commit ebc3b48a8799211cf2f54bcf29bb8c5b85a55fce Author: m3tam3re Date: Fri Dec 30 13:05:46 2022 +0100 Initial version diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..dbee5b9 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/result +*.qcow2 diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..c640853 --- /dev/null +++ b/flake.lock @@ -0,0 +1,132 @@ +{ + "nodes": { + "deploy-rs": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1672327199, + "narHash": "sha256-pFlngSHXKBhAmbaKZ4FYtu57LLunG+vWdL7a5vw1RvQ=", + "owner": "serokell", + "repo": "deploy-rs", + "rev": "a5619f5660a00f58c2b7c16d89058e92327ac9b8", + "type": "github" + }, + "original": { + "owner": "serokell", + "repo": "deploy-rs", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1668681692, + "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils_2" + }, + "locked": { + "lastModified": 1671966569, + "narHash": "sha256-jbLgfSnmLchARBNFRvCic63CFQ9LAyvlXnBpc2kwjQc=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "c55fa26ce05fee8e063db22918d05a73d430b2ea", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1671417167, + "narHash": "sha256-JkHam6WQOwZN1t2C2sbp1TqMv3TVRjzrdoejqfefwrM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "bb31220cca6d044baa6dc2715b07497a2a7c4bc7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1671883564, + "narHash": "sha256-C15oAtyupmLB3coZY7qzEHXjhtUx/+77olVdqVMruAg=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "dac57a4eccf1442e8bf4030df6fcbb55883cb682", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-22.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "deploy-rs": "deploy-rs", + "home-manager": "home-manager", + "nixpkgs": "nixpkgs_2" + } + }, + "utils": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "utils_2": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..dbdfcbc --- /dev/null +++ b/flake.nix @@ -0,0 +1,56 @@ +{ + description = '' + This i my basic NixOS system configuration. Feel free to reuse anything you find useful. + ''; + + inputs = { + home-manager = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11"; + deploy-rs.url = "github:serokell/deploy-rs"; + }; + + outputs = { self, nixpkgs, home-manager, deploy-rs, ... }@inputs: + let + inherit (self) outputs; + lib = nixpkgs.lib; + homecfg = home-manager.lib.homeManagerConfiguration; + in { + nixosConfigurations = { + lkk-nix-1 = lib.nixosSystem { + specialArgs = { inherit inputs; }; + modules = [ ./hosts/lkk-nix-1 ]; + }; + }; + homeConfigurations = { + # Laptop + "m3tam3re@m3-nix" = { + homecfg = { + extraSpecialArgs = { # pass things to the home configuration + }; + modules = [ ./home/users/m3tam3re/m3-nix.nix ]; + }; + }; + # Company Root Server + "m3tam3re@lkk-nix-1" = { + homecfg = { + extraSpecialArgs = { # pass things to the home configuration + }; + modules = [ ./home/users/m3tam3re/lkk-nix-1.nix ]; + }; + }; + }; + deploy.nodes.lkk-nix-1 = { + hostname = "lkk-nix-1"; + sshUser = "root"; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.lkk-nix-1; + }; + }; + deploy.remoteBuild = true; + }; +} diff --git a/home/default.nix b/home/default.nix new file mode 100644 index 0000000..ffedea7 --- /dev/null +++ b/home/default.nix @@ -0,0 +1,20 @@ +{ ... }: + +{ + imports = [ ./tmux ]; + + nixpkgs.config = { + allowBroken = true; + allowUnfree = true; + + manual.manpages.enable = true; + }; + + systemd.user.startServices = true; + + programs = { + home-manager.enable = true; + git.enable = true; + }; + +} diff --git a/home/features/cli/bat.nix b/home/features/cli/bat.nix new file mode 100644 index 0000000..145895e --- /dev/null +++ b/home/features/cli/bat.nix @@ -0,0 +1,6 @@ +{ + programs.bat = { + enable = true; + config.theme = "base16"; + }; +} diff --git a/home/features/cli/default.nix b/home/features/cli/default.nix new file mode 100644 index 0000000..82f2cb8 --- /dev/null +++ b/home/features/cli/default.nix @@ -0,0 +1,26 @@ +{ pkgs, ... }: +{ + imports = [ + ./bat.nix + ./fish.nix + ./neofetch.nix + ./starship.nix + ]; + + home.packages = with pkgs; [ + autojump + bc + comma + exa + fd + httpie + jq + nixfmt + procs + progress + ripgrep + tldr + trash-cli + tree + ]; +} diff --git a/home/features/cli/fish.nix b/home/features/cli/fish.nix new file mode 100644 index 0000000..5eb767e --- /dev/null +++ b/home/features/cli/fish.nix @@ -0,0 +1,57 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let cfg = config.features.fish; + +in { + + options.features.fish.enable = mkEnableOption "enable fish shell"; + + config = mkIf cfg.enable { + programs.fish = { + enable = true; + plugins = [{ + name = "foreign-env"; + src = pkgs.fetchFromGitHub { + owner = "oh-my-fish"; + repo = "plugin-foreign-env"; + rev = "dddd9213272a0ab848d474d0cbde12ad034e65bc"; + sha256 = "00xqlyl3lffc5l0viin1nyp819wf81fncqyz87jx8ljjdhilmgbs"; + }; + }]; + loginShellInit = '' + set -x WEBKIT_DISABLE_COMPOSITING_MODE 1 + set -x EDITOR emacsclient + set -x VISUAL emacsclient + set -x XDG_DATA_HOME $HOME/.local/share + ''; + shellAbbrs = { + ls = "exa"; + grep = "rg"; + ps = "procs"; + + n = "nix"; + nd = "nix develop -c $SHELL"; + ns = "nix shell"; + nsn = "nix shell nixpkgs#"; + nb = "nix build"; + nbn = "nix build nixpkgs#"; + nf = "nix flake"; + + nr = "nixos-rebuild --flake ."; + nrs = "nixos-rebuild --flake . switch"; + snr = "sudo nixos-rebuild --flake ."; + snrs = "sudo nixos-rebuild --flake . switch"; + hm = "home-manager --flake ."; + hms = "home-manager --flake . switch"; + + vi = "nvim"; + vim = "nvim"; + + wgd = "sudo systemctl stop wg-quick-wg0.service"; + wgu = "sudo systemctl start wg-quick-wg0.service"; + }; + }; + }; +} diff --git a/home/features/cli/neofetch.nix b/home/features/cli/neofetch.nix new file mode 100644 index 0000000..b645ea2 --- /dev/null +++ b/home/features/cli/neofetch.nix @@ -0,0 +1,15 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let cfg = config.features.neofetch; + +in { + + options.features.neofetch.enable = mkEnableOption "enable neofetch shell"; + + config = mkIf cfg.enable { + programs.fish.interactiveShellInit = "neofetch --ascii-distro nixos"; + home.packages = with pkgs; [ neofetch ]; + }; +} diff --git a/home/features/cli/starship.nix b/home/features/cli/starship.nix new file mode 100644 index 0000000..f3952ae --- /dev/null +++ b/home/features/cli/starship.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let cfg = config.features.fish; + +in { + + options.features.starship.enable = mkEnableOption "enable starship prompt"; + + config = mkIf cfg.enable { + programs.starship = { + enable = true; + enableFishIntegration = true; + }; + }; } diff --git a/home/features/cli/tmux.nix b/home/features/cli/tmux.nix new file mode 100644 index 0000000..756f569 --- /dev/null +++ b/home/features/cli/tmux.nix @@ -0,0 +1,49 @@ +{ + programs.tmux = { + enable = true; + shortcut = "a"; + keyMode = "vi"; + clock24 = true; + extraConfig = '' + # Enable mouse mode (tmux 2.1 and above) + set -g mouse on + + # split panes using | and - + bind | split-window -h + bind - split-window -v + unbind '"' + unbind % + + # change status bar color + bind-key r source-file ~/.tmux.conf \; display-message "Konfiguration neu geladen" + + # status bar theme + set -g status-bg 'colour235' + #set -g message-command-fg 'colour222' + set -g status-justify 'centre' + set -g status-left-length '100' + set -g status 'on' + #set -g pane-active-border-fg 'colour154' + #set -g message-bg 'colour238' + set -g status-right-length '100' + #set -g status-right-attr 'none' + #set -g message-fg 'colour222' + #set -g message-command-bg 'colour238' + #set -g status-attr 'none' + #set -g status-utf8 'on' + #set -g pane-border-fg 'colour238' + #set -g status-left-attr 'none' + #setw -g window-status-fg 'colour121' + #setw -g window-status-attr 'none' + #setw -g window-status-activity-bg 'colour235' + #setw -g window-status-activity-attr 'none' + #setw -g window-status-activity-fg 'colour154' + setw -g window-status-separator ' ' + #setw -g window-status-bg 'colour235' + set -g status-left '#[fg=colour232,bg=colour154] #S #[fg=colour154,bg=colour238,nobold,nounderscore,noitalics]#[fg=colour222,bg=colour238] #W #[fg=colour238,bg=colour235,nobold,nounderscore,noitalics]#[fg=colour121,bg=colour235] #(whoami)  #(uptime | cut -d " " -f 1,2,3) #[fg=colour235,bg=colour235,nobold,nounderscore,noitalics]' + set -g status-right '#[fg=colour235,bg=colour235,nobold,nounderscore,noitalics]#[fg=colour121,bg=colour235] %r  %a  %Y #[fg=colour238,bg=colour235,nobold,nounderscore,noitalics]#[fg=colour222,bg=colour238] #H #[fg=colour154,bg=colour238,nobold,nounderscore,noitalics]#[fg=colour232,bg=colour154] #(rainbarf --battery --remaining --no-rgb) ' + setw -g window-status-format '#[fg=colour235,bg=colour235,nobold,nounderscore,noitalics]#[default] #I  #W #[fg=colour235,bg=colour235,nobold,nounderscore,noitalics]' + setw -g window-status-current-format '#[fg=colour235,bg=colour238,nobold,nounderscore,noitalics]#[fg=colour222,bg=colour238] #I  #W  #F #[fg=colour238,bg=colour235,nobold,nounderscore,noitalics]' + ''; + }; +} diff --git a/home/features/coding/default.nix b/home/features/coding/default.