kopatz/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cleanup

Browse Source
This commit is contained in:
Kopatz
2025-05-18 11:24:48 +02:00
parent 3f70d39d4f
commit 859e36ddbb
14 changed files with 94 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
flake.nix
View File

@@ -140,7 +140,6 @@
### User specific ### ### User specific ###
./users/kopatz ./users/kopatz
./systems/laptop/configuration.nix ./systems/laptop/configuration.nix
./modules/collections/laptop.nix
]; ];
}; };
#initial install done with nix run github:nix-community/nixos-anywhere/73a6d3fef4c5b4ab9e4ac868f468ec8f9436afa7 -- --flake .#adam-site root@<ip> #initial install done with nix run github:nix-community/nixos-anywhere/73a6d3fef4c5b4ab9e4ac868f468ec8f9436afa7 -- --flake .#adam-site root@<ip>

65
modules/collections/laptop.nix
View File

@@ -1,65 +0,0 @@
{ pkgs, config, ... }: {
imports = [
../kernel.nix # use latest kernel
../services/wireguard-client.nix
../services/ssh.nix
../work/vpn.nix
];
custom = {
cli-tools.enable = true;
tmpfs.enable = true;
wireshark.enable = true;
virt-manager.enable = true;
nix = {
ld.enable = true;
settings.enable = true;
};
misc = {
podman.enable = true;
firejail.enable = true;
};
hardware = {
firmware.enable = true;
ssd.enable = true;
#tablet.enable = true;
#fingerprint.enable = true;
};
services = {
syncthing.enable = true;
};
graphical = {
audio.enable = true;
basics.enable = true;
code = {
enable = true;
#android.enable = true;
};
#emulators.enable = true;
hyprland.enable = true;
games.enable = true;
ime.enable = true;
shared.enable = true;
stylix = {
enable = true;
base16Scheme = import ../../modules/themes/tsukasa.nix;
image = ../../tsukasa.jpg;
};
};
};
nixpkgs.config.permittedInsecurePackages = [ "electron-27.3.11" "electron-28.3.3" ];
services.fprintd.enable = true;
#todo: extract this
services.xserver = {
xkb.layout = config.mainUser.layout;
xkb.variant = config.mainUser.variant;
enable = true;
displayManager.gdm.enable = true;
};
#programs.firejail.wrappedBinaries = with pkgs;
# let inherit (config.custom.misc.firejail) mk;
# in lib.mkMerge [
# (mk "Discord" { pkg = discord; })
# ];
}

25
modules/default.nix
View File

@@ -8,4 +8,29 @@
./services ./services
./support ./support
]; ];
# Set your time zone.
time.timeZone = "Europe/Vienna";
# Select internationalisation properties.
i18n = {
defaultLocale = "en_US.UTF-8";
supportedLocales = [
"C.UTF-8/UTF-8"
"de_AT.UTF-8/UTF-8"
"en_US.UTF-8/UTF-8"
"ja_JP.UTF-8/UTF-8"
];
extraLocaleSettings = {
LC_ADDRESS = "de_AT.UTF-8";
LC_IDENTIFICATION = "de_AT.UTF-8";
LC_MEASUREMENT = "de_AT.UTF-8";
LC_MONETARY = "de_AT.UTF-8";
LC_NAME = "de_AT.UTF-8";
LC_NUMERIC = "de_AT.UTF-8";
LC_PAPER = "de_AT.UTF-8";
LC_TELEPHONE = "de_AT.UTF-8";
LC_TIME = "de_AT.UTF-8";
};
};
} }

0
modules/kernel.nix → modules/misc/kernel.nix
View File

0
modules/logging.nix → modules/misc/logging.nix
View File

0
modules/motd.nix → modules/misc/motd.nix
View File

0
modules/fail2ban.nix → modules/services/fail2ban.nix
View File

4
modules/xanmod-kernel.nix
View File

@@ -1,4 +0,0 @@
{ pkgs, ... }: {
boot.kernelPackages = pkgs.linuxPackages_xanmod_latest;
boot.kernelModules = [ "ntsync" ];
}

