forked from pub-solar/os
Initialize template branch
Remove all idiosyncratic stuff and only leave profiles, modules and pkg definitions, which are general and applicable for any configuration.
This commit is contained in:
parent
dd9856d519
commit
73d3826d64
1
.envrc
1
.envrc
|
@ -1,2 +1 @@
|
||||||
export ISO=".#nixosConfigurations.niximg.config.system.build.isoImage"
|
|
||||||
use nix
|
use nix
|
||||||
|
|
4
.git-crypt/.gitattributes
vendored
4
.git-crypt/.gitattributes
vendored
|
@ -1,4 +0,0 @@
|
||||||
# Do not edit this file. To specify the files to encrypt, create your own
|
|
||||||
# .gitattributes file in the directory where your files are.
|
|
||||||
* !filter !diff
|
|
||||||
*.gpg binary
|
|
|
@ -1,3 +0,0 @@
|
||||||
…¨¬j›zq¤¦ÿa3Û«¡B:³bÒ…§
–ù·=uˆ„Ýl-Œê
*‰EÕ¯’DÅ4¤! WUÍ|˜Á$2^lÝ )í.è–•ƒóa` ¤ 'Œi1!žÜ²¢-¦æ6¼q~þ„
|
|
||||||
™‹INÒy8)[<5B>"#0 ø<C2A0>\8:†übd Ü^gÇ)gh0ÞãcÏM`ÜMó—!ªŒ®¢SîG~§e"³¢u:$]c ½öBý„Mä"Ç÷êõl²jAÞKµN–2™4Q+^„iX|«›µfÌ<66>üX¨Aäµ.RËXÑ>jºWÏRWûÆià±:Áe'Õ3»XùŠ¾ñ³È‚ė㇙§Ë‰ÒÀ…WCX0B'yêÒ¹¶d£~("‡"ÍSqÔ´ŒçÊÒA´0_–{HÕ'S"’d…㌢ñ¡
7PŸA}0UPZ´ð/AcjÒ¯tÏñmëßœ%æÅ[WQÆGFXdåLÄÝàO<C3A0>â\íR<1B>*r«²+2
EEVÈqÞ{ç}"·f¶õ‚Fk<46>5Œ¥ùI/•³kJÉ3Ô²Û¦ú½µ@qžu¯íy%½¨È<C2A8>Фu3Œcž$;€ ¤¥×úO·j
|
|
||||||
”C
|
|
79
README.md
79
README.md
|
@ -5,24 +5,51 @@ NixOS configuration, using the experimental [flakes][rfc] mechanism. Its aim is
|
||||||
to provide a generic template repository, to neatly separate concerns and allow
|
to provide a generic template repository, to neatly separate concerns and allow
|
||||||
one to get up and running with NixOS faster. Flakes are still an experimental
|
one to get up and running with NixOS faster. Flakes are still an experimental
|
||||||
feature, but once they finally get merged, even more will become possible,
|
feature, but once they finally get merged, even more will become possible,
|
||||||
including nixops support.
|
including [nixops](https://nixos.org/nixops) support.
|
||||||
|
|
||||||
|
|
||||||
#### [Flake Talk][video]
|
#### [Flake Talk][video]
|
||||||
|
|
||||||
# Usage
|
# Usage
|
||||||
|
|
||||||
Enter a nix-shell either manually or automatically using [direnv][direnv]. This
|
Enter a nix-shell either manually or automatically using [direnv][direnv]. This
|
||||||
will set up the exerimental nix features that need to be available to use
|
will set up the exerimental nix features that need to be available to use
|
||||||
[flakes][pr]. A basic `rebuild` command is included in the shell to replace
|
[flakes][pr].
|
||||||
|
|
||||||
|
Start a new branch based on the template branch:
|
||||||
|
```
|
||||||
|
git checkout -b <new_branch> template
|
||||||
|
```
|
||||||
|
|
||||||
|
You may want to use a generated hardware config for your machine:
|
||||||
|
```
|
||||||
|
nixos-generate-config --show-hardware-config > ./hosts/<new_host>.nix
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
A basic `rebuild` command is included in the shell to replace
|
||||||
`nixos-rebuild` for now.
|
`nixos-rebuild` for now.
|
||||||
|
|
||||||
```
|
```
|
||||||
Usage: rebuild [host] {switch|boot|test}
|
Usage: rebuild [host] {switch|boot|test}
|
||||||
|
|
||||||
|
#example using above generated config
|
||||||
|
rebuild <new_host> switch
|
||||||
```
|
```
|
||||||
|
|
||||||
You can specify one of the host configurations from the [hosts](hosts)
|
You can specify one of the host configurations from the [hosts](hosts)
|
||||||
directory. If omitted, it will default to your systems current hostname.
