forked from pub-solar/os
Initialize template branch
Remove all idiosyncratic stuff and only leave profiles, modules and pkg definitions, which are general and applicable for any configuration.
This commit is contained in:
parent
dd9856d519
commit
73d3826d64
1
.envrc
1
.envrc
|
@ -1,2 +1 @@
|
|||
export ISO=".#nixosConfigurations.niximg.config.system.build.isoImage"
|
||||
use nix
|
||||
|
|
4
.git-crypt/.gitattributes
vendored
4
.git-crypt/.gitattributes
vendored
|
@ -1,4 +0,0 @@
|
|||
# Do not edit this file. To specify the files to encrypt, create your own
|
||||
# .gitattributes file in the directory where your files are.
|
||||
* !filter !diff
|
||||
*.gpg binary
|
|
@ -1,3 +0,0 @@
|
|||
…¨¬j›zq¤¦ÿa3Û«¡B:³bÒ…§
–ù·=uˆ„Ýl-Œê
*‰EÕ¯’DÅ4¤! WUÍ|˜Á$2^lÝ )í.è–•ƒóa` ¤ 'Œi1!žÜ²¢-¦æ6¼q~þ„
|
||||
™‹INÒy8)[<5B>"#0 ø<C2A0>\8:†übd Ü^gÇ)gh0ÞãcÏM`ÜMó—!ªŒ®¢SîG~§e"³¢u:$]c ½öBý„Mä"Ç÷êõl²jAÞKµN–2™4Q+^„iX|«›µfÌ<66>üX¨Aäµ.RËXÑ>jºWÏRWûÆià±:Áe'Õ3»XùŠ¾ñ³È‚ė㇙§Ë‰ÒÀ…WCX0B'yêÒ¹¶d£~("‡"ÍSqÔ´ŒçÊÒA´0_–{HÕ'S"’d…㌢ñ¡
7PŸA}0UPZ´ð/AcjÒ¯tÏñmëßœ%æÅ[WQÆGFXdåLÄÝàO<C3A0>â\íR<1B>*r«²+2
EEVÈqÞ{ç}"·f¶õ‚Fk<46>5Œ¥ùI/•³kJÉ3Ô²Û¦ú½µ@qžu¯íy%½¨È<C2A8>Фu3Œcž$;€ ¤¥×úO·j
|
||||
”C
|
79
README.md
79
README.md
|
@ -5,24 +5,51 @@ NixOS configuration, using the experimental [flakes][rfc] mechanism. Its aim is
|
|||
to provide a generic template repository, to neatly separate concerns and allow
|
||||
one to get up and running with NixOS faster. Flakes are still an experimental
|
||||
feature, but once they finally get merged, even more will become possible,
|
||||
including nixops support.
|
||||
including [nixops](https://nixos.org/nixops) support.
|
||||
|
||||
|
||||
#### [Flake Talk][video]
|
||||
|
||||
# Usage
|
||||
|
||||
Enter a nix-shell either manually or automatically using [direnv][direnv]. This
|
||||
will set up the exerimental nix features that need to be available to use
|
||||
[flakes][pr]. A basic `rebuild` command is included in the shell to replace
|
||||
[flakes][pr].
|
||||
|
||||
Start a new branch based on the template branch:
|
||||
```
|
||||
git checkout -b <new_branch> template
|
||||
```
|
||||
|
||||
You may want to use a generated hardware config for your machine:
|
||||
```
|
||||
nixos-generate-config --show-hardware-config > ./hosts/<new_host>.nix
|
||||
```
|
||||
|
||||
|
||||
A basic `rebuild` command is included in the shell to replace
|
||||
`nixos-rebuild` for now.
|
||||
|
||||
```
|
||||
Usage: rebuild [host] {switch|boot|test}
|
||||
|
||||
#example using above generated config
|
||||
rebuild <new_host> switch
|
||||
```
|
||||
|
||||
You can specify one of the host configurations from the [hosts](hosts)
|
||||
directory. If omitted, it will default to your systems current hostname.
|
||||
|
||||
And now you should be ready to start writing your nix configuration or import
|
||||
some of the already existing profiles. Review [contributing](#contributing)
|
||||
below on how to structure your expressions. And be sure to update the
|
||||
[locale.nix](local/locale.nix) for your region.
|
||||
|
||||
You can always check out my personal branch `nrdxp`, to get an idea of how to
|
||||
structure your work.
|
||||
|
||||
## Additional Capabilities
|
||||
|
||||
In addtion:
|
||||
```
|
||||
rebuild iso
|
||||
|
@ -38,11 +65,19 @@ to install NixOS. For example:
|
|||
nix profile install ".#packages.x86_64-linux.purs"
|
||||
```
|
||||
|
||||
A similar mechanism exists to import the modules and overlays declared in the
|
||||
flake to allow for seemless sharing between configurations.
