jalil/configuration.nix
1
1
Fork 0
Code Issues 2 Pull requests 2 Projects Activity Actions

Compare commits

base: jalil:push-xstqnkxmwxvm
Branches Tags
jalil:main
jalil:push-xstqnkxmwxvm
jalil:push-zwplyztqqsnl
..
compare: jalil:main
Branches Tags
jalil:main
jalil:push-xstqnkxmwxvm
jalil:push-zwplyztqqsnl

5 commits
push-xstqn ... main

Author SHA1 Message Date
Jalil David Salamé Messina
17ef89c1a0
fix(modules/hm): don't set stateVersion
All checks were successful
/ check (push) Successful in 9s
Details
/ check-renovaterc (push) Successful in 2s
Details
/ build-packages (push) Successful in 13s
Details
/ build-vm (push) Successful in 1s
Details
/ report-size (push) Successful in 4s
Details 
Prefer setting it on the configuration. Also bump the example-vm to
stateVersion 24.11.
 2025-03-21 19:19:24 +01:00
Jalil David Salamé Messina
0df4e76404
refactor(modules/hm): tidy up the modules
All checks were successful
/ check (push) Successful in 9s
Details
/ check-renovaterc (push) Successful in 3s
Details
/ build-packages (push) Successful in 14s
Details
/ build-vm (push) Successful in 1s
Details
/ report-size (push) Successful in 4s
Details 
Should make further additions and refactors easier.
 2025-03-21 19:09:56 +01:00
Jalil David Salamé Messina
917d131cde
refactor(modules/nixos): move stuff around
All checks were successful
/ check (push) Successful in 9s
Details
/ check-renovaterc (push) Successful in 3s
Details
/ build-packages (push) Successful in 14s
Details
/ build-vm (push) Successful in 1s
Details
/ report-size (push) Successful in 4s
Details 
This makes the module a bit clearer and easier to extend.
 2025-03-21 18:45:47 +01:00
Jalil David Salamé Messina
673f989e99
ci: remove magic-nix-cache-action
All checks were successful
/ check (push) Successful in 9s
Details
/ check-renovaterc (push) Successful in 3s
Details
/ build-packages (push) Successful in 13s
Details
/ build-vm (push) Successful in 1s
Details
/ report-size (push) Successful in 4s
Details 
It is deprecated due to the GitHub cache v1 API sunsetting
 2025-03-21 17:21:44 +01:00
Jalil David Salamé Messina
c1309a5d43
refactor: don't include the whole modules
All checks were successful
/ check (push) Successful in 8s
Details
/ check-renovaterc (push) Successful in 2s
Details
/ build-packages (push) Successful in 14s
Details
/ build-vm (push) Successful in 1s
Details
/ report-size (push) Successful in 4s
Details 
Instead only import the nixos/hm/nixvim module.

This _should_ reduce rebuilds.
 2025-03-21 17:11:23 +01:00
19 changed files with 498 additions and 538 deletions
Show stats Expand all files Collapse all files

2
.github/workflows/check.yml vendored
View file

@ -16,7 +16,6 @@ jobs:
with: with:
source-url: "https://install.lix.systems/lix/lix-installer-x86_64-linux" source-url: "https://install.lix.systems/lix/lix-installer-x86_64-linux"
diagnostic-endpoint: "" diagnostic-endpoint: ""
- uses: DeterminateSystems/magic-nix-cache-action@6221693898146dc97e38ad0e013488a16477a4c4 # v9
- name: Run `nix flake check` - name: Run `nix flake check`
run: | run: |
nix flake check --verbose --keep-going nix flake check --verbose --keep-going
@ -25,7 +24,6 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- uses: DeterminateSystems/magic-nix-cache-action@6221693898146dc97e38ad0e013488a16477a4c4 # v9
- uses: DeterminateSystems/nix-installer-action@v13 - uses: DeterminateSystems/nix-installer-action@v13
with: with:
source-url: "https://install.lix.systems/lix/lix-installer-x86_64-linux" source-url: "https://install.lix.systems/lix/lix-installer-x86_64-linux"

3
example-vm/default.nix
View file

@ -1,5 +1,5 @@
{ {
import = [ ./vm_config.nix ]; imports = [ ./vm-config.nix ];
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
@ -16,6 +16,7 @@
home = { home = {
username = "jdoe"; username = "jdoe";
homeDirectory = "/home/jdoe"; homeDirectory = "/home/jdoe";
stateVersion = "24.11";
}; };
jhome = { jhome = {
enable = true; enable = true;