|
directory. If omitted, it will default to your systems current hostname.
|
||||||
|
|
||||||
|
And now you should be ready to start writing your nix configuration or import
|
||||||
|
some of the already existing profiles. Review [contributing](#contributing)
|
||||||
|
below on how to structure your expressions. And be sure to update the
|
||||||
|
[locale.nix](local/locale.nix) for your region.
|
||||||
|
|
||||||
|
You can always check out my personal branch `nrdxp`, to get an idea of how to
|
||||||
|
structure your work.
|
||||||
|
|
||||||
|
## Additional Capabilities
|
||||||
|
|
||||||
In addtion:
|
In addtion:
|
||||||
```
|
```
|
||||||
rebuild iso
|
rebuild iso
|
||||||
|
@ -38,11 +65,19 @@ to install NixOS. For example:
|
||||||
nix profile install ".#packages.x86_64-linux.purs"
|
nix profile install ".#packages.x86_64-linux.purs"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
A similar mechanism exists to import the modules and overlays declared in the
|
||||||
|
flake to allow for seemless sharing between configurations.
|
||||||
|
|
||||||
# Contributing
|
# Contributing
|
||||||
|
|
||||||
The purpose of this repository is to allow for simpler modularity and
|
The purpose of this repository is to provide a standardized template structure
|
||||||
maintainability than was achieved in a previous effort. Flakes, along with a
|
for NixOS machine expressions, thus enabling simpler sharing and resue of nix
|
||||||
standardized structure, make this simple.
|
expressions.
|
||||||
|
|
||||||
|
Say your friend and you are using this repository, each with your own unique
|
||||||
|
nix epxpressions. By simply importing your friends flake from `flake.nix` as an
|
||||||
|
input, you can have access to all of the packages, modules, overlays, and even
|
||||||
|
entire system configurations your friend has defined!
|
||||||
|
|
||||||
## Hosts
|
## Hosts
|
||||||
Distributions for particular machines should be stored in the [hosts](hosts)
|
Distributions for particular machines should be stored in the [hosts](hosts)
|
||||||
|
@ -52,12 +87,20 @@ output. See the [`default.nix`](hosts/default.nix) for implementation details.
|
||||||
|
|
||||||
## Profiles
|
## Profiles
|
||||||
More abstract configurations that can be reused by multiple machines should
|
More abstract configurations that can be reused by multiple machines should
|
||||||
go in the [profiles](profiles) directory. It's structure is pretty straight
|
go in the [profiles](profiles) directory. We make a distinction between a module
|
||||||
forward. Just have a look to get an idea. Every profile should have a
|
and profile, in that a profile is simly a regular NixOS module, without any new
|
||||||
`default.nix` to easily import it. You can also stick things in the profile's
|
option declarations.
|
||||||
subdirectory which are not automatically imported by its `default.nix` but are
|
|
||||||
meant to be manually imported from a host (useful for less common, or
|
Every profile should have a `default.nix` to easily import it. You can also
|
||||||
specialized configurations).
|
stick things in the profile's subdirectory which are not automatically
|
||||||
|
imported, but are meant to be manually imported from a host (useful for less
|
||||||
|
common, or specialized configurations).
|
||||||
|
|
||||||
|
Importantly, every subdirectory in a profile should be independantly importable.
|
||||||
|
For example, a zsh directory lives under [profiles/develop](profiles/develop/zsh).
|
||||||
|
It's written in a generic way to allow in to be imported without the entire
|
||||||
|
[develop](profiles/develop) if one so wished. This provides a wonderful level of
|
||||||
|
granularity.
|
||||||
|
|
||||||
In addition, profiles can depend on other profiles. For example, The
|
In addition, profiles can depend on other profiles. For example, The
|
||||||
[graphical](profiles/graphical) profile depends on [develop](profiles/develop)
|
[graphical](profiles/graphical) profile depends on [develop](profiles/develop)
|
||||||
|
@ -70,7 +113,7 @@ is available automatically for home directory setup.
|
||||||
|
|
||||||
## Secrets
|
## Secrets
|
||||||
Anything you wish to keep encrypted goes in the [secrets](secrets) directory.
|
Anything you wish to keep encrypted goes in the [secrets](secrets) directory.
