true; +}; + +home.stateVersion = "22.11"; + +} diff --git a/home/users/m3tam3re/.#m3-nix.nix b/home/users/m3tam3re/.#m3-nix.nix new file mode 120000 index 0000000..d93b698 --- /dev/null +++ b/home/users/m3tam3re/.#m3-nix.nix @@ -0,0 +1 @@ +m3tam3re@m3-nix.4219:1672483267 \ No newline at end of file diff --git a/hosts/m3-nix/#default.nix# b/hosts/m3-nix/#default.nix# deleted file mode 100644 index 3afc265..0000000 --- a/hosts/m3-nix/#default.nix# +++ /dev/null @@ -1,293 +0,0 @@ -{ config, pkgs, lib, ... }: -let - nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' - #!/bin/bash - export __NV_PRIME_RENDER_OFFLOAD=1 - export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 - export __GLX_VENDOR_LIBRARY_NAME=nvidia - export __VK_LAYER_NV_optimus=NVIDIA_only - exec "$@" - ''; - -in { - imports = [ # Include the results of the hardware scan. - ./hardware-configuration.nix - - ]; - - specialisation = { - external-display.configuration = { - system.nixos.tags = [ "externer-Monitor" ]; - hardware.nvidia.prime.offload.enable = lib.mkForce false; - hardware.nvidia.powerManagement.finegrained = lib.mkForce false; - }; - }; - specialisation = { - dual-display.configuration = { - system.nixos.tags = [ "dual-monitor" ]; - hardware.nvidia.prime.offload.enable = lib.mkForce false; - hardware.nvidia.prime.sync.enable = lib.mkForce true; - hardware.nvidia.powerManagement.finegrained = lib.mkForce false; - }; - }; - - # Bootloader. - # boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; - boot.loader.grub.enable = true; - boot.loader.grub.efiSupport = true; - boot.loader.grub.version = 2; - boot.loader.grub.device = "nodev"; - boot.loader.grub.useOSProber = true; - - hardware.tuxedo-keyboard.enable = true; - boot.kernelParams = [ - "tuxedo_keyboard.mode=0" # https://github.com/tuxedocomputers/tuxedo-keyboard#kernelparam - "tuxedo_keyboard.brightness=255" - "tuxedo_keyboard.color_left=0xff0a0a" - ]; - - # Setup keyfile - boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; - boot.extraModprobeConfig = '' - options kvm_intel nested=1 - options kvm_intel emulate_invalid_guest_state=0 - options kvm ignore_msrs=1 - ''; - - boot.initrd.luks.devices."luks-a7b1ba69-0951-4347-886e-4c0c24c2b871".keyFile = - "/crypto_keyfile.bin"; - networking.hostName = "m3-nix"; # Define your hostname. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - networking.firewall.extraCommands = - "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - # Enable networking - networking.networkmanager.enable = true; - networking.wg-quick.interfaces = { - wg0 = { - address = [ "10.13.13.4/24" ]; - dns = [ "192.168.178.75" ]; - privateKeyFile = "/root/wg/peer_m3arch/privatekey-peer_m3arch"; - - peers = [{ - publicKey = "zA3c0S33ZsX5oRMRCrNDYg6pCMLdRurLV+7cU2Chbwk="; - allowedIPs = [ "0.0.0.0/0" "::/0" ]; - endpoint = "45.132.245.244:51820"; - persistentKeepalive = 25; - }]; - }; - }; - nix.extraOptions = '' - experimental-features = nix-command - ''; - nix.settings.experimental-features = "nix-command flakes"; - programs.wireshark.enable = true; - # Set your time zone. - time.timeZone = "Europe/Berlin"; - - # Select internationalisation properties. - i18n.defaultLocale = "de_DE.utf8"; - - services.auto-cpufreq.enable = true; - services.tlp.enable = true; - services.fstrim.enable = true; - - services.cron = { - enable = true; - systemCronJobs = [ "" ]; - }; - - services.hardware.bolt.enable = true; - - services.gvfs = { - enable = true; - package = pkgs.gnome3.gvfs; - }; - - #services.xserver.videoDrivers = [ "intel" ]; - hardware.nvidia = { - prime = { - offload.enable = true; - - # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA - intelBusId = "PCI:0:2:0"; - - # Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA - nvidiaBusId = "PCI:1:0:0"; - }; - modesetting.enable = true; - powerManagement.finegrained = true; - powerManagement.enable = true; - }; - services.xserver = { - enable = true; - exportConfiguration = true; - videoDrivers = [ "nvidia" ]; - displayManager = { - defaultSession = "xfce+i3"; - lightdm = { enable = true; }; - }; - desktopManager = { - xterm.enable = false; - xfce = { - enable = true; - noDesktop = true; - enableXfwm = false; - #thunarPlugins = [ pkgs.xfce.thunar-archive-plugin ]; - }; - }; - windowManager.i3.package = pkgs.i3-gaps; - windowManager.i3.enable = true; - }; - programs.thunar.plugins = [ pkgs.xfce.thunar-archive-plugin ]; - services.xserver.screenSection = '' - Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}" - Option "AllowIndirectGLXProtocol" "off" - Option "TripleBuffer" "on" - ''; - hardware.opengl.enable = true; - hardware.opengl.driSupport32Bit = true; - - # Enable the X11 windowing system. - # services.xserver.enable = true; - - # Enable the XFCE Desktop Environment. - # services.xserver.desktopManager.xfce.enable = true; - - services.kubo = { enable = true; }; - - # Configure keymap in X11 - services.xserver = { - layout = "de"; - xkbOptions = "ctrl:nocaps"; - }; - - # Configure console keymap - console.keyMap = "de"; - - # Enable CUPS to print documents. - services.printing.enable = true; - - # Enable sound with pipewire. - sound.enable = true; - sound.mediaKeys.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - #jack.enable = true; - - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; - }; - - users.defaultUserShell = pkgs.fish; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.m3tam3re = { - isNormalUser = true; - description = "m3tam3re"; - extraGroups = - [ "networkmanager" "wheel" "libvirtd" "flatpak" "docker" "wireshark" ]; - }; - - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - services.flatpak.enable = true; - # xdg desktop intergration (required for flatpak) - - xdg.portal = { - enable = true; - extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; - }; - # Enable Virtualization - virtualisation.libvirtd.enable = true; - virtualisation.libvirtd.qemu.swtpm.enable = true; - virtualisation.libvirtd.qemu.ovmf.enable = true; - virtualisation.docker = { - enable = true; - enableOnBoot = true; - }; - - environment.systemPackages = with pkgs; [ - pkgs.alacritty - pkgs.curl - pkgs.docker - pkgs.docker-compose - pkgs.exa - pkgs.firefox - pkgs.killall - pkgs.libpng - pkgs.neovim - pkgs.OVMFFull - pkgs.pam_gnupg - pkgs.ripgrep - pkgs.swtpm - pkgs.tmux - pkgs.tree - pkgs.wget - nvidia-offload - ]; - services.udev.extraRules = '' - # Trezor - SUBSYSTEM=="usb", ATTR{idVendor}=="534c", ATTR{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" - KERNEL=="hidraw*", ATTRS{idVendor}=="534c", ATTRS{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" - # Trezor v2 - SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c0", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" - SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" - KERNEL=="hidraw*", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" - ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", MODE="0666", GROUP="users", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness" - ACTION=="add", SUBSYSTEM=="thunderbolt", ATTR{authorized}=="0", ATTR{authorized}="1" - ''; - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - }; - programs.gamemode.enable = true; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - programs.ssh.askPassword = ""; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - nix.gc = { - automatic = true; - options = "--delete-older-than 30d"; - }; - nix.optimise.automatic = true; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leavecatenate(variables, "bootdev", bootdev) - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.05"; # Did you read the comment? - -} diff --git a/hosts/m3-nix/default.nix b/hosts/m3-nix/default.nix index f8dbf37..7a4f917 100644 --- a/hosts/m3-nix/default.nix +++ b/hosts/m3-nix/default.nix @@ -1,6 +1,9 @@ { config, pkgs, lib, ... }: + +with pkgs; + let - nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' + nvidia-offload = writeShellScriptBin "nvidia-offload" '' #!