8
flake-modules/docs.nix
View file

@ -10,13 +10,13 @@
toplevelOption: option: toplevelOption: option:
option // { visible = option.visible && builtins.elemAt option.loc 0 == toplevelOption; }; option // { visible = option.visible && builtins.elemAt option.loc 0 == toplevelOption; };
home-eval = lib.evalModules { home-eval = lib.evalModules {
modules = [ (modules + "/hm/options.nix") ]; modules = [ "${modules}/hm/options.nix" ];
specialArgs = { specialArgs = {
inherit pkgs; inherit pkgs;
}; };
}; };
nvim-eval = lib.evalModules { modules = [ (modules + "/nixvim/options.nix") ]; }; nvim-eval = lib.evalModules { modules = [ "${modules}/nixvim/options.nix" ]; };
nixos-eval = lib.evalModules { modules = [ (modules + "/nixos/options.nix") ]; }; nixos-eval = lib.evalModules { modules = [ "${modules}/nixos/options.nix" ]; };
home-markdown = home-markdown =
(pkgs.nixosOptionsDoc { (pkgs.nixosOptionsDoc {
inherit (home-eval) options; inherit (home-eval) options;
@ -56,7 +56,7 @@
''; '';
nativeBuildInputs = [ pkgs.mdbook-toc ]; nativeBuildInputs = [ pkgs.mdbook-toc ];
buildPhase = "${pkgs.mdbook}/bin/mdbook build --dest-dir $out"; buildPhase = "${pkgs.mdbook}/bin/mdbook build --dest-dir \"$out\"";
}; };
}; };
}; };

2
flake-modules/home-modules.nix
View file

@ -8,7 +8,7 @@
defaultModules = [ defaultModules = [
inputs.nixvim.homeManagerModules.nixvim inputs.nixvim.homeManagerModules.nixvim
self.nixvimModules.homeManager self.nixvimModules.homeManager
../module/hm ../modules/hm
]; ];
nixos = { nixos = {
imports = defaultModules; imports = defaultModules;

1
flake-modules/nixos-modules.nix
View file

@ -9,7 +9,6 @@
let let
nixosModule = { nixosModule = {
imports = [ imports = [
inputs.niri.nixosModules.niri
inputs.stylix.nixosModules.stylix inputs.stylix.nixosModules.stylix
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
../modules/nixos ../modules/nixos

62
flake.lock generated
View file

@ -275,50 +275,6 @@
"url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz" "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.92.0.tar.gz"
} }
}, },
"niri": {
"inputs": {
"niri-stable": "niri-stable",
"niri-unstable": [],
"nixpkgs": [
"unstable"
],
"nixpkgs-stable": [
"nixpkgs"
],
"xwayland-satellite-stable": "xwayland-satellite-stable",
"xwayland-satellite-unstable": []
},
"locked": {
"lastModified": 1742108116,
"narHash": "sha256-NrV9ysEfSbeRUPo0jdCBeesuNLTVrpHGXg40snH1YGE=",
"owner": "sodiboo",
"repo": "niri-flake",
"rev": "824f10012de455a1d0ef795a605f28948ee10467",
"type": "github"
},
"original": {
"owner": "sodiboo",
"repo": "niri-flake",
"type": "github"
}
},
"niri-stable": {
"flake": false,
"locked": {
"lastModified": 1740117926,
"narHash": "sha256-mTTHA0RAaQcdYe+9A3Jx77cmmyLFHmRoZdd8RpWa+m8=",
"owner": "YaLTeR",
"repo": "niri",
"rev": "b94a5db8790339cf9134873d8b490be69e02ac71",
"type": "github"
},
"original": {
"owner": "YaLTeR",
"ref": "v25.02",
"repo": "niri",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1742388435, "lastModified": 1742388435,
@ -378,7 +334,6 @@
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"home-manager": "home-manager", "home-manager": "home-manager",
"lix-module": "lix-module", "lix-module": "lix-module",
"niri": "niri",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixvim": "nixvim", "nixvim": "nixvim",
"stylix": "stylix", "stylix": "stylix",
@ -516,23 +471,6 @@
"repo": "treefmt-nix", "repo": "treefmt-nix",
"type": "github" "type": "github"
} }
},
"xwayland-satellite-stable": {
"flake": false,
"locked": {
"lastModified": 1739246919,
"narHash": "sha256-/hBM43/Gd0/tW+egrhlWgOIISeJxEs2uAOIYVpfDKeU=",
"owner": "Supreeeme",
"repo": "xwayland-satellite",
"rev": "44590a416d4a3e8220e19e29e0b6efe64a80315d",
"type": "github"
},
"original": {
"owner": "Supreeeme",
"ref": "v0.5.1",
"repo": "xwayland-satellite",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

11
flake.nix
View file

@ -43,17 +43,6 @@
nuschtosSearch.follows = ""; nuschtosSearch.follows = "";
}; };
}; };
niri = {
url = "github:sodiboo/niri-flake";
inputs = {
# Deduplicate
nixpkgs.follows = "unstable";
nixpkgs-stable.follows = "nixpkgs";
# Unused
niri-unstable.follows = "";
xwayland-satellite-unstable.follows = "";
};
};
flake-parts = { flake-parts = {
url = "github:hercules-ci/flake-parts"; url = "github:hercules-ci/flake-parts";
inputs.nixpkgs-lib.follows = "nixpkgs"; inputs.nixpkgs-lib.follows = "nixpkgs";