|
||||||
Be sure to run `git-crypt init`, before committing anything to this repo.
|
Be sure to run `git crypt init`, before committing anything to this repo.
|
||||||
Be sure to check out the [documentation](https://github.com/AGWA/git-crypt) if
|
Be sure to check out the [documentation](https://github.com/AGWA/git-crypt) if
|
||||||
your not familiar.
|
your not familiar.
|
||||||
|
|
||||||
|
@ -89,14 +132,20 @@ outputs to import them easily into an external NixOS configuration as well.
|
||||||
|
|
||||||
## Pull Requests
|
## Pull Requests
|
||||||
|
|
||||||
If you'd like to add a package, module, profile or host configuration please
|
While much of your work in this template may be idiosyncratic in nature. Anything
|
||||||
be sure to format your code with [`nixpkgs-fmt`][nixpkgs-fmt] before
|
that might be generally useful to the broader NixOS community can be synced to
|
||||||
|
the `template` branch to provide a host of useful NixOS configurations available
|
||||||
|
"out of the box". If you wish to contribute such an expression please follow
|
||||||
|
the following guidelines.
|
||||||
|
|
||||||
|
Be sure to format your code with [`nixpkgs-fmt`][nixpkgs-fmt] before
|
||||||
opening a pull-request. The commit message follows the same semantics as
|
opening a pull-request. The commit message follows the same semantics as
|
||||||
[nixpkgs][nixpkgs]. You can use a `#` symbol to specify abiguities. For example,
|
[nixpkgs][nixpkgs]. You can use a `#` symbol to specify abiguities. For example,
|
||||||
`develop#zsh: <rest of commit message>` would tell me that your updating the
|
`develop#zsh: <rest of commit message>` would tell me that your updating the
|
||||||
`zsh` configuration living under the `develop` profile.
|
`zsh` configuration living under the `develop` profile.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# License
|
# License
|
||||||
|
|
||||||
This software is licensed under the [MIT License](COPYING).
|
This software is licensed under the [MIT License](COPYING).
|
||||||
|
@ -109,7 +158,7 @@ which they apply. The aforementioned artifacts are all covered by the
|
||||||
licenses of the respective packages.
|
licenses of the respective packages.
|
||||||
|
|
||||||
[direnv]: https://direnv.net
|
[direnv]: https://direnv.net
|
||||||
[home-manager]: https://github.com/nrdxp/home-manager
|
[home-manager]: https://github.com/rycee/home-manager
|
||||||
[NixOS]: https://nixos.org
|
[NixOS]: https://nixos.org
|
||||||
[nixpkgs-fmt]: https://github.com/nix-community/nixpkgs-fmt
|
[nixpkgs-fmt]: https://github.com/nix-community/nixpkgs-fmt
|
||||||
[nixpkgs]: https://github.com/NixOS/nixpkgs
|
[nixpkgs]: https://github.com/NixOS/nixpkgs
|
||||||
|
|
|
@ -1,63 +0,0 @@
|
||||||
{ lib, pkgs, ... }:
|
|
||||||
let
|
|
||||||
inherit (builtins) readFile;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
../profiles/games
|
|
||||||
../profiles/misc
|
|
||||||
../profiles/misc/plex.nix
|
|
||||||
../profiles/misc/torrent.nix
|
|
||||||
../users/nrd
|
|
||||||
];
|
|
||||||
|
|
||||||
fileSystems."/" = {
|
|
||||||
device = "/dev/disk/by-uuid/5c0bf17c-6df1-4618-88f8-48a4249adb30";
|
|
||||||
fsType = "xfs";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/boot" = {
|
|
||||||
device = "/dev/disk/by-uuid/B361-1241";
|
|
||||||
fsType = "vfat";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/srv" = {
|
|
||||||
device = "/dev/disk/by-uuid/2a21bc0b-f30a-4001-8976-f39adf805daa";
|
|
||||||
fsType = "xfs";
|
|
||||||
};
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [
|
|
||||||
"xhci_pci"
|
|
||||||
"ehci_pci"
|
|
||||||
"ahci"
|
|
||||||
"usbhid"
|
|
||||||