1
systems/adam-site/configuration.nix
View File

@@ -5,7 +5,6 @@
./disk-config.nix ./disk-config.nix
]; ];
time.timeZone = "Europe/Vienna";
services.openssh.enable = true; services.openssh.enable = true;
networking.firewall.allowedTCPPorts = [ 22 80 443 ]; networking.firewall.allowedTCPPorts = [ 22 80 443 ];
custom = { custom = {

26
systems/amd-server-vm/configuration.nix
View File

@@ -6,10 +6,10 @@
#./hardware-configuration.nix #./hardware-configuration.nix
../../modules/services/ssh.nix ../../modules/services/ssh.nix
../../modules/services/step-ca.nix ../../modules/services/step-ca.nix
../../modules/fail2ban.nix ../../modules/services/fail2ban.nix
../../modules/logging.nix ../../modules/misc/logging.nix
../../modules/motd.nix ../../modules/misc/motd.nix
../../modules/kernel.nix ../../modules/misc/kernel.nix
./disk-config.nix ./disk-config.nix
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix") (modulesPath + "/profiles/qemu-guest.nix")
@@ -133,24 +133,6 @@
networking.firewall.allowedTCPPorts = [ 25565 25566 8888 ]; networking.firewall.allowedTCPPorts = [ 25565 25566 8888 ];
networking.hostName = "server-vm"; # Define your hostname. networking.hostName = "server-vm"; # Define your hostname.
# Set your time zone.
time.timeZone = "Europe/Vienna";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_AT.UTF-8";
LC_IDENTIFICATION = "de_AT.UTF-8";
LC_MEASUREMENT = "de_AT.UTF-8";
LC_MONETARY = "de_AT.UTF-8";
LC_NAME = "de_AT.UTF-8";
LC_NUMERIC = "de_AT.UTF-8";
LC_PAPER = "de_AT.UTF-8";
LC_TELEPHONE = "de_AT.UTF-8";
LC_TIME = "de_AT.UTF-8";
};
# Configure console keymap # Configure console keymap
console.keyMap = "us"; console.keyMap = "us";

2
systems/amd-server/configuration.nix
View File

@@ -8,7 +8,7 @@
imports = [ imports = [
# Include the results of the hardware scan. # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
../../modules/kernel.nix ../../modules/misc/kernel.nix
../../modules/services/ssh.nix ../../modules/services/ssh.nix
]; ];