90
modules/hm/default.nix
View file

@ -16,6 +16,7 @@ in
imports = [ imports = [
./options.nix ./options.nix
./gui ./gui
./dev.nix
./users.nix ./users.nix
]; ];
@ -23,7 +24,7 @@ in
(lib.mkIf (cfg.enable && cfg.styling.enable) { (lib.mkIf (cfg.enable && cfg.styling.enable) {
stylix = { stylix = {
enable = true; enable = true;
targets.nixvim.enable = false; # I prefer doing it myself targets.nixvim.enable = false; # I prefer styling it myself
}; };
}) })
(lib.mkIf cfg.enable { (lib.mkIf cfg.enable {
@ -35,6 +36,7 @@ in
"settings" "settings"
"use-xdg-base-directories" "use-xdg-base-directories"
] true; ] true;
programs = { programs = {
# Better cat (bat) # Better cat (bat)
bat = { bat = {
@ -84,6 +86,7 @@ in
syntaxHighlighting.enable = true; syntaxHighlighting.enable = true;
}; };
}; };
services = { services = {
# GPG Agent # GPG Agent
gpg-agent = { gpg-agent = {
@ -103,9 +106,8 @@ in
}; };
}; };
}; };
home = { home = {
stateVersion = "22.11";
# Extra packages
# Extra variables # Extra variables
sessionVariables = { sessionVariables = {
CARGO_HOME = "${config.xdg.dataHome}/cargo"; CARGO_HOME = "${config.xdg.dataHome}/cargo";
@ -127,6 +129,7 @@ in
tree = "eza --tree"; tree = "eza --tree";
}; };
}; };
# XDG directories # XDG directories
xdg = { xdg = {
enable = true; enable = true;
@ -136,86 +139,5 @@ in
}; };
}; };
}) })
(lib.mkIf (cfg.enable && devcfg.enable) {
home = {
sessionVariables.MANPAGER = lib.optionalString devcfg.neovimAsManPager "nvim -c 'Man!' -o -";
packages = devcfg.extraPackages;
};
# Github CLI
programs = {
gh.enable = true;
gh-dash.enable = true;
# Git
git = {
enable = true;
difftastic = {
enable = true;
background = "dark";
};
lfs.enable = true;
extraConfig = {
# Add diff to the commit message editor
commit.verbose = true;
# Improve submodule diff
diff.submodule = "log";
# Set the default branch name for new branches
init.defaultBranch = "main";
# Better conflicts (also shows parent commit state)
merge.conflictStyle = "zdiff3";
# Do not create merge commits when pulling (rebase but abort on conflict)
pull.ff = "only";
# Use `--set-upstream` if the remote does not have the branch
push.autoSetupRemote = true;
rebase = {
# If there are uncommitted changes, stash them before rebasing
autoStash = true;
# If there are fixup! commits, squash them while rebasing
autoSquash = true;
};
# Enable ReReRe (Reuse Recovered Resolution) auto resolve previously resolved conflicts
rerere.enabled = true;
# Improve submodule status
status.submoduleSummary = true;
};
};
lazygit.enable = true;
# Jujutsu (alternative DVCS (git-compatible))
jujutsu = {
enable = true;
package = pkgs.unstable.jujutsu;
settings = {
ui.pager = "bat";
# mimic git commit --verbose by adding a diff
templates.draft_commit_description = ''
concat(
description,
surround(
"\nJJ: This commit contains the following changes:\n", "",
indent("JJ: ", diff.stat(72)),
),
surround(
"\nJJ: Diff:\n", "",
indent("JJ: ", diff.git()),
),
)
'';
};
};
};
})
(lib.mkIf (cfg.enable && devcfg.enable && devcfg.rust.enable) {
home.packages = [ pkgs.rustup ] ++ devcfg.rust.extraPackages;
# Background code checker (for Rust)
programs.bacon = {
enable = true;
settings = {
export = {
enabled = true;
path = ".bacon-locations";
line_format = "{kind} {path}:{line}:{column} {message}";
};
};
};
})
]; ];
} }

101
modules/hm/dev.nix Normal file
View file

@ -0,0 +1,101 @@
{
pkgs,
lib,
config,
...
}:
let
cfg = config.jhome.dev;
in
{
config =
lib.flip lib.pipe
[
lib.mkMerge
(lib.mkIf (config.jhome.enable && cfg.enable))
]
[
(lib.mkIf cfg.rust.enable {
home.packages = [ pkgs.rustup ] ++ cfg.rust.extraPackages;
# Background code checker (for Rust)
programs.bacon = {
enable = true;
settings = {
export = {
enabled = true;
path = ".bacon-locations";
line_format = "{kind} {path}:{line}:{column} {message}";
};
};
};
})
{
home = {
sessionVariables.MANPAGER = lib.optionalString cfg.neovimAsManPager "nvim -c 'Man!' -o -";
packages = cfg.extraPackages;
};
# Github CLI
programs = {
gh.enable = true;
gh-dash.enable = true;
# Git
git = {
enable = true;
difftastic = {
enable = true;
background = "dark";
};
lfs.enable = true;
extraConfig = {
# Add diff to the commit message editor
commit.verbose = true;
# Improve submodule diff
diff.submodule = "log";
# Set the default branch name for new branches
init.defaultBranch = "main";
# Better conflicts (also shows parent commit state)
merge.conflictStyle = "zdiff3";
# Do not create merge commits when pulling (rebase but abort on conflict)
pull.ff = "only";
# Use `--set-upstream` if the remote does not have the branch
push.autoSetupRemote = true;
rebase = {
# If there are uncommitted changes, stash them before rebasing
autoStash = true;
# If there are fixup! commits, squash them while rebasing
autoSquash = true;
};
# Enable ReReRe (Reuse Recovered Resolution) auto resolve previously resolved conflicts
rerere.enabled = true;
# Improve submodule status
status.submoduleSummary = true;
};
};
lazygit.enable = true;
# Jujutsu (alternative DVCS (git-compatible))
jujutsu = {
enable = true;
package = pkgs.unstable.jujutsu;
settings = {
ui.pager = "bat";
# mimic git commit --verbose by adding a diff
templates.draft_commit_description = ''
concat(
description,
surround(
"\nJJ: This commit contains the following changes:\n", "",
indent("JJ: ", diff.stat(72)),
),
surround(
"\nJJ: Diff:\n", "",
indent("JJ: ", diff.git()),
),
)
'';
};
};
};
}
];
}