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/features/coding/emacs.nix b/home/features/coding/emacs.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/features/desktop/#fonts.nix# b/home/features/desktop/#fonts.nix# new file mode 100644 index 0000000..6591007 --- /dev/null +++ b/home/features/desktop/#fonts.nix# @@ -0,0 +1,22 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let cfg = config.features.extrafonts; + +in { + + options.features.extrafonts.enable = mkEnableOption "install additional fonts for desktop apps"; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ + fira-code + fira-code-symbols + font-manager + font-awesome + font-awesome_4 + nerdfonts + noto-fonts + ]; + }; +} diff --git a/home/features/desktop/crypto.nix b/home/features/desktop/crypto.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/features/desktop/default.nix b/home/features/desktop/default.nix new file mode 100644 index 0000000..b282426 --- /dev/null +++ b/home/features/desktop/default.nix @@ -0,0 +1,61 @@ +{ pkgs, lib, outputs, ... }: +{ + imports = [ + ./alacritty.nix + ./crypto.nix + ./design.nix + ./i3-gaps.nix + ./fonts.nix + ./media.nix + ./polybar.nix + ./qt.nix + ./rofi.nix + ./social.nix + ./syncthing.nix + ./video.nix + ]; + + xdg.mimeApps.enable = true; + + home.sessionVariables = { + QT_QPA_PLATFORMTHEME = "qt5ct"; + WEBKIT_DISABLE_COMPOSITING_MODE = "1"; + EDITOR = "emacs"; + VISUAL = "emacs"; + XDG_CONFIG_HOME = "\${HOME}/.config"; + XDG_BIN_HOME = "\${HOME}/.local/bin"; + XDG_DATA_HOME = "\${HOME}/.local/share"; + PATH = [ "\${XDG_BIN_HOME}" "\${HOME}/.cargo/bin" ]; + }; + + home.packages = with pkgs; [ + alacritty + autotiling + brave + blueberry + brighnessctl + feh + flameshot + gnome.fileroller + gnome.seahorse + gnome.vinagre + libnotify + lxappearance + nyxt + pasystray + pavucontrol + picom + unrar + unzip + variety + xclip + xdg-utils + xdotool + xfce.xfce4-clipman-plugin + xorg.xbacklight + xorg.xkill + xorg.xmodmap + xorg.xrandr + zip + ]; +} diff --git a/home/features/desktop/fonts.nix b/home/features/desktop/fonts.nix new file mode 100644 index 0000000..a60ab96 --- /dev/null +++ b/home/features/desktop/fonts.nix @@ -0,0 +1,21 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let cfg = config.features.extrafonts; + +in { + + options.features.extrafonts.enable = mkEnableOption "install additional fonts for desktop apps"; + + config = mkIf cfg.enable { + home.packages = with pkgs; [ + fira-code + fira-code-symbols + font-manager + font-awesome + font-awesome_4 + noto-fonts + ]; + }; +} diff --git a/home/features/desktop/i3-gaps.nix b/home/features/desktop/i3-gaps.nix new file mode 100644 index 0000000..fcfaa71 --- /dev/null +++ b/home/features/desktop/i3-gaps.nix @@ -0,0 +1,703 @@ +{ + home.file.".config/i3/config".text = '' + ############### Start of all the settings + + # KEY DEFINITIONS TO REMEMBER + # $mod = Set below + # Mod4 = Super key + # Mod1 = ALT key + # Control = CTRL key + # Shift = SHIFT key + # Escape = ESCAPE key + # Return = ENTER or RETURN key + # KP_Enter = Keypad Enter + # Pause = PAUSE key + # Print = PRINT key + # Tab = TAB key + + ################# Define the $mod variable/key + + # Key to rule them all : Super(Windows) or Alt key - see definition above + # set Super key + set $mod Mod4 + + ################# Define the movements keys - variables + + # This is setup for qwerty + # set $right to m if using azerty keyboard + set $up j + set $down k + set $left h + set $right l + + ################# Single and Dual screen + + # current displays + # exec --no-startup-id xrandr --output DP-4 --mode 2560x1440 --refresh 165 + # start emacs as background daemon + # exec --no-startup-id emacs --bg-daemon + # setting variables for later use + # use xrandr and/or arandr to know the names of your monitors + # use this line to tell which monitor is on the right + # xrandr --output DVI-I-2 --right-of DVI-I-1 --auto + # exec --no-startup-id xrandr --output LVDS1 --mode 1366x768 --output DP3 --mode 1920x1080 --right-of LVDS1 + # exec --no-startup-id xrandr --output DVI-I-0 --right-of HDMI-0 --auto + # exec --no-startup-id xrandr --output DVI-1 --right-of DVI-0 --auto + # exec --no-startup-id xrandr --output DVI-D-1 --right-of DVI-I-1 --auto + # exec --no-startup-id xrandr --output HDMI-2 --right-of HDMI-1 --auto + + # current setup + + set $firstMonitor eDP-1-1 + set $secondMonitor DP0 + + # Other Examples + + #set $firstMonitor DP3 + #set $secondMonitor LVDS1 + + #set $firstMonitor DVI-I-0 + #set $secondMonitor HDMI-0 + + #set $firstMonitor DVI-0 + #set $secondMonitor DVI-1 + + #set $firstMonitor DVI-I-1 + #set $secondMonitor DVI-D-1 + + #set $firstMonitor HDMI-1 + #set $secondMonitor HDMI-2 + + workspace 1 output $firstMonitor + workspace 2 output $firstMonitor + workspace 3 output $firstMonitor + workspace 4 output $firstMonitor + workspace 5 output $firstMonitor + workspace 6 output $secondMonitor + workspace 7 output $secondMonitor + workspace 8 output $secondMonitor + workspace 9 output $secondMonitor + workspace 10 output $secondMonitor + + # switch to workspace + bindsym $mod+1 workspace 1 + bindsym $mod+2 workspace 2 + bindsym $mod+3 workspace 3 + bindsym $mod+4 workspace 4 + bindsym $mod+5 workspace 5 + bindsym $mod+6 workspace 6 + bindsym $mod+7 workspace 7 + bindsym $mod+8 workspace 8 + bindsym $mod+9 workspace 9 + bindsym $mod+0 workspace 10 + + # move focused container to workspace + bindsym $mod+Shift+1 move container to workspace 1; workspace 1 + bindsym $mod+Shift+2 move container to workspace 2; workspace 2 + bindsym $mod+Shift+3 move container to workspace 3; workspace 3 + bindsym $mod+Shift+4 move container to workspace 4; workspace 4 + bindsym $mod+Shift+5 move container to workspace 5; workspace 5 + bindsym $mod+Shift+6 move container to workspace 6; workspace 6 + bindsym $mod+Shift+7 move container to workspace 7; workspace 7 + bindsym $mod+Shift+8 move container to workspace 8; workspace 8 + bindsym $mod+Shift+9 move container to workspace 9; workspace 9 + bindsym $mod+Shift+0 move container to workspace 10; workspace 10 + + ################# menu's in arcolinux + + # start dmenu + bindsym $mod+shift+d exec --no-startup-id dmenu_run -i -nb '#191919' -nf '#fea63c' -sb '#fea63c' -sf '#191919' -fn 'FiraMonoRegular:bold:pixelsize=14' + + # start xfce4-appfinder + bindsym mod1+F2 exec --no-startup-id xfce4-appfinder --collapsed + + # start xfce-appfinder + bindsym mod1+F3 exec --no-startup-id xfce4-appfinder + + # editor setup + bindsym $mod+Shift+e exec --no-startup-id emacsclient -n -c -e '(package-initialize)' + + # passwords + bindsym $mod+p exec --no-startup-id rofi-pass + + # basecamp + bindsym $mod+Shift+p exec --no-startup-id brave --new-window https://3.basecamp.com/4293846/projects + + # start xlunch app launcher + # bindsym mod1+F5 exec --no-startup-id xlunch --config ~/.config/xlunch/default.conf --input ~/.config/xlunch/entries.dsv + + # start rofi full + bindsym $mod+F11 exec --no-startup-id "rofi -font 'Fira Code 13' -theme-str 'window {width: 100%;height: 100%;}' -show drun" + + # start rofi small + bindsym $mod+d exec --no-startup-id "rofi -modi drun#emoji#calc#filebrowser#run -show drun -show-icons -font 'Fira C#de 13'" + + # #creenshot + bindsym $mod+Shift+s exec --no-startup-id flameshot + + ################# how to exit, logoff, suspend, ... + + # Backup exit + # Press ctrl+alt+x - check toolbar for next choices + bindsym $mod+x exec --no-startup-id xfce4-session-logout + + # restart i3 inplace (preserves your layout/session, can be used to upgrade i3) + bindsym $mod+Shift+r restart + # reload the configuration file + bindsym $mod+Shift+c reload + + ################# Stopping an application + + # kill focused window + bindsym $mod+Shift+q kill + bindsym $mod+q kill + + ################# Moving around in i3 + + # Use Mouse+$mod to drag floating windows to their wanted position + floating_modifier $mod + + # toggle tiling / floating + bindsym $mod+Shift+space floating toggle + + # change focus + bindsym $mod+$left focus left + bindsym $mod+$down focus down + bindsym $mod+$up focus up + bindsym $mod+$right focus right + + # alternatively, you can use the cursor keys: + bindsym $mod+Left focus left + bindsym $mod+Down focus down + bindsym $mod+Up focus up + bindsym $mod+Right focus right + + # move focused window + bindsym $mod+Shift+$left move left + bindsym $mod+Shift+$down move down + bindsym $mod+Shift+$up move up + bindsym $mod+Shift+$right move right + + # alternatively, you can use the cursor keys: + bindsym $mod+Shift+Left move left + bindsym $mod+Shift+Down move down + bindsym $mod+Shift+Up move up + bindsym $mod+Shift+Right move right + + ################# moving around workspaces + + # next/previous workspace + + bindsym Mod1+Tab workspace next + bindsym Mod1+Shift+Tab workspace prev + bindsym $mod+Tab workspace back_and_forth + + # navigate workspaces next / previous + bindsym Mod1+Ctrl+Right workspace next + bindsym Mod1+Ctrl+Left workspace prev + + # switch to workspace with urgent window automatically + for_window [urgent=latest] focus + + ################# Tiling parameters + + # orientation for new workspaces + default_orientation horizontal + + # split in horizontal orientation + bindsym $mod+Ctrl+h split h + + # split in vertical orientation + bindsym $mod+Ctrl+v split v + + # enter fullscreen mode for the focused container + # Super + F in arcolinux is execute thunar + bindsym $mod+f fullscreen toggle + + # change container layout (stacked, tabbed, toggle split) + # qwerty/azerty issue for letter z + bindsym $mod+s layout stacking + bindsym $mod+z layout tabbed + bindsym $mod+e layout toggle split + + # change focus between tiling / floating windows + bindsym $mod+space focus mode_toggle + + # focus the parent container + bindsym $mod+a focus parent + + # focus the child container + # bindsym $mod+d focus child + + ################# resize + + # Resizing by 1 + bindsym $mod+Mod1+Ctrl+Right resize shrink width 1 px or 1 ppt + bindsym $mod+Mod1+Ctrl+Up resize grow height 1 px or 1 ppt + bindsym $mod+Mod1+Ctrl+Down resize shrink height 1 px or 1 ppt + bindsym $mod+Mod1+Ctrl+Left resize grow width 1 px or 1 ppt + + # Font for window titles. Will also be used by the bar unless a different font + # is used in the bar {} block below. + # choose your font + font pango:Fira Mono Regular 13 + + ################# assign applications to workspaces + + # Assign application to start on a specific workspace + # you can find the class with the program xprop + + # Example - make browser start on workspace 3 + assign [class="Firefox|Brave-browser"] → 1 + assign [class=".gimp-2.10-wrapped_|Inkscape"] → 5 + # assign [class="Chromium|Google-chrome"] → 3 + + # Workspace 2 text editor related + assign [class="emacs|Alacritty"] → 2 + # assign [class="Xed|xed|Brackets|Atom|Code|Geany"] → 2 + + # Workspace 3 Inkscape + # assign [class="Inkscape"] → 3 + + # Workspace 4 Gimp + # assign [class="Gimp"] → 4 + + # Workspace 5 Images and meld + # assign [class="ristretto|Ristretto|shotwell|Shotwell|Xviewer|Nitrogen"] → 5 + # assign [class="feh|gthumb|Gthumb|eog|Eog|Pinta|pixeluvo|Pixeluvo"] → 5 + # assign [class="Meld"] → 5 + + # Workspace 6 all video related software + # assign [class="Vlc|vlc"] → 6 + + # Workspace 7 virtual machines and settings + # assign [class="Vmplayer|VirtualBox"] → 7 + + # Workspace 8 file managers + # assign [class="Nemo|Thunar|Caja|nautilus|Nautilus"] → 8 + + # Workspace 9 email clients + # assign [class="Geary|Evolution"] → 9 + + # Workspace 10 music related + # assign [class="Spotify|spotify"] → 10 + # fix for spotify not moving to workspace 10 + # for_window [class="Spotify"] move to workspace 10 + + ################# autostart - execute applications at boot time + + # USER APPLICATIONS TO START AT BOOT + + # ArcoLinux Welcome App + exec --no-startup-id $HOME/.nix-profile/bin/variety + exec --no-startup-id $HOME/.nix-profile/bin/tuxedo-control-center --no-sandbox + # Autotiling + exec_always --no-startup-id autotiling + + # Load custom keymap + exec --no-startup-id $HOME/.nix-profile/bin/xmodmap $HOME/.xmodmap + exec --no-startup-id $HOME/.nix-profile/bin/setxkbmap de + + # Tray for syncthing + exec --no-startup-id $HOME/.nix-profile/bin/syncthingtray + + exec_always --no-startup-id numlockx on + + # feh sets wallpaper + exec --no-startup-id feh --bg-fill ~/Bilder/wallpaper/wallhaven-g7d51l_2560x1440.png & + + # Polybar + exec_always --no-startup-id ~/.config/polybar/launch.sh & + + ################# system applications + + exec --no-startup-id xfce4-power-manager & + # ommitted next line to get super key to bring up the menu in xfce and avoid error then in i3 + # IF xfsettingsd is activated you can not change themes + # exec --no-startup-id xfsettingsd & + exec --no-startup-id /usr/lib/xfce4/notifyd/xfce4-notifyd & + + #####s############ applications keyboard shortcuts + + # not workspace related + + # terminal + bindsym $mod+Return exec --no-startup-id alacritty -e tmux;focus + bindsym $mod+KP_Enter exec --no-startup-id alacritty;focus + bindsym control+mod1+t exec --no-startup-id alacritty -e tmux attach; focus + bindsym control+mod1+Return exec --no-startup-id alacritty; focus + bindsym control+mod1+KP_Enter exec --no-startup-id alacritty; focus + bindsym F12 exec --no-startup-id xfce4-terminal --drop-down; focus + + # System monitor + bindsym control+Shift+Escape exec --no-startup-id xfce4-taskmanager;focus + + # settings + bindsym control+mod1+m exec --no-startup-id xfce4-settings-manager + + # catfish + bindsym control+mod1+c exec --no-startup-id catfish;focus + + # archlinux-logout + bindsym control+mod1+k exec --no-startup-id archlinux-logout + bindsym control+mod1+l exec --no-startup-id archlinux-logout + + # rofi theme selector + bindsym control+mod1+r exec --no-startup-id rofi-theme-selector + + # arcolinux conflict + # bindsym $mod+m exec --no-startup-id pragha;focus + + # htop + # arcolinux conflict + # bindsym $mod+h exec --no-startup-id htop;focus + + # pavucontrol + bindsym control+mod1+u exec --no-startup-id pavucontrol + + # start xfce-appfinder + # arcolinux does not seem to work + bindsym control+mod1+a exec --no-startup-id xfce4-appfinder + + # pamac-manager + bindsym control+mod1+p exec --no-startup-id pamac-manager + + # xkill + bindsym --release $mod+Escape exec xkill + + # Function Keybinds + # Browser + bindsym $mod+F1 exec --no-startup-id exo-open --launch webbrowser;focus + # qwerty/azerty conflict with w + bindsym $mod+w exec --no-startup-id exo-open --launch webbrowser;focus + bindsym control+mod1+f exec --no-startup-id firefox;focus + bindsym control+mod1+v exec --no-startup-id vivaldi-stable;focus + bindsym control+mod1+g exec --no-startup-id chromium;focus + + # Text Editor + # bindsym $mod+F2 exec --no-startup-id geany;focus + bindsym $mod+F2 exec --no-startup-id atom;focus + + # Basic Draw Tool + bindsym $mod+F3 exec --no-startup-id inkscape;focus + + # Advanced Draw Tool + bindsym $mod+F4 exec --no-startup-id gimp;focus + + # document comparison + bindsym $mod+F5 exec --no-startup-id meld;focus + bindsym control+mod1+i exec --no-startup-id nitrogen;focus + + # video player + bindsym $mod+F6 exec --no-startup-id vlc;focus + + # virtual machine + bindsym $mod+F7 exec --no-startup-id virtualbox;focus + + # file management + for_window [class="Thunar"] focus + bindsym $mod+F8 exec --no-startup-id thunar;focus + bindsym $mod+Shift+Return exec --no-startup-id thunar;focus + bindsym $mod+Shift+KP_Enter exec --no-startup-id thunar;focus + bindsym control+mod1+b exec --no-startup-id thunar;focus + + # mail application + bindsym $mod+F9 exec --no-startup-id evolution;focus + # bindsym $mod+F9 exec --no-startup-id geary;focus + # bindsym control+mod1+e exec --no-startup-id geary;focus + + # music + bindsym $mod+F10 exec --no-startup-id spotify;focus + bindsym control+mod1+s exec --no-startup-id spotify;focus + + ################# screenshots + + bindsym Print exec --no-startup-id scrot 'ArcoLinux-%Y-%m-%d-%s_screenshot_$wx$h.jpg' -e 'mv $f $$(xdg-user-dir PICTURES)' + bindsym Control+Print exec --no-startup-id xfce4-screenshooter + bindsym Control+Shift+Print exec --no-startup-id gnome-screenshot -i + bindsym $mod+Control+Print exec --no-startup-id flameshot gui + # bindsym shift+Print exec --no-startup-id shutter + + ################# floating or tiled rules + + # floating enabled from some programs - find with xprop + + for_window [class="Arcolinux-welcome-app.py"] floating enable + # for_window [class="Archlinux-tweak-tool.py"] floating enable + for_window [class="Arcolinux-calamares-tool.py"] floating enable + for_window [class="Bleachbit"] floating disable + for_window [class="Blueberry.py"] floating enable + for_window [class="Brasero"] floating disable + for_window [class="Galculator"] floating enable + for_window [class="Gnome-disks"] floating disable + for_window [class="^Gnome-font-viewer$"] floating enable + for_window [class="^Gpick$"] floating enable + for_window [class="Hexchat"] floating disable + for_window [class="Imagewriter"] floating enable + for_window [class="Font-manager"] floating enable + # for_window [class="qt5ct|Lxappearance] floating enable + for_window [class="Nitrogen"] floating disable + for_window [class="Pavucontrol"] floating disable + for_window [class="Peek"] floating enable + for_window [class="^Skype$"] floating enable + for_window [class="^Spotify$"] floating disable + for_window [class="System-config-printer.py"] floating enable + for_window [class="Unetbootin.elf"] floating enable + for_window [class="Usb-creator-gtk"] floating enable + for_window [class="^Vlc$"] floating disable + for_window [class="Wine"] floating disable + for_window [class="Xfburn"] floating disable + for_window [class="Xfce4-appfinder"] floating enable + for_window [class="Xfce4-settings-manager"] floating disable + for_window [class="Xfce4-taskmanager"] floating enable + # steam + for_window [class="^Steam$" title="^Friends$"] floating enable + for_window [class="^Steam$" title="Steam - News"] floating enable + for_window [class="^Steam$" title=".* - Chat"] floating enable + for_window [class="^Steam$" title="^Settings$"] floating enable + for_window [class="^Steam$" title=".* - event started"] floating enable + for_window [class="^Steam$" title=".* CD key"] floating enable + for_window [class="^Steam$" title="^Steam - Self Updater$"] floating enable + for_window [class="^Steam$" title="^Screenshot Uploader$"] floating enable + for_window [class="^Steam$" title="^Steam Guard - Computer Authorization Required$"] floating enable + for_window [title="^Steam Keyboard$"] floating enable + # for_window [instance="gimp"] floating disable + for_window [instance="script-fu"] border normal + for_window [instance="variety"] floating disable + + for_window [title="Copying"] floating enable + for_window [title="Deleting"] floating enable + for_window [title="Moving"] floating enable + for_window [title="^Terminator Preferences$"] floating enable + + # for_window [window_role="^gimp-toolbox-color-dialog$"] floating enable + for_window [window_role="pop-up"] floating enable + for_window [window_role="^Preferences$"] floating enable + for_window [window_role="setup"] floating enable + + ################# give focus to applications + + for_window [class="Gnome-terminal"] focus + for_window [class="Termite"] focus + for_window [class="Terminator"] focus + for_window [class="Urxvt"] focus + for_window [class="Alacritty"] focus + + ################# variety for wallpapers + + # Variety keybindings mod1 = ALT + # trash wallpaper + bindsym mod1+t exec --no-startup-id variety -t + # next wallpaper + bindsym mod1+n exec --no-startup-id variety -n + bindsym mod1+Right exec --no-startup-id variety -n + # previous wallpaper + bindsym mod1+p exec --no-startup-id variety -p + bindsym mod1+Left exec --no-startup-id variety -p + # favorite wallpaper + bindsym mod1+f exec --no-startup-id variety -f + # pause wallpaper + bindsym mod1+Up exec --no-startup-id variety --pause + # resume wallpaper + bindsym mod1+Down exec --no-startup-id variety --resume + + ################# variety with pywal for your wallpapers/colour schemes + + # next wallpaper + bindsym mod1+Shift+n exec --no-startup-id variety -n && wal -i $(cat $HOME/.config/variety/wallpaper/wallpaper.jpg.txt)& + # previous wallpaper + bindsym mod1+Shift+p exec --no-startup-id variety -p && wal -i $(cat $HOME/.config/variety/wallpaper/wallpaper.jpg.txt)& + # trash wallpaper + bindsym mod1+Shift+t exec --no-startup-id variety -t && wal -i $(cat $HOME/.config/variety/wallpaper/wallpaper.jpg.txt)& + # Update Wallpaper + bindsym mod1+Shift+u exec --no-startup-id wal -i $(cat $HOME/.config/variety/wallpaper/wallpaper.jpg.txt) + + ################# audio settings + + bindsym XF86AudioRaiseVolume exec --no-startup-id "amixer -D pulse sset Master '5%+'" + bindsym XF86AudioLowerVolume exec --no-startup-id "amixer -D pulse sset Master '5%-'" + bindsym XF86AudioMute exec --no-startup-id "amixer -D pulse set Master toggle" + # https://github.com/acrisci/playerctl/ + bindsym XF86AudioPlay exec --no-startup-id playerctl play-pause + bindsym XF86AudioNext exec --no-startup-id playerctl next + bindsym XF86AudioPrev exec --no-startup-id playerctl previous + bindsym XF86AudioStop exec --no-startup-id playerctl stop + # bindsym XF86AudioPlay exec --no-startup-id "dbus-send --print-reply --dest=org.mpris.MediaPlayer2.spotify /org/mpris/MediaPlayer2 org.mpris.MediaPlayer2.Player.PlayPause" + # bindsym XF86AudioNext exec --no-startup-id "dbus-send --print-reply --dest=org.mpris.MediaPlayer2.spotify /org/mpris/MediaPlayer2 org.mpris.MediaPlayer2.Player.Next" + # bindsym XF86AudioPrev exec --no-startup-id "dbus-send --print-reply --dest=org.mpris.MediaPlayer2.spotify /org/mpris/MediaPlayer2 org.mpris.MediaPlayer2.Player.Previous" + # bindsym XF86AudioStop exec --no-startup-id "dbus-send --print-reply --dest=org.mpris.MediaPlayer2.spotify /org/mpris/MediaPlayer2 org.mpris.MediaPlayer2.Player.Stop" + + ################# xbacklight + + bindsym XF86MonBrightnessUp exec --no-startup-id xbacklight -inc 20 # increase screen brightness + bindsym XF86MonBrightnessDown exec --no-startup-id xbacklight -dec 20 # decrease screen brightness + + ################# bar toggle + + # bar toggle, hide or show + bindsym $mod+b bar mode toggle + + ################# border control + + # Border control + hide_edge_borders both + bindsym $mod+shift+b exec --no-startup-id i3-msg border toggle + + # changing border style + # super+t in arcolinux is starting terminal + bindsym $mod+t border normal + bindsym $mod+y border pixel 1 + bindsym $mod+u border none + + # new_window pixel 1 + new_window normal + # new_window none + + # new_float pixel 1 + new_float normal + # new_float none + + ################# Popups control + + # Popups during fullscreen mode + popup_during_fullscreen smart + + ################# i3 gaps next + + # Settings for I3 next gap git + # https://github.com/Airblader/i3/tree/gaps-next + # delete or uncomment the following lines if you do not have it or do not + # want it + + for_window [class="^.