|
||||
|
||||
# Contributing
|
||||
|
||||
The purpose of this repository is to allow for simpler modularity and
|
||||
maintainability than was achieved in a previous effort. Flakes, along with a
|
||||
standardized structure, make this simple.
|
||||
The purpose of this repository is to provide a standardized template structure
|
||||
for NixOS machine expressions, thus enabling simpler sharing and resue of nix
|
||||
expressions.
|
||||
|
||||
Say your friend and you are using this repository, each with your own unique
|
||||
nix epxpressions. By simply importing your friends flake from `flake.nix` as an
|
||||
input, you can have access to all of the packages, modules, overlays, and even
|
||||
entire system configurations your friend has defined!
|
||||
|
||||
## Hosts
|
||||
Distributions for particular machines should be stored in the [hosts](hosts)
|
||||
|
@ -52,12 +87,20 @@ output. See the [`default.nix`](hosts/default.nix) for implementation details.
|
|||
|
||||
## Profiles
|
||||
More abstract configurations that can be reused by multiple machines should
|
||||
go in the [profiles](profiles) directory. It's structure is pretty straight
|
||||
forward. Just have a look to get an idea. Every profile should have a
|
||||
`default.nix` to easily import it. You can also stick things in the profile's
|
||||
subdirectory which are not automatically imported by its `default.nix` but are
|
||||
meant to be manually imported from a host (useful for less common, or
|
||||
specialized configurations).
|
||||
go in the [profiles](profiles) directory. We make a distinction between a module
|
||||
and profile, in that a profile is simly a regular NixOS module, without any new
|
||||
option declarations.
|
||||
|
||||
Every profile should have a `default.nix` to easily import it. You can also
|
||||
stick things in the profile's subdirectory which are not automatically
|
||||
imported, but are meant to be manually imported from a host (useful for less
|
||||
common, or specialized configurations).
|
||||
|
||||
Importantly, every subdirectory in a profile should be independantly importable.
|
||||
For example, a zsh directory lives under [profiles/develop](profiles/develop/zsh).
|
||||
It's written in a generic way to allow in to be imported without the entire
|
||||
[develop](profiles/develop) if one so wished. This provides a wonderful level of
|
||||
granularity.
|
||||
|
||||
In addition, profiles can depend on other profiles. For example, The
|
||||
[graphical](profiles/graphical) profile depends on [develop](profiles/develop)
|
||||
|
@ -70,7 +113,7 @@ is available automatically for home directory setup.
|
|||
|
||||
## Secrets
|
||||
Anything you wish to keep encrypted goes in the [secrets](secrets) directory.
|
||||
Be sure to run `git-crypt init`, before committing anything to this repo.
|
||||
Be sure to run `git crypt init`, before committing anything to this repo.
|
||||
Be sure to check out the [documentation](https://github.com/AGWA/git-crypt) if
|
||||
your not familiar.
|
||||
|
||||
|
@ -89,14 +132,20 @@ outputs to import them easily into an external NixOS configuration as well.
|
|||
|
||||
## Pull Requests
|
||||
|
||||
If you'd like to add a package, module, profile or host configuration please
|
||||
be sure to format your code with [`nixpkgs-fmt`][nixpkgs-fmt] before
|
||||
While much of your work in this template may be idiosyncratic in nature. Anything
|
||||
that might be generally useful to the broader NixOS community can be synced to
|
||||
the `template` branch to provide a host of useful NixOS configurations available
|
||||
"out of the box". If you wish to contribute such an expression please follow
|
||||
the following guidelines.
|
||||
|
||||
Be sure to format your code with [`nixpkgs-fmt`][nixpkgs-fmt] before
|
||||
opening a pull-request. The commit message follows the same semantics as
|
||||
[nixpkgs][nixpkgs]. You can use a `#` symbol to specify abiguities. For example,
|
||||
`develop#zsh: <rest of commit message>` would tell me that your updating the
|
||||
`zsh` configuration living under the `develop` profile.
|
||||
|
||||
|
||||
|
||||
# License
|
||||
|
||||
This software is licensed under the [MIT License](COPYING).
|
||||
|
@ -109,7 +158,7 @@ which they apply. The aforementioned artifacts are all covered by the
|
|||
licenses of the respective packages.