2
modules/hm/gui/keybindings.nix
View file

@ -93,7 +93,7 @@ builtins.foldl' (l: r: l // r)
"XF86AudioRaiseVolume" = "exec ${pkgs.avizo}/bin/volumectl up"; "XF86AudioRaiseVolume" = "exec ${pkgs.avizo}/bin/volumectl up";
"XF86AudioLowerVolume" = "exec ${pkgs.avizo}/bin/volumectl down"; "XF86AudioLowerVolume" = "exec ${pkgs.avizo}/bin/volumectl down";
"XF86AudioMute" = "exec ${pkgs.avizo}/bin/volumectl toggle-mute"; "XF86AudioMute" = "exec ${pkgs.avizo}/bin/volumectl toggle-mute";
"XF86ScreenSaver" = "exec swaylock --image ${cfg.background}"; "XF86ScreenSaver" = "exec ${pkgs.swaylock}/bin/swaylock --image ${cfg.background}";
"XF86MonBrightnessUp" = "exec ${pkgs.avizo}/bin/lightctl up"; "XF86MonBrightnessUp" = "exec ${pkgs.avizo}/bin/lightctl up";
"XF86MonBrightnessDown" = "exec ${pkgs.avizo}/bin/lightctl down"; "XF86MonBrightnessDown" = "exec ${pkgs.avizo}/bin/lightctl down";
# Floating # Floating

29
modules/hm/users.nix
View file

@ -4,15 +4,12 @@ let
inherit (cfg.defaultIdentity) signingKey; inherit (cfg.defaultIdentity) signingKey;
cfg = jhome.user; cfg = jhome.user;
hasConfig = jhome.enable && cfg != null;
hasKey = signingKey != null; hasKey = signingKey != null;
gpgHome = config.programs.gpg.homedir;
unlockKey = hasConfig && cfg.gpg.unlockKeys != [ ];
in in
{ {
config = lib.mkMerge [ config = lib.mkIf (jhome.enable && cfg != null) {
(lib.mkIf hasConfig { programs = {
programs.git = { git = {
userName = cfg.defaultIdentity.name; userName = cfg.defaultIdentity.name;
userEmail = cfg.defaultIdentity.email; userEmail = cfg.defaultIdentity.email;
signing = lib.mkIf hasKey { signing = lib.mkIf hasKey {
@ -20,7 +17,8 @@ in
key = signingKey; key = signingKey;
}; };
}; };
programs.jujutsu.settings = {
jujutsu.settings = {
user = lib.mkIf (cfg.defaultIdentity != null) { inherit (cfg.defaultIdentity) name email; }; user = lib.mkIf (cfg.defaultIdentity != null) { inherit (cfg.defaultIdentity) name email; };
git.sign-on-push = lib.mkDefault hasKey; git.sign-on-push = lib.mkDefault hasKey;
signing = lib.mkIf hasKey { signing = lib.mkIf hasKey {
@ -29,14 +27,13 @@ in
key = signingKey; key = signingKey;
}; };
}; };
}) };
(lib.mkIf unlockKey {
xdg.configFile.pam-gnupg.text =
''
${gpgHome}
'' xdg.configFile.pam-gnupg.text =
+ (lib.strings.concatLines cfg.gpg.unlockKeys); lib.mkIf (cfg.unlockKeys != [ ]) ''
}) ${config.programs.gpg.homedir}
];
''
+ (lib.strings.concatLines cfg.gpg.unlockKeys);
};
} }

27
modules/lib.nix Normal file
View file

@ -0,0 +1,27 @@
{ lib }:
let
inherit (lib) types;
in
{
# Like mkEnableOption but defaults to true
mkDisableOption =
option:
(lib.mkEnableOption option)
// {
default = true;
example = false;
};
# A option that accepts an image (and shows it in the docs)
mkImageOption =
{
description,
url,
sha256 ? "",
}:
lib.mkOption {
inherit description;
type = types.path;
default = builtins.fetchurl { inherit url sha256; };
defaultText = lib.literalMD "![${description}](${url})";
};
}