*"] border pixel 1 + gaps inner 5 + gaps outer 5 + # smart_gaps on + # smart_borders on + + ################# i3 gaps change + + set $mode_gaps Gaps: (o) outer, (i) inner + set $mode_gaps_outer Outer Gaps: +|-|0 (local), Shift + +|-|0 (global) + set $mode_gaps_inner Inner Gaps: +|-|0 (local), Shift + +|-|0 (global) + bindsym $mod+Shift+g mode "$mode_gaps" + + mode "$mode_gaps" { + bindsym o mode "$mode_gaps_outer" + bindsym i mode "$mode_gaps_inner" + bindsym Return mode "default" + bindsym Escape mode "default" + } + + mode "$mode_gaps_inner" { + bindsym plus gaps inner current plus 5 + bindsym minus gaps inner current minus 5 + bindsym 0 gaps inner current set 0 + + bindsym Shift+plus gaps inner all plus 5 + bindsym Shift+minus gaps inner all minus 5 + bindsym Shift+0 gaps inner all set 0 + + bindsym Return mode "default" + bindsym Escape mode "default" + } + mode "$mode_gaps_outer" { + bindsym plus gaps outer current plus 5 + bindsym minus gaps outer current minus 5 + bindsym 0 gaps outer current set 0 + + bindsym Shift+plus gaps outer all plus 5 + bindsym Shift+minus gaps outer all minus 5 + bindsym Shift+0 gaps outer all set 0 + + bindsym Return mode "default" + bindsym Escape mode "default" + } + + ################# picom of i3wm + + # if you want transparency on non-focused windows, ... + exec_always --no-startup-id picom --config ~/.config/i3/picom.conf + + bindsym control+mod1+o exec --no-startup-id ~/.config/i3/scripts/picom-toggle.sh + + ################# bar appearance + + ##START THEMING WM + #Theme name : ArcoLinux Zion + + # Window color settings + # class border background text indicator + + # A client which currently has the focus. + client.focused #9742b5 #9742b5 #ffffff #9742b5 + + # A client which is not the focused one of its container. + client.unfocused #2C2C2C #2C2C2C #ffffff #2C2C2C + + # A client which is the focused one of its container, but it does not have the focus at the moment. + client.focused_inactive #2C2C2C #2C2C2C #ffffff #2C2C2C + + # Background and text color are used to draw placeholder window + # contents (when restoring layouts). Border and indicator are ignored. + client.placeholder #2C2C2C #2C2C2C #ffffff #2C2C2C + + # A client which has its urgency hint activated. + client.urgent #d42121 #d42121 #f7f7f7 #d42121 + + # Background color which will be used to paint the background + # of the client window on top of which the client will be rendered. + # Only clients which do not cover the whole area of this window expose + # the color. Note that this colorclass only takes a single color. + client.background #000000 + + ##STOP THEMING WM + + ######################################## THE END + + ################# Scratchpad + + # NOT USED + + # move the currently focused window to the scratchpad + # bindsym Mod1+Shift+minus move scratchpad + + # Show the next scratchpad window or hide the focused scratchpad window. + # If there are multiple scratchpad windows, this command cycles through them. + # bindsym Mod1+minus scratchpad show + + ################# mouse settings in i3 + + # NOT USED + + # mouse settings + # The middle button over a titlebar kills the window + # bindsym --release button2 kill + + # The middle button and a modifer over any part of the window kills the window + # bindsym --whole-window $mod+button2 kill + + # The right button toggles floating + # bindsym button3 floating toggle + # bindsym $mod+button3 floating toggle + + # The side buttons move the window around + # bindsym button9 move left + # bindsym button8 move right + + ################# keyboard control + + # NOT USED + + # Settings of arcolinux will be applied + # exec --no-startup-id setxkbmap be + # exec --no-startup-id setxkbmap us + + ################# unclutter + + # NOT USED + + # get the mouse out of the way with unclutter + # exec --no-startup-id unclutter + ''; +} diff --git a/home/features/desktop/polybar.nix b/home/features/desktop/polybar.nix new file mode 100644 index 0000000..fe375db --- /dev/null +++ b/home/features/desktop/polybar.nix @@ -0,0 +1,159 @@ +{ + services.polybar = { + enable = true; + script = "polybar bar &"; + package = pkgs.polybar.override { i3GapsSupport = true; }; + settings = { + "colors" = { + background = "#2F343F"; + foreground = "f3f4f5"; + foreground-active = "#50fa7b"; + occupied = "#cccccc"; + occupied-active = "#6790EB"; + active = "#50fa7b"; + alert = "#d08770"; + volume-min = "#a3be8c"; + volume-med = "#ebcb8b"; + volume-max = "#bf616a"; + }; + "bar/mainbar" = { + monitor = "\${env:MONITOR}"; + monitor-strict = "false"; + monitor-rediect = "false"; + bottom = "false"; + fixed-center = "true"; + width = "100%"; + height = "30"; + radius = "0.0"; + line-size = "2"; + line-color = "#000000"; + border-color = "#000000"; + border-size = "0"; + background = "\${colors.background}"; + foreground = "\${colors.foreground}"; + padding-left = "1"; + padding-right = "1"; + module-margin-left = "3"; + module-margin-right = "3"; + font-0 = "Fira Code:size=10;0"; + font-1 = "FontAwesome:size=13;0"; + font-2 = "Fira Code:size=10;0"; + font-3 = "Fira Code:size=10;0"; + font-4 = "Font Awesome 6 Brands:size=13;0"; + modules-left = "i3 xwindow"; + modules-right = "date battery"; + separator = "|"; + tray-detached = "false"; + tray-offset-x = "0"; + tray-offset-y = "0"; + tray-padding = "2"; + tray-maxsize = "20"; + tray-scale = "1.0"; + tray-position = "right"; + tray-background = "\${colors.background}"; + enable-ipc = "true"; + }; + "module/i3" = { + type = "internal/i3"; + pin-workspaces = "true"; + strip-wsnumbers = "true"; + indes-sort = "false"; + enable-click = "true"; + enable-scroll = "true"; + wrapping-scroll = "true"; + reverse-scroll = "false"; + fuzzy-match = "true"; + ws-icon-0 = "1;"; + ws-icon-1 = "2;"; + ws-icon-2 = "3;"; + ws-icon-3 = "4;"; + ws-icon-4 = "5;"; + ws-icon-5 = "6;"; + ws-icon-6 = "7;"; + ws-icon-7 = "8;"; + ws-icon-8 = "9;"; + ws-icon-9 = "10;"; + ws-icon-default = " "; + format = " "; + label-mode = "%mode"; + label-mode-padding = "2"; + label-mode-foreground = "#000000"; + label-mode-background = "FFBB00"; + label-focused = "%icon% %name%"; + label-focused-underline = "#50fa7b"; + label-focused-background = "\${colors.background}"; + label-focused-foreground = "#8be9fd"; + label-focused-padding = "2"; + label-unfocused = "%icon% %name%"; + label-unfocused-padding = "2"; + label-unfocused-background = "\${colors.background}"; + label-unfocused-foreground = "$ {colors.foreground}"; + label-visible = "%icon% %name%"; + label-visible-background = "\${self.label-focused-background}"; + label-visible-underline = "\${self.label-focused-underline}"; + label-visible-padding = "2"; + label-urgent = "%icon% %name%"; + label-urgent-background = "\${self.label-focused-background}"; + label-urgent-foreground = "#db104e"; + label-urgent-padding = "2"; + format-foreground = "\${colors.foreground}"; + format-background = "\${colors.background}"; + }; + "module/battery" = { + type = "internal/battery"; + battery = "BAT0"; + adapter = "AC0"; + full-at = "100"; + format-charging = " "; + label-charging = " %percentage%%"; + format-charging-foreground = "\${colors.foreground}"; + format-charging-background = "\${colors.background}"; + format-charging-underline = "#ff79c6"; + format-discharging = " "; + label-discharging = " %percentage%%"; + format-discharging-underline = "#ff79c6"; + format-discharging-foreground = "\${colors.foreground}"; + format-discharging-background = "\${colors.background}"; + format-full-prefix = ""; + format-full-prefix-foreground = "#ff79c6"; + format-full-underline = "#ff79c6"; + format-full-foreground = "\${colors.foreground}"; + format-full-background = "\${colors.background}"; + ramp-capacity-0 = ""; + ramp-capacity-1 = ""; + ramp-capacity-2 = ""; + ramp-capacity-3 = ""; + ramp-capacity-4 = ""; + ramp-capacity-foreground = "#ff79c6"; + animation-charging-0 = ""; + animation-charging-1 = ""; + animation-charging-2 = ""; + animation-charging-3 = ""; + animation-charging-4 = ""; + animation-charging-foreground = "#ff79c6"; + animation-charging-framerate = "750"; + }; + "module/xwindow" = { + type = "internal/xwindow"; + label = "%title%"; + label-maxlen = "50"; + format-foreground = "\${colors.foreground}"; + format-background = "\${colors.background}"; + }; + "module/date" = { + type = "internal/date"; + interval = "5"; + date = ''" %d-%m-%Y%"''; + date-alt = ''" %d-%m-%Y"''; + time = "%H:%M"; + time-alt = "%H:%M"; + format-prefix = " "; + format-prefix-foreground = "#ff79c6"; + format-underline = "#ff79c6"; + format-foreground = "\${colors.foreground}"; + format-background = "\${colors.background}"; + label = "%date% %time%"; + }; + }; + }; +} diff --git a/home/features/desktop/qt.nix b/home/features/desktop/qt.nix new file mode 100644 index 0000000..b368d1d --- /dev/null +++ b/home/features/desktop/qt.nix @@ -0,0 +1,6 @@ +{ + qt = { + enable = true; + platformTheme = "gtk"; + }; +} diff --git a/home/features/desktop/rofi.nix b/home/features/desktop/rofi.nix new file mode 100644 index 0000000..cc2ac2e --- /dev/null +++ b/home/features/desktop/rofi.nix @@ -0,0 +1,21 @@ +{ + programs.rofi = { + enable = true; + plugins = [ pkgs.rofi-calc pkgs.rofi-emoji ]; + theme = "themes/dracula"; + extraConfig = { + modi = "drun,ssh,filebrowser,keys,window"; + kb-primary-paste = "Control+V,Shift+Insert"; + kb-secondary-paste = "Control+v,Insert"; + }; + }; + + programs.rofi.pass = { + enable = true; + extraConfig = '' + layout_cmd () { + setxkbmap de + } + ''; + }; +} diff --git a/home/features/gaming/default.nix b/home/features/gaming/default.nix new file mode 100644 index 0000000..f703e8a --- /dev/null +++ b/home/features/gaming/default.nix @@ -0,0 +1,11 @@ +{ pkgs, ... }: { + imports = [ + ./steam.nix + ]; + home.packages = with pkgs; [ + gamescope + goverlay + mangohud + ]; + programs.gamemode.enable = true; +} diff --git a/home/features/gaming/emulation.nix b/home/features/gaming/emulation.