/bin/bash export __NV_PRIME_RENDER_OFFLOAD=1 export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 @@ -10,27 +13,30 @@ let ''; in { - imports = [ # Include the results of the hardware scan. - ./hardware-configuration.nix - + imports = [ + ./hardware.nix + ./hardware-configuration.nix # Include the results of the hardware scan. + ../common/users/m3tam3re + ../common/base + ./services ]; specialisation = { external-display.configuration = { - system.nixos.tags = [ "externer-Monitor" ]; + system.nixos.tags = [ "Externer-Monitor" ]; hardware.nvidia.prime.offload.enable = lib.mkForce false; hardware.nvidia.powerManagement.finegrained = lib.mkForce false; }; }; specialisation = { dual-display.configuration = { - system.nixos.tags = [ "dual-monitor" ]; + system.nixos.tags = [ "Dual-Monitor" ]; hardware.nvidia.prime.offload.enable = lib.mkForce false; hardware.nvidia.prime.sync.enable = lib.mkForce true; hardware.nvidia.powerManagement.finegrained = lib.mkForce false; }; }; - + # Bootloader. # boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -41,7 +47,6 @@ in { boot.loader.grub.device = "nodev"; boot.loader.grub.useOSProber = true; - hardware.tuxedo-keyboard.enable = true; boot.kernelParams = [ "tuxedo_keyboard.mode=0" # https://github.com/tuxedocomputers/tuxedo-keyboard#kernelparam "tuxedo_keyboard.brightness=255" @@ -81,213 +86,23 @@ in { }]; }; }; - nix.extraOptions = '' - experimental-features = nix-command - ''; - nix.settings.experimental-features = "nix-command flakes"; - programs.wireshark.enable = true; - # Set your time zone. + time.timeZone = "Europe/Berlin"; - - # Select internationalisation properties. i18n.defaultLocale = "de_DE.utf8"; - services.auto-cpufreq.enable = true; - services.tlp.enable = true; - services.fstrim.enable = true; - services.cron = { - enable = true; - systemCronJobs = [ "" ]; - }; - services.hardware.bolt.enable = true; - services.gvfs = { - enable = true; - package = pkgs.gnome3.gvfs; - }; - #services.xserver.videoDrivers = [ "intel" ]; - hardware.nvidia = { - prime = { - offload.enable = true; - - # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA - intelBusId = "PCI:0:2:0"; - - # Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA - nvidiaBusId = "PCI:1:0:0"; - }; - modesetting.enable = true; - powerManagement.finegrained = true; - powerManagement.enable = true; - }; - services.xserver = { - enable = true; - exportConfiguration = true; - videoDrivers = [ "nvidia" ]; - displayManager = { - defaultSession = "xfce+i3"; - lightdm = { enable = true; }; - }; - desktopManager = { - xterm.enable = false; - xfce = { - enable = true; - noDesktop = true; - enableXfwm = false; - #thunarPlugins = [ pkgs.xfce.thunar-archive-plugin ]; - }; - }; - windowManager.i3.package = pkgs.i3-gaps; - windowManager.i3.enable = true; - }; - programs.thunar.plugins = [ pkgs.xfce.thunar-archive-plugin ]; - services.xserver.screenSection = '' - Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}" - Option "AllowIndirectGLXProtocol" "off" - Option "TripleBuffer" "on" - ''; - hardware.opengl.enable = true; - hardware.opengl.driSupport32Bit = true; - - # Enable the X11 windowing system. - # services.xserver.enable = true; - - # Enable the XFCE Desktop Environment. - # services.xserver.desktopManager.xfce.enable = true; - - services.kubo = { enable = true; }; - - # Configure keymap in X11 - services.xserver = { - layout = "de"; - xkbOptions = "ctrl:nocaps"; - }; - - # Configure console keymap console.keyMap = "de"; - # Enable CUPS to print documents. - services.printing.enable = true; - # Enable sound with pipewire. - sound.enable = true; - sound.mediaKeys.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - #jack.enable = true; + environment.systemPackages = [ nvidia-offload nvim ]; - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; + nix = { + settings = { experimental-features = "nix-command flakes"; }; + gc = { + automatic = true; + options = "--delete-older-than 30d"; + }; + optimise.automatic = true; }; - users.defaultUserShell = pkgs.fish; - # Enable touchpad support (enabled default in most desktopManager). - # services.xserver.libinput.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.m3tam3re = { - isNormalUser = true; - description = "m3tam3re"; - extraGroups = - [ "networkmanager" "wheel" "libvirtd" "flatpak" "docker" "wireshark" ]; - }; - - # home-manager.users.m3tam3re = { pkgs, ... }: { - # home.packages = [ pkgs.home-manager ]; - # programs.bash.enable = true; - #}; - programs.fish = { - enable = true; - useBabelfish = true; - vendor.functions.enable = true; - vendor.config.enable = true; - vendor.completions.enable = true; - }; - - # Allow unfree packages nixpkgs.config.allowUnfree = true; - services.flatpak.enable = true; - # xdg desktop intergration (required for flatpak) - - xdg.portal = { - enable = true; - extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; - }; - # Enable Virtualization - virtualisation.libvirtd.enable = true; - virtualisation.libvirtd.qemu.swtpm.enable = true; - virtualisation.libvirtd.qemu.ovmf.enable = true; - virtualisation.docker = { - enable = true; - enableOnBoot = true; - }; - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - pkgs.alacritty - pkgs.curl - pkgs.docker - pkgs.docker-compose - pkgs.exa - pkgs.firefox - pkgs.killall - pkgs.libpng - pkgs.neovim - pkgs.OVMFFull - pkgs.pam_gnupg - pkgs.ripgrep - pkgs.swtpm - pkgs.tmux - pkgs.tree - pkgs.wget - nvidia-offload - ]; - services.udev.extraRules = '' - # Trezor - SUBSYSTEM=="usb", ATTR{idVendor}=="534c", ATTR{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" - KERNEL=="hidraw*", ATTRS{idVendor}=="534c", ATTRS{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" - # Trezor v2 - SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c0", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" - SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" - KERNEL=="hidraw*", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" - ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", MODE="0666", GROUP="users", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness" - ACTION=="add", SUBSYSTEM=="thunderbolt", ATTR{authorized}=="0", ATTR{authorized}="1" - ''; - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - }; - programs.gamemode.enable = true; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - programs.ssh.askPassword = ""; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - nix.gc = { - automatic = true; - options = "--delete-older-than 30d"; - }; - nix.optimise.automatic = true; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -295,6 +110,6 @@ in { # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "22.05"; # Did you read the comment? + system.stateVersion = "22.11"; # Did you read the comment? } diff --git a/hosts/m3-nix/hardware-configuration.nix b/hosts/m3-nix/hardware-configuration.nix index d23bdf2..62d70c9 100644 --- a/hosts/m3-nix/hardware-configuration.nix +++ b/hosts/m3-nix/hardware-configuration.nix @@ -4,43 +4,42 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "ahci" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "thunderbolt" "ahci" "nvme" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernel.sysctl = { "vm.swappiness" = 1; }; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/9d5b7792-3813-4eeb-9994-d8ecb7e28e8a"; - fsType = "btrfs"; - options = [ "subvol=@" "noatime" "nodiratime" "discard"]; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/9d5b7792-3813-4eeb-9994-d8ecb7e28e8a"; + fsType = "btrfs"; + options = [ "subvol=@" "noatime" "nodiratime" "discard" ]; + }; - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/D9E9-8321"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/D9E9-8321"; + fsType = "vfat"; + }; - fileSystems."/home" = - { device = "/dev/disk/by-uuid/2a71bbf9-115c-4444-9d8e-e265df32df27"; - fsType = "btrfs"; - options = [ "noatime" "nodiratime" "discard" ]; - }; - fileSystems."/opt" = - { device = "/dev/disk/by-uuid/3574df3a-2a90-4b54-9c21-128f1d01ff8f"; - fsType = "btrfs"; - options = [ "noatime" "nodiratime" "discard" ]; - }; - - boot.initrd.luks.devices."luks-a7b1ba69-0951-4347-886e-4c0c24c2b871".device = "/dev/disk/by-uuid/a7b1ba69-0951-4347-886e-4c0c24c2b871"; + fileSystems."/home" = { + device = "/dev/disk/by-uuid/2a71bbf9-115c-4444-9d8e-e265df32df27"; + fsType = "btrfs"; + options = [ "noatime" "nodiratime" "discard" ]; + }; + fileSystems."/opt" = { + device = "/dev/disk/by-uuid/3574df3a-2a90-4b54-9c21-128f1d01ff8f"; + fsType = "btrfs"; + options = [ "noatime" "nodiratime" "discard" ]; + }; + + boot.initrd.luks.devices."luks-a7b1ba69-0951-4347-886e-4c0c24c2b871".device = + "/dev/disk/by-uuid/a7b1ba69-0951-4347-886e-4c0c24c2b871"; swapDevices = - [ { device = "/dev/disk/by-uuid/da69776d-fedf-4020-98e0-34da52211a1b"; } - ]; + [{ device = "/dev/disk/by-uuid/da69776d-fedf-4020-98e0-34da52211a1b"; }]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's @@ -51,7 +50,8 @@ # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; # high-resolution display hardware.video.hidpi.enable = lib.mkDefault true; diff --git a/hosts/m3-nix/hardware.nix b/hosts/m3-nix/hardware.nix new file mode 100644 index 0000000..df048d3 --- /dev/null +++ b/hosts/m3-nix/hardware.nix @@ -0,0 +1,23 @@ +{ + hardware.nvidia = { + prime = { + offload.enable = true; + + # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA + intelBusId = "PCI:0:2:0"; + + # Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA + nvidiaBusId = "PCI:1:0:0"; + }; + modesetting.enable = true; + powerManagement.finegrained = true; + powerManagement.enable = true; + }; + hardware.opengl.enable = true; + hardware.opengl.driSupport32Bit = true; + hardware.tuxedo-keyboard.enable = true; + services.hardware.bolt.enable = true; + services.auto-cpufreq.enable = true; + services.tlp.enable = true; + services.fstrim.enable = true; +} diff --git a/hosts/m3-nix/services/cron.nix b/hosts/m3-nix/services/cron.nix new file mode 100644 index 0000000..cb9cab8 --- /dev/null +++ b/hosts/m3-nix/services/cron.nix @@ -0,0 +1,6 @@ +{ + services.cron = { + enable = true; + systemCronJobs = [ "" ]; + }; +} diff --git a/hosts/m3-nix/services/default.nix b/hosts/m3-nix/services/default.nix new file mode 100644 index 0000000..c341392 --- /dev/null +++ b/hosts/m3-nix/services/default.nix @@ -0,0 +1,17 @@ +{ + imports = [ + ./cron.nix + ./flatpak.nix + ./sound.nix + ./udev.nix + ./virtualization.nix + ./xserver.nix + ]; + + services.gvfs = { + enable = true; + package = pkgs.gnome3.gvfs; + }; + services.kubo = { enable = true; }; # IPFS + services.printing.enable = true; +} diff --git a/hosts/m3-nix/services/flatpak.nix b/hosts/m3-nix/services/flatpak.nix new file mode 100644 index 0000000..10c5eac --- /dev/null +++ b/hosts/m3-nix/services/flatpak.nix @@ -0,0 +1,7 @@ +{ + services.flatpak.enable = true; + xdg.portal = { # xdg desktop intergration (required for flatpak) + enable = true; + extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + }; +} diff --git a/hosts/m3-nix/services/sound.nix b/hosts/m3-nix/services/sound.nix new file mode 100644 index 0000000..f9d3204 --- /dev/null +++ b/hosts/m3-nix/services/sound.nix @@ -0,0 +1,18 @@ +{ + sound.enable = true; + sound.mediaKeys.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; +} diff --git a/hosts/m3-nix/services/udev.nix b/hosts/m3-nix/services/udev.nix new file mode 100644 index 0000000..07dac18 --- /dev/null +++ b/hosts/m3-nix/services/udev.nix @@ -0,0 +1,15 @@ +{ pkgs }: + +{ + services.udev.extraRules = '' + # Trezor + SUBSYSTEM=="usb", ATTR{idVendor}=="534c", ATTR{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + KERNEL=="hidraw*", ATTRS{idVendor}=="534c", ATTRS{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" + # Trezor v2 + SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c0", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + KERNEL=="hidraw*", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" + ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", MODE="0666", GROUP="users", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness" + ACTION=="add", SUBSYSTEM=="thunderbolt", ATTR{authorized}=="0", ATTR{authorized}="1" + ''; +} diff --git a/hosts/m3-nix/services/virtualization.nix b/hosts/m3-nix/services/virtualization.nix new file mode 100644 index 0000000..8e725e4 --- /dev/null +++ b/hosts/m3-nix/services/virtualization.nix @@ -0,0 +1,9 @@ +{ + virtualisation.libvirtd.enable = true; + virtualisation.libvirtd.qemu.swtpm.enable = true; + virtualisation.libvirtd.qemu.ovmf.enable = true; + virtualisation.docker = { + enable = true; + enableOnBoot = true; + }; +} diff --git a/hosts/m3-nix/services/xserver.nix b/hosts/m3-nix/services/xserver.nix new file mode 100644 index 0000000..82df80e --- /dev/null +++ b/hosts/m3-nix/services/xserver.nix @@ -0,0 +1,33 @@ +{ pkgs }: + +{ + services.xserver = { + enable = true; + exportConfiguration = true; + videoDrivers = [ "nvidia" ]; + displayManager = { + defaultSession = "xfce+i3"; + lightdm = { enable = true; }; + }; + desktopManager = { + xterm.enable = false; + xfce = { + enable = true; + noDesktop = true; + enableXfwm = false; + }; + }; + libinput.enable = true; # touchpad support + windowManager.i3.package = pkgs.i3-gaps; + windowManager.i3.enable = true; + layout = "de"; + xkbOptions = "ctrl:nocaps"; + }; + + programs.thunar.plugins = [ pkgs.xfce.thunar-archive-plugin ]; + services.xserver.screenSection = '' + Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}" + Option "AllowIndirectGLXProtocol" "off" + Option "TripleBuffer" "on" + ''; +}