185
modules/nixos/default.nix
View file

@ -1,11 +1,6 @@
{ { pkgs, lib, ... }@args:
config,
pkgs,
lib,
...
}:
let let
cfg = config.jconfig; cfg = args.config.jconfig;
keysFromGithub = lib.attrsets.mapAttrs' (username: sha256: { keysFromGithub = lib.attrsets.mapAttrs' (username: sha256: {
name = "pubkeys/${username}"; name = "pubkeys/${username}";
value = { value = {
@ -20,108 +15,88 @@ in
{ {
imports = [ imports = [
./options.nix ./options.nix
./gui ./dev.nix
{ stylix = import ./stylix-config.nix { inherit config pkgs; }; } ./gui.nix
./styling.nix
]; ];
config = lib.mkIf cfg.enable ( config = lib.mkIf cfg.enable {
lib.mkMerge [ # Enable unlocking the gpg-agent at boot (configured through home.nix)
{ security.pam.services.login.gnupg.enable = true;
boot.plymouth = {
inherit (cfg.styling) enable;
};
# Enable unlocking the gpg-agent at boot (configured through home.nix) environment.systemPackages = [
security.pam.services.login.gnupg.enable = true; # CLI tools
pkgs.fd
pkgs.ripgrep
pkgs.du-dust
pkgs.curl
pkgs.zip
pkgs.unzip
];
environment.systemPackages = [ programs = {
# CLI tools # Shell prompt
pkgs.fd starship = {
pkgs.ripgrep enable = true;
pkgs.du-dust settings = lib.mkMerge [
pkgs.curl {
pkgs.zip format = "$time$all";
pkgs.unzip add_newline = false;
cmd_duration.min_time = 500;
cmd_duration.show_milliseconds = true;
time.disabled = false;
status = {
format = "[$signal_name$common_meaning$maybe_int](red)";
symbol = "[](bold red)";
disabled = false;
};
sudo.disabled = false;
}
# Add nerdfont symbols
(lib.mkIf cfg.styling.enable (import ./starship-nerdfont-symbols.nix))
# Remove the `in`s and `on`s from the prompt
(import ./starship-shorter-text.nix)
]; ];
};
# Default shell
zsh.enable = true;
};
# Enable dev documentation environment.etc = keysFromGithub;
documentation.dev = { services = {
inherit (cfg.dev) enable; # Enable printer autodiscovery if printing is enabled
}; avahi = {
programs = { inherit (args.config.services.printing) enable;
# Shell prompt nssmdns4 = true;
starship = { openFirewall = true;
enable = true; };
settings = lib.mkMerge [ openssh.authorizedKeysFiles = builtins.map (keys: "/etc/${keys}") (
{ builtins.attrNames keysFromGithub
format = "$time$all"; );
add_newline = false; };
cmd_duration.min_time = 500; users.defaultUserShell = pkgs.zsh;
cmd_duration.show_milliseconds = true; # Open ports for spotifyd
time.disabled = false; networking.firewall = {
status = { allowedUDPPorts = [ 5353 ];
format = "[$signal_name$common_meaning$maybe_int](red)"; allowedTCPPorts = [ 2020 ];
symbol = "[](bold red)"; };
disabled = false; # Nix Settings
}; nix = {
sudo.disabled = false; gc = {
} automatic = true;
# Add nerdfont symbols dates = "weekly";
(lib.mkIf cfg.styling.enable (import ./starship-nerdfont-symbols.nix)) options = "--delete-older-than 30d";
# Remove the `in`s and `on`s from the prompt # run between 0 and 45min after boot if run was missed
(lib.mkIf cfg.styling.enable (import ./starship-shorter-text.nix)) randomizedDelaySec = "45min";
]; };
}; settings = {
# Default shell use-xdg-base-directories = true;
zsh.enable = true; auto-optimise-store = true;
}; experimental-features = [
"nix-command"
environment.etc = keysFromGithub; "flakes"
services = { ];
# Enable printer autodiscovery if printing is enabled };
avahi = { };
inherit (config.services.printing) enable; };
nssmdns4 = true;
openFirewall = true;
};
openssh.authorizedKeysFiles = builtins.map (path: "/etc/${path}") (
builtins.attrNames keysFromGithub
);
};
users.defaultUserShell = pkgs.zsh;
# Open ports for spotifyd
networking.firewall = {
allowedUDPPorts = [ 5353 ];
allowedTCPPorts = [ 2020 ];
};
# Nix Settings
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
# run between 0 and 45min after boot if run was missed
randomizedDelaySec = "45min";
};
settings = {
use-xdg-base-directories = true;
auto-optimise-store = true;
experimental-features = [
"nix-command"
"flakes"
];
};
};
}
# dev configuration
(lib.mkIf cfg.dev.enable {
users.extraUsers = lib.mkIf cfg.dev.jupyter.enable { jupyter.group = "jupyter"; };
services.jupyter = {
inherit (cfg.dev.jupyter) enable;
group = "jupyter";
user = "jupyter";
};
})
]
);
} }

18
modules/nixos/dev.nix Normal file
View file

@ -0,0 +1,18 @@
{ lib, config, ... }:
let
cfg = config.jconfig.dev;
in
{
config = lib.mkIf (config.jconfig.enable && cfg.enable) {
# Enable dev documentation
documentation.dev = { inherit (cfg) enable; };
users.extraUsers = lib.mkIf cfg.jupyter.enable { jupyter.group = "jupyter"; };
services.jupyter = {
inherit (cfg.jupyter) enable;
group = "jupyter";
user = "jupyter";
};
};
}