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/features/gaming/steam.nix b/home/features/gaming/steam.nix new file mode 100644 index 0000000..a661434 --- /dev/null +++ b/home/features/gaming/steam.nix @@ -0,0 +1,7 @@ +{ + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + }; +} diff --git a/home/features/gaming/sunshine.nix b/home/features/gaming/sunshine.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/features/virtualization/default.nix b/home/features/virtualization/default.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/features/virtualization/docker.nix b/home/features/virtualization/docker.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/features/virtualization/qemu.nix b/home/features/virtualization/qemu.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/users/m3tam3re/base/default.nix b/home/users/m3tam3re/base/default.nix new file mode 100644 index 0000000..29084fc --- /dev/null +++ b/home/users/m3tam3re/base/default.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: +let + +in { + programs = { + home-manager.enable = true; + git.enable = true; + }; + + home = { + username = lib.mkDefault "m3tam3re"; + homeDirectory = lib.mkDefault "/home/${config.home.username}"; + }; +} diff --git a/home/users/m3tam3re/lkk-nix-1.nix b/home/users/m3tam3re/lkk-nix-1.nix new file mode 100644 index 0000000..838b0c8 --- /dev/null +++ b/home/users/m3tam3re/lkk-nix-1.nix @@ -0,0 +1,14 @@ +{ config, pkgs, ... }: { + imports = [ + ./base + ../../features/cli + ]; + + features = { + fish.enable = true; + starship.enable = true; + neofetch.enable = true; + }; + + home.stateVersion = "22.11"; +} diff --git a/home/users/m3tam3re/m3-nix.nix b/home/users/m3tam3re/m3-nix.nix new file mode 100644 index 0000000..8e8d11b --- /dev/null +++ b/home/users/m3tam3re/m3-nix.nix @@ -0,0 +1,23 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.features.foo; + features = { lib, config, ... }: { + options.foo = mkEnableOption "Enable CLI support"; + }; + +in { + + config = mkIf cfg.foo.enable { + import = ../../features/cli; + }; + + # imports = [ + # ./base + # ../../features/cli + # ]; + + # monitor config +} diff --git a/hosts/common/base/default.nix b/hosts/common/base/default.nix new file mode 100644 index 0000000..a1604af --- /dev/null +++ b/hosts/common/base/default.nix @@ -0,0 +1,11 @@ +{ lib, inputs, pkgs, ... }: +{ + imports = [ + inputs.home-manager.nixosModules.home-manager + ]; + + users.defaultUserShell = pkgs.fish; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; +} diff --git a/hosts/common/users/m3tam3re/default.nix b/hosts/common/users/m3tam3re/default.nix new file mode 100644 index 0000000..81eef67 --- /dev/null +++ b/hosts/common/users/m3tam3re/default.nix @@ -0,0 +1,15 @@ +{ config, pkgs, lib, outputs, ... }: { + users.users.m3tam3re = { + initialHashedPassword = + "$y$j9T$wOKc3kLsQVtmmyLIN7ljV.$NvdWzwn6p8JNByHoXQqf6/GF3C0JOPHW/D0HgFLQXy4"; + isNormalUser = true; + description = "m3tam3re"; + extraGroups = [ "wheel" "networkmanager" "libvirtd" "flatpak" "docker" ]; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@m3-nix" + ]; + packages = [ pkgs.home-manager ]; + }; + home-manager.users.m3tam3re = import m3tam3re/${config.networking.hostName}.nix; +} + diff --git a/hosts/common/users/m3tam3re/m3tam3re b/hosts/common/users/m3tam3re/m3tam3re new file mode 120000 index 0000000..3ffe3fa --- /dev/null +++ b/hosts/common/users/m3tam3re/m3tam3re @@ -0,0 +1 @@ +../../../../home/users/m3tam3re/ \ No newline at end of file diff --git a/hosts/lkk-nix-1/default.nix b/hosts/lkk-nix-1/default.nix new file mode 100644 index 0000000..2dc65ae --- /dev/null +++ b/hosts/lkk-nix-1/default.nix @@ -0,0 +1,33 @@ +{ pkgs, ... }: { + imports = [ + ./hardware-configuration.nix + ../common/users/m3tam3re + ../common/base + ./services + ]; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only + + services.openssh.enable = true; + services.openssh.passwordAuthentication = false; + networking = { + hostName = "lkk-nix-1"; + firewall.enable = true; + firewall.allowedTCPPortRanges = [{ + from = 3000; + to = 3100; + }]; + firewall.allowedTCPPorts = [ 80 443 ]; + }; + + nix = { + gc = { + automatic = true; + options = "--delete-older-than 30d"; + }; + optimise.automatic = true; + }; + system.stateVersion = "22.11"; # Did you read the comment? +} diff --git a/hosts/lkk-nix-1/hardware-configuration.nix b/hosts/lkk-nix-1/hardware-configuration.nix new file mode 100644 index 0000000..0063d0a --- /dev/null +++ b/hosts/lkk-nix-1/hardware-configuration.nix @@ -0,0 +1,50 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/6f25ddea-6022-4663-9f5d-58b383de7e52"; + fsType = "btrfs"; + options = [ "subvol=root" ]; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/6f25ddea-6022-4663-9f5d-58b383de7e52"; + fsType = "btrfs"; + options = [ "subvol=home" ]; + }; + + fileSystems."/nix" = + { device = "/dev/disk/by-uuid/6f25ddea-6022-4663-9f5d-58b383de7e52"; + fsType = "btrfs"; + options = [ "subvol=nix" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/2550-EF31"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.ens3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/lkk-nix-1/services/caddy.nix b/hosts/lkk-nix-1/services/caddy.nix new file mode 100644 index 0000000..f0c9eb5 --- /dev/null +++ b/hosts/lkk-nix-1/services/caddy.nix @@ -0,0 +1,13 @@ +{ + services.caddy = { + enable = true; + extraConfig = '' + code.lanakk.com { + reverse_proxy localhost:3000 + tls { + issuer zerossl + } + } + ''; + }; +} diff --git a/hosts/lkk-nix-1/services/default.nix b/hosts/lkk-nix-1/services/default.nix new file mode 100644 index 0000000..33b9488 --- /dev/null +++ b/hosts/lkk-nix-1/services/default.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ./caddy.nix + ./docker.nix + ./gitea.nix + ]; +} diff --git a/hosts/lkk-nix-1/services/docker.nix b/hosts/lkk-nix-1/services/docker.nix new file mode 100644 index 0000000..6ea9019 --- /dev/null +++ b/hosts/lkk-nix-1/services/docker.nix @@ -0,0 +1,7 @@ +{ config, pkgs, ... }: +{ + virtualisation.docker = { + enable = true; + enableOnBoot = true; + }; +} diff --git a/hosts/lkk-nix-1/services/gitea.nix b/hosts/lkk-nix-1/services/gitea.nix new file mode 100644 index 0000000..52eed93 --- /dev/null +++ b/hosts/lkk-nix-1/services/gitea.nix @@ -0,0 +1,6 @@ +{ + services.gitea = { + enable = true; + rootUrl = "https://code.lanakk.com"; + }; +} diff --git a/hosts/lkk-nix-1/system.nix b/hosts/lkk-nix-1/system.nix new file mode 100644 index 0000000..f93ab79 --- /dev/null +++ b/hosts/lkk-nix-1/system.nix @@ -0,0 +1,141 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ + network = { + description = "LANA KK Prod"; + enableRollback = true; + }; + lkk-nix = { config, pkgs, ... }: { + imports = [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + deployment.targetHost = "89.58.10.189"; + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + # boot.loader.grub.efiSupport = true; + # boot.loader.grub.efiInstallAsRemovable = true; + # boot.loader.efi.efiSysMountPoint = "/boot/efi"; + # Define on which hard drive you want to install Grub. + boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only + + networking.hostName = "LKK-NIX"; # Define your hostname. + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + time.timeZone = "Europe/Berlin"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + # i18n.defaultLocale = "en_US.UTF-8"; + # console = { + # font = "Lat2-Terminus16"; + # keyMap = "us"; + # useXkbConfig = true; # use xkbOptions in tty. + # }; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = { + # "eurosign:e"; + # "caps:escape" # map caps to escape. + # }; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.m3tam3re = { + isNormalUser = true; + extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + # packages = with pkgs; [ + # firefox + # thunderbird + # ]; + }; + + users.users.m3tam3re.openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@m3-nix" + ]; + + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + services.openssh.permitRootLogin = "yes"; + + services.gitea = { + enable = true; + rootUrl = "https://code.lanakk.com"; + }; + + services.caddy = { + enable = true; + extraConfig = '' + code.lanakk.com { + reverse_proxy localhost:3000 + tls { + issuer zerossl + } + } + '' + ; + }; + + # Open ports in the firewall. + networking.firewall.allowedTCPPorts = [ 80 443 ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + networking.firewall.enable = true; + networking.firewall.allowedTCPPortRanges = [{ + from = 3000; + to = 3100; + }]; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + + }; +} diff --git a/hosts/m3-nix/#default.nix# b/hosts/m3-nix/#default.nix# new file mode 100644 index 0000000..3afc265 --- /dev/null +++ b/hosts/m3-nix/#default.nix# @@ -0,0 +1,293 @@ +{ config, pkgs, lib, ... }: +let + nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' + #!