"sd_mod"
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
|
||||||
|
|
||||||
environment.sessionVariables = {
|
|
||||||
LIBVA_DRIVER_NAME = "iHD";
|
|
||||||
};
|
|
||||||
|
|
||||||
hardware.cpu.intel.updateMicrocode = true;
|
|
||||||
|
|
||||||
hardware.opengl.extraPackages = with pkgs; [
|
|
||||||
vaapiIntel
|
|
||||||
vaapiVdpau
|
|
||||||
libvdpau-va-gl
|
|
||||||
intel-media-driver
|
|
||||||
];
|
|
||||||
|
|
||||||
networking.networkmanager = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
nix.maxJobs = lib.mkDefault 4;
|
|
||||||
nix.systemFeatures = [ "gccarch-haswell" ];
|
|
||||||
|
|
||||||
boot.loader.systemd-boot = {
|
|
||||||
enable = true;
|
|
||||||
editor = false;
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -17,5 +17,7 @@ stdenv.mkDerivation rec {
|
||||||
description = "Nerdfont version of DejaVu";
|
description = "Nerdfont version of DejaVu";
|
||||||
homepage = https://github.com/ryanoasis/nerd-fonts;
|
homepage = https://github.com/ryanoasis/nerd-fonts;
|
||||||
license = licenses.mit;
|
license = licenses.mit;
|
||||||
|
maintainers = [ maintainers.nrdxp ];
|
||||||
|
inherit version;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
while read line; do line=${(Q)line}; [[ -d $line ]] && echo $line; done < /home/nrd/.cache/zsh-cdr/recent-dirs
|
while read line; do line=${(Q)line}; [[ -d $line ]] && echo $line; done < $HOME/.cache/zsh-cdr/recent-dirs
|
||||||
|
|
BIN
secrets/cargo
BIN
secrets/cargo
Binary file not shown.
BIN
secrets/ec2
BIN
secrets/ec2
Binary file not shown.
BIN
secrets/github
BIN
secrets/github
Binary file not shown.
BIN
secrets/gitlab
BIN
secrets/gitlab
Binary file not shown.
BIN
secrets/nrd
BIN
secrets/nrd
Binary file not shown.
BIN
secrets/root
BIN
secrets/root
Binary file not shown.
|
@ -1,202 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
let
|
|
||||||
inherit (builtins)
|
|
||||||
toFile
|
|
||||||
readFile
|
|
||||||
;
|
|
||||||
|
|
||||||
inherit (lib)
|
|
||||||
fileContents
|
|
||||||
mkForce
|
|
||||||
;
|
|
||||||
|
|
||||||
|
|
||||||
name = "Timothy DeHerrera";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
|
|
||||||
imports = [
|
|
||||||
../../profiles/graphical
|
|
||||||
];
|
|
||||||
|
|
||||||
users.users.root.hashedPassword = fileContents ../../secrets/root;
|
|
||||||
|
|
||||||
programs.gnupg.agent = {
|
|
||||||
enable = true;
|
|
||||||
enableSSHSupport = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
nrd-logo
|
|
||||||
pinentry_gnome
|
|
||||||
];
|
|
||||||
|
|
||||||
home-manager.users.nrd = {
|
|
||||||
home = {
|
|
||||||
packages = mkForce [];
|
|
||||||
|
|
||||||
file = {
|
|
||||||
".ec2-keys".source = ../../secrets/ec2;
|
|
||||||
".cargo/credentials".source = ../../secrets/cargo;
|
|
||||||
".zshrc".text = "#";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
programs.alacritty = {
|
|
||||||
enable = true;
|
|
||||||
settings = {
|
|
||||||
env.TERM = "xterm-256color";
|
|
||||||
window.decorations = "full";
|
|
||||||
tabspaces = 2;
|
|
||||||
font.size = 9.0;
|
|
||||||
cursor.style = "Beam";
|
|
||||||
|
|
||||||
# snazzy theme
|
|
||||||
colors = {
|
|
||||||
# Default colors
|
|
||||||
primary = {
|
|
||||||
background = "0x282a36";
|
|
||||||
foreground = "0xeff0eb";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Normal colors
|
|
||||||
normal = {
|
|
||||||
black = "0x282a36";
|
|
||||||
red = "0xff5c57";
|
|
||||||
green = "0x5af78e";
|
|
||||||
yellow = "0xf3f99d";
|
|
||||||
blue = "0x57c7ff";
|
|
||||||
magenta = "0xff6ac1";
|
|
||||||
cyan = "0x9aedfe";
|
|
||||||
white = "0xf1f1f0";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Bright colors