117
modules/nixos/gui.nix Normal file
View file

@ -0,0 +1,117 @@
{ lib, pkgs, ... }@args:
let
cfg = args.config.jconfig.gui;
enable = args.config.jconfig.enable && cfg.enable;
linuxOlderThan6_3 = lib.versionOlder args.config.boot.kernelPackages.kernel.version "6.3";
in
{
config =
lib.flip lib.pipe
[ lib.mkMerge (lib.mkIf enable) ]
[
{
environment.systemPackages = [
pkgs.adwaita-icon-theme
pkgs.adwaita-qt
pkgs.nordzy-cursor-theme
pkgs.pinentry-qt
];
# Fix xdg-portals issue issue: https://github.com/NixOS/nixpkgs/issues/189851
systemd.user.extraConfig = ''
DefaultEnvironment="PATH=/run/wrappers/bin:/etc/profiles/per-user/%u/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"
'';
fonts.fontDir.enable = true;
programs = {
dconf.enable = true;
sway = {
enable = cfg.sway;
# No extra packages (by default it adds foot, dmenu, and other stuff)
extraPackages = [ ];
wrapperFeatures = {
base = true;
gtk = true;
};
};
};
security = {
polkit.enable = true;
rtkit.enable = true; # Recommended for pipewire
};
services = {
flatpak.enable = true;
# Audio
pipewire = {
enable = true;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
wireplumber.enable = true;
};
# Dbus
dbus.enable = true;
# Virtual Filesystem (for PCManFM)
gvfs.enable = true;
};
xdg.portal = {
# XDG portals
enable = true;
wlr.enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
config.preferred = {
# Default to the gtk portal
default = "gtk";
# Use wlr for screenshots and screen recording
"org.freedesktop.impl.portal.Screenshot" = "wlr";
};
# Consider using darkman like upstream
};
hardware = {
graphics.enable = true;
uinput.enable = true;
steam-hardware.enable = cfg.steamHardwareSupport;
};
}
(lib.mkIf cfg.ydotool.enable {
environment.systemPackages = [ pkgs.ydotool ];
systemd.user.services.ydotool = {
enable = cfg.ydotool.autoStart;
wantedBy = [ "default.target" ];
description = "Generic command-line automation tool";
documentation = [
"man:ydotool(1)"
"man:ydotoold(8)"
];
serviceConfig = {
Type = "simple";
Restart = "always";
ExecStart = "${pkgs.ydotool}/bin/ydotoold";
ExecReload = "${pkgs.util-linux}/bin/kill -HUP $MAINPID";
KillMode = "process";
TimeoutSec = 180;
};
};
})
(lib.mkIf (linuxOlderThan6_3 && cfg."8bitdoFix") {
# Udev rules to start or stop systemd service when controller is connected or disconnected
services.udev.extraRules = # udev
''
# May vary depending on your controller model, find product id using 'lsusb'
SUBSYSTEM=="usb", ATTR{idVendor}=="2dc8", ATTR{idProduct}=="3106", ATTR{manufacturer}=="8BitDo", RUN+="${pkgs.systemd}/bin/systemctl start 8bitdo-ultimate-xinput@2dc8:3106"
# This device (2dc8:3016) is "connected" when the above device disconnects
SUBSYSTEM=="usb", ATTR{idVendor}=="2dc8", ATTR{idProduct}=="3016", ATTR{manufacturer}=="8BitDo", RUN+="${pkgs.systemd}/bin/systemctl stop 8bitdo-ultimate-xinput@2dc8:3106"
'';
# Systemd service which starts xboxdrv in xbox360 mode
systemd.services."8bitdo-ultimate-xinput@" = {
unitConfig.Description = "8BitDo Ultimate Controller XInput mode xboxdrv daemon";
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.xboxdrv}/bin/xboxdrv --mimic-xpad --silent --type xbox360 --device-by-id %I --force-feedback";
};
};
})
];
}