80
systems/laptop/configuration.nix
View File

@@ -8,6 +8,10 @@
#../../modules/fh/scanning.nix #../../modules/fh/scanning.nix
../../modules/support/ntfs.nix ../../modules/support/ntfs.nix
../../modules/thunderbolt.nix ../../modules/thunderbolt.nix
../../modules/misc/kernel.nix
../../modules/services/wireguard-client.nix
../../modules/services/ssh.nix
../../modules/work/vpn.nix
#../../modules/vmware-host.nix #../../modules/vmware-host.nix
#../../modules/fh/forensik.nix #../../modules/fh/forensik.nix
#../../modules/no-sleep-lid-closed.nix #../../modules/no-sleep-lid-closed.nix
@@ -17,6 +21,64 @@
inputs.nixos-hardware.nixosModules.framework-13-7040-amd inputs.nixos-hardware.nixosModules.framework-13-7040-amd
]; ];
custom = {
cli-tools.enable = true;
tmpfs.enable = true;
wireshark.enable = true;
virt-manager.enable = true;
nix = {
ld.enable = true;
settings.enable = true;
};
misc = {
podman.enable = true;
firejail.enable = true;
};
hardware = {
firmware.enable = true;
ssd.enable = true;
#tablet.enable = true;
#fingerprint.enable = true;
};
services = {
syncthing.enable = true;
};
graphical = {
audio.enable = true;
basics.enable = true;
code = {
enable = true;
#android.enable = true;
};
#emulators.enable = true;
hyprland.enable = true;
games.enable = true;
ime.enable = true;
shared.enable = true;
stylix = {
enable = true;
base16Scheme = import ../../modules/themes/tsukasa.nix;
image = ../../tsukasa.jpg;
};
};
};
nixpkgs.config.permittedInsecurePackages = [ "electron-27.3.11" "electron-28.3.3" ];
services.fprintd.enable = true;
#todo: extract this
services.xserver = {
xkb.layout = config.mainUser.layout;
xkb.variant = config.mainUser.variant;
enable = true;
displayManager.gdm.enable = true;
};
#programs.firejail.wrappedBinaries = with pkgs;
# let inherit (config.custom.misc.firejail) mk;
# in lib.mkMerge [
# (mk "Discord" { pkg = discord; })
# ];
#services.blueman.enable = true; #services.blueman.enable = true;
#hardware.bluetooth.enable = true; # enables support for Bluetooth #hardware.bluetooth.enable = true; # enables support for Bluetooth
@@ -63,24 +125,6 @@
# 82.218.12.28 kopatz.ddns.net # 82.218.12.28 kopatz.ddns.net
#''; #'';
# Set your time zone.
time.timeZone = "Europe/Vienna";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_AT.UTF-8";
LC_IDENTIFICATION = "de_AT.UTF-8";
LC_MEASUREMENT = "de_AT.UTF-8";
LC_MONETARY = "de_AT.UTF-8";
LC_NAME = "de_AT.UTF-8";
LC_NUMERIC = "de_AT.UTF-8";
LC_PAPER = "de_AT.UTF-8";
LC_TELEPHONE = "de_AT.UTF-8";
LC_TIME = "de_AT.UTF-8";
};
# Enable CUPS to print documents. # Enable CUPS to print documents.
# disable until CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 is fixed # disable until CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 is fixed
services.printing.enable = false; services.printing.enable = false;

25
systems/pc/configuration.nix
View File

@@ -10,7 +10,7 @@
../../modules/gpg.nix ../../modules/gpg.nix
#../../modules/xanmod-kernel.nix #../../modules/xanmod-kernel.nix
#../../modules/kernel-testing.nix #../../modules/kernel-testing.nix
../../modules/kernel.nix ../../modules/misc/kernel.nix
../../modules/services/syncthing.nix ../../modules/services/syncthing.nix
../../modules/support/ntfs.nix ../../modules/support/ntfs.nix
../../modules/fh/writing.nix ../../modules/fh/writing.nix
@@ -115,13 +115,6 @@
}; };
i18n.supportedLocales = [
"C.UTF-8/UTF-8"
"de_AT.UTF-8/UTF-8"
"en_US.UTF-8/UTF-8"
"ja_JP.UTF-8/UTF-8"
];
# apple shit # apple shit
#services.usbmuxd.enable = true; #services.usbmuxd.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@@ -158,23 +151,7 @@
#disable firewall when doing ipv6 vm stuff #disable firewall when doing ipv6 vm stuff
#networking.firewall.enable = lib.mkForce false; #networking.firewall.enable = lib.mkForce false;
# Set your time zone.
time.timeZone = "Europe/Vienna";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_AT.UTF-8";
LC_IDENTIFICATION = "de_AT.UTF-8";
LC_MEASUREMENT = "de_AT.UTF-8";
LC_MONETARY = "de_AT.UTF-8";
LC_NAME = "de_AT.UTF-8";
LC_NUMERIC = "de_AT.UTF-8";
LC_PAPER = "de_AT.UTF-8";
LC_TELEPHONE = "de_AT.UTF-8";
LC_TIME = "de_AT.UTF-8";
};
# Enable the X11 windowing system. # Enable the X11 windowing system.
services.xserver.enable = true; services.xserver.enable = true;

2
systems/portable-ssd/configuration.nix
View File

@@ -5,7 +5,7 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
imports = [ ../../modules/kernel.nix ]; imports = [ ../../modules/misc/kernel.nix ];
specialisation = { specialisation = {
nvidia = { nvidia = {