|
||||
|
||||
[direnv]: https://direnv.net
|
||||
[home-manager]: https://github.com/nrdxp/home-manager
|
||||
[home-manager]: https://github.com/rycee/home-manager
|
||||
[NixOS]: https://nixos.org
|
||||
[nixpkgs-fmt]: https://github.com/nix-community/nixpkgs-fmt
|
||||
[nixpkgs]: https://github.com/NixOS/nixpkgs
|
||||
|
|
|
@ -1,63 +0,0 @@
|
|||
{ lib, pkgs, ... }:
|
||||
let
|
||||
inherit (builtins) readFile;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
../profiles/games
|
||||
../profiles/misc
|
||||
../profiles/misc/plex.nix
|
||||
../profiles/misc/torrent.nix
|
||||
../users/nrd
|
||||
];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/5c0bf17c-6df1-4618-88f8-48a4249adb30";
|
||||
fsType = "xfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/B361-1241";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
fileSystems."/srv" = {
|
||||
device = "/dev/disk/by-uuid/2a21bc0b-f30a-4001-8976-f39adf805daa";
|
||||
fsType = "xfs";
|
||||
};
|
||||
|
||||
boot.initrd.availableKernelModules = [
|
||||
"xhci_pci"
|
||||
"ehci_pci"
|
||||
"ahci"
|
||||
"usbhid"
|
||||
"sd_mod"
|
||||
];
|
||||
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
|
||||
environment.sessionVariables = {
|
||||
LIBVA_DRIVER_NAME = "iHD";
|
||||
};
|
||||
|
||||
hardware.cpu.intel.updateMicrocode = true;
|
||||
|
||||
hardware.opengl.extraPackages = with pkgs; [
|
||||
vaapiIntel
|
||||
vaapiVdpau
|
||||
libvdpau-va-gl
|
||||
intel-media-driver
|
||||
];
|
||||
|
||||
networking.networkmanager = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
nix.systemFeatures = [ "gccarch-haswell" ];
|
||||
|
||||
boot.loader.systemd-boot = {
|
||||
enable = true;
|
||||
editor = false;
|
||||
};
|
||||
}
|
|
@ -17,5 +17,7 @@ stdenv.mkDerivation rec {
|
|||
description = "Nerdfont version of DejaVu";
|
||||
homepage = https://github.com/ryanoasis/nerd-fonts;
|
||||
license = licenses.mit;
|
||||
maintainers = [ maintainers.nrdxp ];
|
||||
inherit version;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1 +1 @@
|
|||
while read line; do line=${(Q)line}; [[ -d $line ]] && echo $line; done < /home/nrd/.cache/zsh-cdr/recent-dirs
|
||||
while read line; do line=${(Q)line}; [[ -d $line ]] && echo $line; done < $HOME/.cache/zsh-cdr/recent-dirs
|
||||
|
|
BIN
secrets/cargo
BIN
secrets/cargo
Binary file not shown.
BIN
secrets/ec2
BIN
secrets/ec2
Binary file not shown.
BIN
secrets/github
BIN
secrets/github
Binary file not shown.
BIN
secrets/gitlab
BIN
secrets/gitlab
Binary file not shown.
BIN
secrets/nrd
BIN
secrets/nrd
Binary file not shown.
BIN
secrets/root
BIN
secrets/root
Binary file not shown.
|
@ -1,202 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
inherit (builtins)
|
||||
toFile
|
||||
readFile
|
||||
;
|
||||
|
||||
inherit (lib)
|
||||
fileContents
|
||||
mkForce
|
||||
;
|
||||
|
||||
|
||||
name = "Timothy DeHerrera";
|
||||
in
|
||||
{
|
||||
|
||||
imports = [
|
||||
../../profiles/graphical
|
||||
];
|
||||
|
||||
users.users.root.hashedPassword = fileContents ../../secrets/root;
|
||||
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
nrd-logo
|
||||
pinentry_gnome
|
||||
];
|
||||
|
||||
home-manager.users.nrd = {
|
||||
home = {
|
||||
packages = mkForce [];
|
||||
|
||||
file = {
|
||||
".ec2-keys".source = ../../secrets/ec2;
|
||||
".cargo/credentials".source = ../../secrets/cargo;
|
||||
".zshrc".text = "#";
|
||||
};
|
||||
};
|
||||
|
||||
programs.alacritty = {
|
||||
enable = true;
|
||||
settings = {
|
||||
env.TERM = "xterm-256color";
|
||||
window.decorations = "full";
|
||||
tabspaces = 2;
|
||||
font.size = 9.0;
|
||||
cursor.style = "Beam";
|