|
|
||||||
bright = {
|
|
||||||
black = "0x686868";
|
|
||||||
red = "0xff5c57";
|
|
||||||
green = "0x5af78e";
|
|
||||||
yellow = "0xf3f99d";
|
|
||||||
blue = "0x57c7ff";
|
|
||||||
magenta = "0xff6ac1";
|
|
||||||
cyan = "0x9aedfe";
|
|
||||||
white = "0xf1f1f0";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
programs.mpv = {
|
|
||||||
enable = true;
|
|
||||||
config = {
|
|
||||||
ytdl-format = "bestvideo[height<=?1080]+bestaudio/best";
|
|
||||||
hwdec = "auto";
|
|
||||||
vo = "gpu";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
programs.git = {
|
|
||||||
enable = true;
|
|
||||||
|
|
||||||
aliases = {
|
|
||||||
a = "add -p";
|
|
||||||
co = "checkout";
|
|
||||||
cob = "checkout -b";
|
|
||||||
f = "fetch -p";
|
|
||||||
c = "commit";
|
|
||||||
p = "push";
|
|
||||||
ba = "branch -a";
|
|
||||||
bd = "branch -d";
|
|
||||||
bD = "branch -D";
|
|
||||||
d = "diff";
|
|
||||||
dc = "diff --cached";
|
|
||||||
ds = "diff --staged";
|
|
||||||
r = "restore";
|
|
||||||
rs = "restore --staged";
|
|
||||||
st = "status -sb";
|
|
||||||
|
|
||||||
# logging
|
|
||||||
lg = "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
|
|
||||||
plog = "log --graph --pretty='format:%C(red)%d%C(reset) %C(yellow)%h%C(reset) %ar %C(green)%aN%C(reset) %s'";
|
|
||||||
tlog = "log --stat --since='1 Day Ago' --graph --pretty=oneline --abbrev-commit --date=relative";
|
|
||||||
rank = "shortlog -sn --no-merges";
|
|
||||||
|
|
||||||
# delete merged branches
|
|
||||||
bdm = "!git branch --merged | grep -v '*' | xargs -n 1 git branch -d";
|
|
||||||
};
|
|
||||||
|
|
||||||
userName = name;
|
|
||||||
userEmail = "tim.deh@pm.me";
|
|
||||||
signing = {
|
|
||||||
key = "8985725DB5B0C122";
|
|
||||||
signByDefault = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
programs.ssh = {
|
|
||||||
enable = true;
|
|
||||||
hashKnownHosts = true;
|
|
||||||
|
|
||||||
matchBlocks = let
|
|
||||||
githubKey = toFile "github"
|
|
||||||
(readFile ../../secrets/github);
|
|
||||||
|
|
||||||
gitlabKey = toFile "gitlab"
|
|
||||||
(readFile ../../secrets/gitlab);
|
|
||||||
in
|
|
||||||
{
|
|
||||||
github = {
|
|
||||||
host = "github.com";
|
|
||||||
identityFile = githubKey;
|
|
||||||
extraOptions = {
|
|
||||||
AddKeysToAgent = "yes";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
gitlab = {
|
|
||||||
host = "gitlab.com";
|
|
||||||
identityFile = gitlabKey;
|
|
||||||
extraOptions = {
|
|
||||||
AddKeysToAgent = "yes";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
"gitlab.company" = {
|
|
||||||
host = "gitlab.company.com";
|
|
||||||
identityFile = gitlabKey;
|
|
||||||
extraOptions = {
|
|
||||||
AddKeysToAgent = "yes";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
users.groups.media.members = [ "nrd" ];
|
|
||||||
|
|
||||||
users.users.nrd = {
|
|
||||||
uid = 1000;
|
|
||||||
description = name;
|
|
||||||
isNormalUser = true;
|
|
||||||
hashedPassword = fileContents ../../secrets/nrd;
|
|
||||||
extraGroups = [
|
|
||||||
"wheel"
|
|
||||||
"input"
|
|
||||||
"networkmanager"
|
|
||||||
"adbusers"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
nixpkgs.overlays = let
|
|
||||||
overlay = self: super: {
|
|
||||||
nrd-logo = super.stdenv.mkDerivation {
|
|
||||||
name = "nrdxp-logo";
|
|
||||||
src = ./logo.png;
|
|
||||||
dontUnpack = true;
|
|
||||||
installPhase = ''
|
|
||||||
mkdir -p $out/share/sddm/faces
|
|
||||||
cp $src $out/share/sddm/faces/nrd.face.icon
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in
|
|
||||||
[ overlay ];
|
|
||||||
}
|
|
Binary file not shown.
Before Width: | Height: | Size: 330 KiB |
Loading…
Reference in a new issue