/bin/bash + export __NV_PRIME_RENDER_OFFLOAD=1 + export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 + export __GLX_VENDOR_LIBRARY_NAME=nvidia + export __VK_LAYER_NV_optimus=NVIDIA_only + exec "$@" + ''; + +in { + imports = [ # Include the results of the hardware scan. + ./hardware-configuration.nix + + ]; + + specialisation = { + external-display.configuration = { + system.nixos.tags = [ "externer-Monitor" ]; + hardware.nvidia.prime.offload.enable = lib.mkForce false; + hardware.nvidia.powerManagement.finegrained = lib.mkForce false; + }; + }; + specialisation = { + dual-display.configuration = { + system.nixos.tags = [ "dual-monitor" ]; + hardware.nvidia.prime.offload.enable = lib.mkForce false; + hardware.nvidia.prime.sync.enable = lib.mkForce true; + hardware.nvidia.powerManagement.finegrained = lib.mkForce false; + }; + }; + + # Bootloader. + # boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + boot.loader.grub.enable = true; + boot.loader.grub.efiSupport = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "nodev"; + boot.loader.grub.useOSProber = true; + + hardware.tuxedo-keyboard.enable = true; + boot.kernelParams = [ + "tuxedo_keyboard.mode=0" # https://github.com/tuxedocomputers/tuxedo-keyboard#kernelparam + "tuxedo_keyboard.brightness=255" + "tuxedo_keyboard.color_left=0xff0a0a" + ]; + + # Setup keyfile + boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; + boot.extraModprobeConfig = '' + options kvm_intel nested=1 + options kvm_intel emulate_invalid_guest_state=0 + options kvm ignore_msrs=1 + ''; + + boot.initrd.luks.devices."luks-a7b1ba69-0951-4347-886e-4c0c24c2b871".keyFile = + "/crypto_keyfile.bin"; + networking.hostName = "m3-nix"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.firewall.extraCommands = + "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + networking.wg-quick.interfaces = { + wg0 = { + address = [ "10.13.13.4/24" ]; + dns = [ "192.168.178.75" ]; + privateKeyFile = "/root/wg/peer_m3arch/privatekey-peer_m3arch"; + + peers = [{ + publicKey = "zA3c0S33ZsX5oRMRCrNDYg6pCMLdRurLV+7cU2Chbwk="; + allowedIPs = [ "0.0.0.0/0" "::/0" ]; + endpoint = "45.132.245.244:51820"; + persistentKeepalive = 25; + }]; + }; + }; + nix.extraOptions = '' + experimental-features = nix-command + ''; + nix.settings.experimental-features = "nix-command flakes"; + programs.wireshark.enable = true; + # Set your time zone. + time.timeZone = "Europe/Berlin"; + + # Select internationalisation properties. + i18n.defaultLocale = "de_DE.utf8"; + + services.auto-cpufreq.enable = true; + services.tlp.enable = true; + services.fstrim.enable = true; + + services.cron = { + enable = true; + systemCronJobs = [ "" ]; + }; + + services.hardware.bolt.enable = true; + + services.gvfs = { + enable = true; + package = pkgs.gnome3.gvfs; + }; + + #services.xserver.videoDrivers = [ "intel" ]; + hardware.nvidia = { + prime = { + offload.enable = true; + + # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA + intelBusId = "PCI:0:2:0"; + + # Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA + nvidiaBusId = "PCI:1:0:0"; + }; + modesetting.enable = true; + powerManagement.finegrained = true; + powerManagement.enable = true; + }; + services.xserver = { + enable = true; + exportConfiguration = true; + videoDrivers = [ "nvidia" ]; + displayManager = { + defaultSession = "xfce+i3"; + lightdm = { enable = true; }; + }; + desktopManager = { + xterm.enable = false; + xfce = { + enable = true; + noDesktop = true; + enableXfwm = false; + #thunarPlugins = [ pkgs.xfce.thunar-archive-plugin ]; + }; + }; + windowManager.i3.package = pkgs.i3-gaps; + windowManager.i3.enable = true; + }; + programs.thunar.plugins = [ pkgs.xfce.thunar-archive-plugin ]; + services.xserver.screenSection = '' + Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}" + Option "AllowIndirectGLXProtocol" "off" + Option "TripleBuffer" "on" + ''; + hardware.opengl.enable = true; + hardware.opengl.driSupport32Bit = true; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + # Enable the XFCE Desktop Environment. + # services.xserver.desktopManager.xfce.enable = true; + + services.kubo = { enable = true; }; + + # Configure keymap in X11 + services.xserver = { + layout = "de"; + xkbOptions = "ctrl:nocaps"; + }; + + # Configure console keymap + console.keyMap = "de"; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable sound with pipewire. + sound.enable = true; + sound.mediaKeys.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + users.defaultUserShell = pkgs.fish; + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.m3tam3re = { + isNormalUser = true; + description = "m3tam3re"; + extraGroups = + [ "networkmanager" "wheel" "libvirtd" "flatpak" "docker" "wireshark" ]; + }; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + services.flatpak.enable = true; + # xdg desktop intergration (required for flatpak) + + xdg.portal = { + enable = true; + extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + }; + # Enable Virtualization + virtualisation.libvirtd.enable = true; + virtualisation.libvirtd.qemu.swtpm.enable = true; + virtualisation.libvirtd.qemu.ovmf.enable = true; + virtualisation.docker = { + enable = true; + enableOnBoot = true; + }; + + environment.systemPackages = with pkgs; [ + pkgs.alacritty + pkgs.curl + pkgs.docker + pkgs.docker-compose + pkgs.exa + pkgs.firefox + pkgs.killall + pkgs.libpng + pkgs.neovim + pkgs.OVMFFull + pkgs.pam_gnupg + pkgs.ripgrep + pkgs.swtpm + pkgs.tmux + pkgs.tree + pkgs.wget + nvidia-offload + ]; + services.udev.extraRules = '' + # Trezor + SUBSYSTEM=="usb", ATTR{idVendor}=="534c", ATTR{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + KERNEL=="hidraw*", ATTRS{idVendor}=="534c", ATTRS{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" + # Trezor v2 + SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c0", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + KERNEL=="hidraw*", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" + ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", MODE="0666", GROUP="users", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness" + ACTION=="add", SUBSYSTEM=="thunderbolt", ATTR{authorized}=="0", ATTR{authorized}="1" + ''; + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + }; + programs.gamemode.enable = true; + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + programs.ssh.askPassword = ""; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + nix.gc = { + automatic = true; + options = "--delete-older-than 30d"; + }; + nix.optimise.automatic = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leavecatenate(variables, "bootdev", bootdev) + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.05"; # Did you read the comment? + +} diff --git a/hosts/m3-nix/default.nix b/hosts/m3-nix/default.nix new file mode 100644 index 0000000..f8dbf37 --- /dev/null +++ b/hosts/m3-nix/default.nix @@ -0,0 +1,300 @@ +{ config, pkgs, lib, ... }: +let + nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' + #!