||||
|
||||
# snazzy theme
|
||||
colors = {
|
||||
# Default colors
|
||||
primary = {
|
||||
background = "0x282a36";
|
||||
foreground = "0xeff0eb";
|
||||
};
|
||||
|
||||
# Normal colors
|
||||
normal = {
|
||||
black = "0x282a36";
|
||||
red = "0xff5c57";
|
||||
green = "0x5af78e";
|
||||
yellow = "0xf3f99d";
|
||||
blue = "0x57c7ff";
|
||||
magenta = "0xff6ac1";
|
||||
cyan = "0x9aedfe";
|
||||
white = "0xf1f1f0";
|
||||
};
|
||||
|
||||
# Bright colors
|
||||
bright = {
|
||||
black = "0x686868";
|
||||
red = "0xff5c57";
|
||||
green = "0x5af78e";
|
||||
yellow = "0xf3f99d";
|
||||
blue = "0x57c7ff";
|
||||
magenta = "0xff6ac1";
|
||||
cyan = "0x9aedfe";
|
||||
white = "0xf1f1f0";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
programs.mpv = {
|
||||
enable = true;
|
||||
config = {
|
||||
ytdl-format = "bestvideo[height<=?1080]+bestaudio/best";
|
||||
hwdec = "auto";
|
||||
vo = "gpu";
|
||||
};
|
||||
};
|
||||
|
||||
programs.git = {
|
||||
enable = true;
|
||||
|
||||
aliases = {
|
||||
a = "add -p";
|
||||
co = "checkout";
|
||||
cob = "checkout -b";
|
||||
f = "fetch -p";
|
||||
c = "commit";
|
||||
p = "push";
|
||||
ba = "branch -a";
|
||||
bd = "branch -d";
|
||||
bD = "branch -D";
|
||||
d = "diff";
|
||||
dc = "diff --cached";
|
||||
ds = "diff --staged";
|
||||
r = "restore";
|
||||
rs = "restore --staged";
|
||||
st = "status -sb";
|
||||
|
||||
# logging
|
||||
lg = "log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
|
||||
plog = "log --graph --pretty='format:%C(red)%d%C(reset) %C(yellow)%h%C(reset) %ar %C(green)%aN%C(reset) %s'";
|
||||
tlog = "log --stat --since='1 Day Ago' --graph --pretty=oneline --abbrev-commit --date=relative";
|
||||
rank = "shortlog -sn --no-merges";
|
||||
|
||||
# delete merged branches
|
||||
bdm = "!git branch --merged | grep -v '*' | xargs -n 1 git branch -d";
|
||||
};
|
||||
|
||||
userName = name;
|
||||
userEmail = "tim.deh@pm.me";
|
||||
signing = {
|
||||
key = "8985725DB5B0C122";
|
||||
signByDefault = true;
|
||||
};
|
||||
};
|
||||
|
||||
programs.ssh = {
|
||||
enable = true;
|
||||
hashKnownHosts = true;
|
||||
|
||||
matchBlocks = let
|
||||
githubKey = toFile "github"
|
||||
(readFile ../../secrets/github);
|
||||
|
||||
gitlabKey = toFile "gitlab"
|
||||
(readFile ../../secrets/gitlab);
|
||||
in
|
||||
{
|
||||
github = {
|
||||
host = "github.com";
|
||||
identityFile = githubKey;
|
||||
extraOptions = {
|
||||
AddKeysToAgent = "yes";
|
||||
};
|
||||
};
|
||||
gitlab = {
|
||||
host = "gitlab.com";
|
||||
identityFile = gitlabKey;
|
||||
extraOptions = {
|
||||
AddKeysToAgent = "yes";
|
||||
};
|
||||
};
|
||||
"gitlab.company" = {
|
||||
host = "gitlab.company.com";
|
||||
identityFile = gitlabKey;
|
||||
extraOptions = {
|
||||
AddKeysToAgent = "yes";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
users.groups.media.members = [ "nrd" ];
|
||||
|
||||
users.users.nrd = {
|
||||
uid = 1000;
|
||||
description = name;
|
||||
isNormalUser = true;
|
||||
hashedPassword = fileContents ../../secrets/nrd;
|
||||
extraGroups = [
|
||||
"wheel"
|
||||
"input"
|
||||
"networkmanager"
|
||||
"adbusers"
|
||||
];
|
||||
};
|
||||
|
||||
nixpkgs.overlays = let
|
||||
overlay = self: super: {
|
||||
nrd-logo = super.stdenv.mkDerivation {
|
||||
name = "nrdxp-logo";
|
||||
src = ./logo.png;
|
||||
dontUnpack = true;
|
||||
installPhase = ''
|
||||
mkdir -p $out/share/sddm/faces
|
||||
cp $src $out/share/sddm/faces/nrd.face.icon
|
||||
'';
|
||||
};
|
||||
};
|
||||
in
|
||||
[ overlay ];
|
||||
}
|
Binary file not shown.
Before Width: | Height: | Size: 330 KiB |
Loading…
Reference in a new issue