118
modules/nixos/gui/default.nix
View file

@ -1,118 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.jconfig.gui;
enable = config.jconfig.enable && cfg.enable;
linuxOlderThan6_3 = lib.versionOlder config.boot.kernelPackages.kernel.version "6.3";
in
{
config = lib.mkMerge [
(lib.mkIf enable {
environment.systemPackages = [
pkgs.adwaita-icon-theme
pkgs.adwaita-qt
pkgs.nordzy-cursor-theme
pkgs.pinentry-qt
] ++ lib.optional cfg.ydotool.enable pkgs.ydotool;
systemd = {
user.services.ydotool = lib.mkIf cfg.ydotool.enable {
enable = cfg.ydotool.autoStart;
wantedBy = [ "default.target" ];
description = "Generic command-line automation tool";
documentation = [
"man:ydotool(1)"
"man:ydotoold(8)"
];
serviceConfig = {
Type = "simple";
Restart = "always";
ExecStart = "${pkgs.ydotool}/bin/ydotoold";
ExecReload = "${pkgs.util-linux}/bin/kill -HUP $MAINPID";
KillMode = "process";
TimeoutSec = 180;
};
};
# Fix xdg-portals issue issue: https://github.com/NixOS/nixpkgs/issues/189851
user.extraConfig = ''
DefaultEnvironment="PATH=/run/wrappers/bin:/etc/profiles/per-user/%u/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"
'';
};
fonts.fontDir.enable = true;
programs = {
dconf.enable = true;
sway = {
enable = cfg.sway;
# No extra packages (by default it adds foot, dmenu, and other stuff)
extraPackages = [ ];
wrapperFeatures = {
base = true;
gtk = true;
};
};
};
security = {
polkit.enable = true;
rtkit.enable = true; # Recommended for pipewire
};
services = {
flatpak.enable = true;
# Audio
pipewire = {
enable = true;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
wireplumber.enable = true;
};
# Dbus
dbus.enable = true;
# Virtual Filesystem (for PCManFM)
gvfs.enable = true;
};
xdg.portal = {
# XDG portals
enable = true;
wlr.enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
config.preferred = {
# Default to the gtk portal
default = "gtk";
# Use wlr for screenshots and screen recording
"org.freedesktop.impl.portal.Screenshot" = "wlr";
};
# Consider using darkman like upstream
};
hardware = {
graphics.enable = true;
uinput.enable = true;
steam-hardware.enable = cfg.steamHardwareSupport;
};
})
(lib.mkIf (enable && linuxOlderThan6_3 && cfg."8bitdoFix") {
# Udev rules to start or stop systemd service when controller is connected or disconnected
services.udev.extraRules = # udev
''
# May vary depending on your controller model, find product id using 'lsusb'
SUBSYSTEM=="usb", ATTR{idVendor}=="2dc8", ATTR{idProduct}=="3106", ATTR{manufacturer}=="8BitDo", RUN+="${pkgs.systemd}/bin/systemctl start 8bitdo-ultimate-xinput@2dc8:3106"
# This device (2dc8:3016) is "connected" when the above device disconnects
SUBSYSTEM=="usb", ATTR{idVendor}=="2dc8", ATTR{idProduct}=="3016", ATTR{manufacturer}=="8BitDo", RUN+="${pkgs.systemd}/bin/systemctl stop 8bitdo-ultimate-xinput@2dc8:3106"
'';
# Systemd service which starts xboxdrv in xbox360 mode
systemd.services."8bitdo-ultimate-xinput@" = {
unitConfig.Description = "8BitDo Ultimate Controller XInput mode xboxdrv daemon";
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.xboxdrv}/bin/xboxdrv --mimic-xpad --silent --type xbox360 --device-by-id %I --force-feedback";
};
};
})
];
}