/bin/bash + export __NV_PRIME_RENDER_OFFLOAD=1 + export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 + export __GLX_VENDOR_LIBRARY_NAME=nvidia + export __VK_LAYER_NV_optimus=NVIDIA_only + exec "$@" + ''; + +in { + imports = [ # Include the results of the hardware scan. + ./hardware-configuration.nix + + ]; + + specialisation = { + external-display.configuration = { + system.nixos.tags = [ "externer-Monitor" ]; + hardware.nvidia.prime.offload.enable = lib.mkForce false; + hardware.nvidia.powerManagement.finegrained = lib.mkForce false; + }; + }; + specialisation = { + dual-display.configuration = { + system.nixos.tags = [ "dual-monitor" ]; + hardware.nvidia.prime.offload.enable = lib.mkForce false; + hardware.nvidia.prime.sync.enable = lib.mkForce true; + hardware.nvidia.powerManagement.finegrained = lib.mkForce false; + }; + }; + + # Bootloader. + # boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + boot.loader.grub.enable = true; + boot.loader.grub.efiSupport = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "nodev"; + boot.loader.grub.useOSProber = true; + + hardware.tuxedo-keyboard.enable = true; + boot.kernelParams = [ + "tuxedo_keyboard.mode=0" # https://github.com/tuxedocomputers/tuxedo-keyboard#kernelparam + "tuxedo_keyboard.brightness=255" + "tuxedo_keyboard.color_left=0xff0a0a" + ]; + # Setup keyfile + boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; + boot.extraModprobeConfig = '' + options kvm_intel nested=1 + options kvm_intel emulate_invalid_guest_state=0 + options kvm ignore_msrs=1 + ''; + + boot.initrd.luks.devices."luks-a7b1ba69-0951-4347-886e-4c0c24c2b871".keyFile = + "/crypto_keyfile.bin"; + networking.hostName = "m3-nix"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.firewall.extraCommands = + "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + networking.wg-quick.interfaces = { + wg0 = { + address = [ "10.13.13.4/24" ]; + dns = [ "192.168.178.75" ]; + privateKeyFile = "/root/wg/peer_m3arch/privatekey-peer_m3arch"; + + peers = [{ + publicKey = "zA3c0S33ZsX5oRMRCrNDYg6pCMLdRurLV+7cU2Chbwk="; + allowedIPs = [ "0.0.0.0/0" "::/0" ]; + endpoint = "45.132.245.244:51820"; + persistentKeepalive = 25; + }]; + }; + }; + nix.extraOptions = '' + experimental-features = nix-command + ''; + nix.settings.experimental-features = "nix-command flakes"; + programs.wireshark.enable = true; + # Set your time zone. + time.timeZone = "Europe/Berlin"; + + # Select internationalisation properties. + i18n.defaultLocale = "de_DE.utf8"; + services.auto-cpufreq.enable = true; + services.tlp.enable = true; + services.fstrim.enable = true; + services.cron = { + enable = true; + systemCronJobs = [ "" ]; + }; + services.hardware.bolt.enable = true; + services.gvfs = { + enable = true; + package = pkgs.gnome3.gvfs; + }; + #services.xserver.videoDrivers = [ "intel" ]; + hardware.nvidia = { + prime = { + offload.enable = true; + + # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA + intelBusId = "PCI:0:2:0"; + + # Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA + nvidiaBusId = "PCI:1:0:0"; + }; + modesetting.enable = true; + powerManagement.finegrained = true; + powerManagement.enable = true; + }; + services.xserver = { + enable = true; + exportConfiguration = true; + videoDrivers = [ "nvidia" ]; + displayManager = { + defaultSession = "xfce+i3"; + lightdm = { enable = true; }; + }; + desktopManager = { + xterm.enable = false; + xfce = { + enable = true; + noDesktop = true; + enableXfwm = false; + #thunarPlugins = [ pkgs.xfce.thunar-archive-plugin ]; + }; + }; + windowManager.i3.package = pkgs.i3-gaps; + windowManager.i3.enable = true; + }; + programs.thunar.plugins = [ pkgs.xfce.thunar-archive-plugin ]; + services.xserver.screenSection = '' + Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}" + Option "AllowIndirectGLXProtocol" "off" + Option "TripleBuffer" "on" + ''; + hardware.opengl.enable = true; + hardware.opengl.driSupport32Bit = true; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + # Enable the XFCE Desktop Environment. + # services.xserver.desktopManager.xfce.enable = true; + + services.kubo = { enable = true; }; + + # Configure keymap in X11 + services.xserver = { + layout = "de"; + xkbOptions = "ctrl:nocaps"; + }; + + # Configure console keymap + console.keyMap = "de"; + + # Enable CUPS to print documents. + services.printing.enable = true; + # Enable sound with pipewire. + sound.enable = true; + sound.mediaKeys.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + users.defaultUserShell = pkgs.fish; + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.m3tam3re = { + isNormalUser = true; + description = "m3tam3re"; + extraGroups = + [ "networkmanager" "wheel" "libvirtd" "flatpak" "docker" "wireshark" ]; + }; + + # home-manager.users.m3tam3re = { pkgs, ... }: { + # home.packages = [ pkgs.home-manager ]; + # programs.bash.enable = true; + #}; + programs.fish = { + enable = true; + useBabelfish = true; + vendor.functions.enable = true; + vendor.config.enable = true; + vendor.completions.enable = true; + }; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + services.flatpak.enable = true; + # xdg desktop intergration (required for flatpak) + + xdg.portal = { + enable = true; + extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + }; + # Enable Virtualization + virtualisation.libvirtd.enable = true; + virtualisation.libvirtd.qemu.swtpm.enable = true; + virtualisation.libvirtd.qemu.ovmf.enable = true; + virtualisation.docker = { + enable = true; + enableOnBoot = true; + }; + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + pkgs.alacritty + pkgs.curl + pkgs.docker + pkgs.docker-compose + pkgs.exa + pkgs.firefox + pkgs.killall + pkgs.libpng + pkgs.neovim + pkgs.OVMFFull + pkgs.pam_gnupg + pkgs.ripgrep + pkgs.swtpm + pkgs.tmux + pkgs.tree + pkgs.wget + nvidia-offload + ]; + services.udev.extraRules = '' + # Trezor + SUBSYSTEM=="usb", ATTR{idVendor}=="534c", ATTR{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + KERNEL=="hidraw*", ATTRS{idVendor}=="534c", ATTRS{idProduct}=="0001", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" + # Trezor v2 + SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c0", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + SUBSYSTEM=="usb", ATTR{idVendor}=="1209", ATTR{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl", SYMLINK+="trezor%n" + KERNEL=="hidraw*", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="53c1", MODE="0660", GROUP="plugdev", TAG+="uaccess", TAG+="udev-acl" + ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", MODE="0666", GROUP="users", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness" + ACTION=="add", SUBSYSTEM=="thunderbolt", ATTR{authorized}=="0", ATTR{authorized}="1" + ''; + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + }; + programs.gamemode.enable = true; + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + programs.ssh.askPassword = ""; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + nix.gc = { + automatic = true; + options = "--delete-older-than 30d"; + }; + nix.optimise.automatic = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leavecatenate(variables, "bootdev", bootdev) + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.05"; # Did you read the comment? + +} diff --git a/hosts/m3-nix/hardware-configuration.nix b/hosts/m3-nix/hardware-configuration.nix new file mode 100644 index 0000000..d23bdf2 --- /dev/null +++ b/hosts/m3-nix/hardware-configuration.nix @@ -0,0 +1,59 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "ahci" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernel.sysctl = { "vm.swappiness" = 1; }; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/9d5b7792-3813-4eeb-9994-d8ecb7e28e8a"; + fsType = "btrfs"; + options = [ "subvol=@" "noatime" "nodiratime" "discard"]; + }; + + fileSystems."/boot/efi" = + { device = "/dev/disk/by-uuid/D9E9-8321"; + fsType = "vfat"; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-uuid/2a71bbf9-115c-4444-9d8e-e265df32df27"; + fsType = "btrfs"; + options = [ "noatime" "nodiratime" "discard" ]; + }; + fileSystems."/opt" = + { device = "/dev/disk/by-uuid/3574df3a-2a90-4b54-9c21-128f1d01ff8f"; + fsType = "btrfs"; + options = [ "noatime" "nodiratime" "discard" ]; + }; + + boot.initrd.luks.devices."luks-a7b1ba69-0951-4347-886e-4c0c24c2b871".device = "/dev/disk/by-uuid/a7b1ba69-0951-4347-886e-4c0c24c2b871"; + + swapDevices = + [ { device = "/dev/disk/by-uuid/da69776d-fedf-4020-98e0-34da52211a1b"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp46s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + # high-resolution display + hardware.video.hidpi.enable = lib.mkDefault true; + hardware.bluetooth.enable = true; +}