181
modules/nixos/options.nix
View file

@ -1,106 +1,95 @@
{ lib, ... }: { lib, ... }:
let let
inherit (lib) types; inherit (lib) types;
# Like mkEnableOption but defaults to true inherit (import ../lib.nix { inherit lib; })
mkDisableOption = mkDisableOption
option: mkImageOption
(lib.mkEnableOption option) ;
// {
default = true;
example = false;
};
mkImageOption =
{
description,
url,
sha256 ? "",
}:
lib.mkOption {
inherit description;
type = types.path;
default = builtins.fetchurl { inherit url sha256; };
defaultText = lib.literalMD "![${description}](${url})";
};
gui.options = {
enable = lib.mkEnableOption "jalil's default gui configuration.";
# Fix for using Xinput mode on 8bitdo Ultimate C controller
# Inspired by https://aur.archlinux.org/packages/8bitdo-ultimate-controller-udev
# Adapted from: https://gist.github.com/interdependence/28452fbfbe692986934fbe1e54c920d4
"8bitdoFix" = mkDisableOption "a fix for 8bitdo controllers";
steamHardwareSupport = mkDisableOption "steam hardware support";
ydotool = lib.mkOption {
description = "Jalil's default ydotool configuration.";
default = { };
type = types.submodule {
options.enable = mkDisableOption "ydotool";
options.autoStart = mkDisableOption "autostarting ydotool at login";
};
};
sway = mkDisableOption "sway";
};
styling.options = {
enable = mkDisableOption "jalil's default styling (disables stylix)";
wallpaper = mkImageOption {
description = "The wallpaper to use.";
url = "https://raw.githubusercontent.com/lunik1/nixos-logo-gruvbox-wallpaper/d4937c424fad79c1136a904599ba689fcf8d0fad/png/gruvbox-dark-rainbow.png";
sha256 = "036gqhbf6s5ddgvfbgn6iqbzgizssyf7820m5815b2gd748jw8zc";
};
bootLogo = mkImageOption {
description = "The logo used by plymouth at boot.";
# http://xenia-linux-site.glitch.me/images/cathodegaytube-splash.png
url = "https://efimero.github.io/xenia-images/cathodegaytube-splash.png";
sha256 = "qKugUfdRNvMwSNah+YmMepY3Nj6mWlKFh7jlGlAQDo8=";
};
};
config.options = {
enable = lib.mkEnableOption "jalil's default configuration.";
dev = lib.mkOption {
description = "Options for setting up a dev environment";
default = { };
type = types.submodule {
options.enable = lib.mkEnableOption "dev configuration";
options.jupyter.enable = lib.mkEnableOption "jupyter configuration";
};
};
gui = lib.mkOption {
description = "Jalil's default configuration for a NixOS gui.";
default = { };
type = types.submodule gui;
};
styling = lib.mkOption {
description = "Jalil's styling options";
default = { };
type = types.submodule styling;
};
importSSHKeysFromGithub = lib.mkOption {
description = ''
Import public ssh keys from a github username.
This will fetch the keys from https://github.com/$${username}.keys.
The format is `"$${github-username}" = $${sha256-hash}`. The example
will try to fetch the keys from <https://github.com/jalil-salame.keys>.
**Warning**: this will interfere with services like gitea that override
the default ssh behaviour. In that case you want to use
`users.users.<name>.openssh.authorizedKeys.keyFiles` on the users you
want to allow ssh logins.
'';
default = { };
example = {
"jalil-salame" = "sha256:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
};
type = types.attrsOf types.str;
};
};
in in
{ {
options.jconfig = lib.mkOption { options.jconfig = lib.mkOption {
description = "Jalil's default NixOS configuration."; description = "Jalil's default NixOS configuration.";
default = { }; default = { };
type = types.submodule config; type = types.submodule {
options = {
enable = lib.mkEnableOption "jalil's default configuration.";
importSSHKeysFromGithub = lib.mkOption {
description = ''
Import public ssh keys from a github username.
This will fetch the keys from https://github.com/$${username}.keys.
The format is `"$${github-username}" = $${sha256-hash}`. The example
will try to fetch the keys from <https://github.com/jalil-salame.keys>.
**Warning**: this will interfere with services like gitea that override
the default ssh behaviour. In that case you want to use
`users.users.<name>.openssh.authorizedKeys.keyFiles` on the users you
want to allow ssh logins.
'';
default = { };
example = {
"jalil-salame" = "sha256:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
};
type = types.attrsOf types.str;
};
dev = lib.mkOption {
description = "Options for setting up a dev environment";
default = { };
type = types.submodule {
options = {
enable = lib.mkEnableOption "dev configuration";
jupyter.enable = lib.mkEnableOption "jupyter configuration";
};
};
};
gui = lib.mkOption {
description = "Jalil's default configuration for a NixOS gui.";
default = { };
type = types.submodule {
options = {
enable = lib.mkEnableOption "jalil's default gui configuration.";
# Fix for using Xinput mode on 8bitdo Ultimate C controller
# Inspired by https://aur.archlinux.org/packages/8bitdo-ultimate-controller-udev
# Adapted from: https://gist.github.com/interdependence/28452fbfbe692986934fbe1e54c920d4
"8bitdoFix" = mkDisableOption "a fix for 8bitdo controllers";
steamHardwareSupport = mkDisableOption "steam hardware support";
ydotool = lib.mkOption {
description = "Jalil's default ydotool configuration.";
default = { };
type = types.submodule {
options.enable = mkDisableOption "ydotool";
options.autoStart = mkDisableOption "autostarting ydotool at login";
};
};
sway = mkDisableOption "sway";
};
};
};
styling = lib.mkOption {
description = "Jalil's styling options";
default = { };
type = types.submodule {
options = {
enable = mkDisableOption "jalil's default styling (disables stylix)";
wallpaper = mkImageOption {
description = "The wallpaper to use.";
url = "https://raw.githubusercontent.com/lunik1/nixos-logo-gruvbox-wallpaper/d4937c424fad79c1136a904599ba689fcf8d0fad/png/gruvbox-dark-rainbow.png";
sha256 = "036gqhbf6s5ddgvfbgn6iqbzgizssyf7820m5815b2gd748jw8zc";
};
bootLogo = mkImageOption {
description = "The logo used by plymouth at boot.";
# http://xenia-linux-site.glitch.me/images/cathodegaytube-splash.png
url = "https://efimero.github.io/xenia-images/cathodegaytube-splash.png";
sha256 = "qKugUfdRNvMwSNah+YmMepY3Nj6mWlKFh7jlGlAQDo8=";
};
};
};
};
};
};
}; };
} }

43
modules/nixos/styling.nix Normal file
View file

@ -0,0 +1,43 @@
{ lib, pkgs, ... }@args:
let
cfg = args.config.jconfig.styling;
enable = args.config.jconfig.enable && cfg.enable;
in
{
config = lib.mkIf enable {
boot.plymouth = { inherit (cfg) enable; };
stylix = {
inherit (cfg) enable;
image = cfg.wallpaper;
base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-hard.yaml";
polarity = "dark";
fonts = {
monospace = {
name = "JetBrains Mono";
package = pkgs.jetbrains-mono;
};
sansSerif = {
name = "Noto Sans";
package = pkgs.noto-fonts;
};
serif = {
name = "Noto Serif";
package = pkgs.noto-fonts;
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
sizes.popups = 12;
};
targets = {
plymouth = {
logoAnimated = false;
logo = cfg.bootLogo;
};
nixvim.enable = false;
};
};
};
}

36
modules/nixos/stylix-config.nix
View file

@ -1,36 +0,0 @@
{ config, pkgs }:
let
cfg = config.jconfig.styling;
in
{
inherit (cfg) enable;
image = cfg.wallpaper;
base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-hard.yaml";
polarity = "dark";
fonts = {
monospace = {
name = "JetBrains Mono";
package = pkgs.jetbrains-mono;
};
sansSerif = {
name = "Noto Sans";
package = pkgs.noto-fonts;
};
serif = {
name = "Noto Serif";
package = pkgs.noto-fonts;
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
sizes.popups = 12;
};
targets = {
plymouth = {
logoAnimated = false;
logo = cfg.bootLogo;
};
nixvim.enable = false;
};
}