Initial commit 🚀

2023-10-13 15:56:14 +02:00
commit b593cdeb3e
50 changed files with 2454 additions and 0 deletions
--- a/nix/systems/main/base/default.nix
+++ b/nix/systems/main/base/default.nix
@@ -0,0 +1,71 @@
+{ username, pkgs, ... }:
+{
+  imports = [
+    ./networking.nix
+    ./packages.nix
+    ./services.nix
+    ./virtulization.nix
+  ];
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader = {
+    systemd-boot.enable = true;
+    efi.canTouchEfiVariables = true;
+  };
+
+  nix = {
+    settings = {
+      auto-optimise-store = true;
+      experimental-features = [ "nix-command" "flakes" ];
+    };
+    gc = {
+      automatic = true;
+      dates =  "weekly";
+      options = "--delete-older-than 7d";
+    };
+  };
+  nixpkgs.config.allowUnfree = true;
+
+  # Set your time zone.
+  time.timeZone = "Europe/Brussels";
+
+  users = {
+    defaultUserShell = pkgs.zsh;
+    groups = {
+      "${username}" = {};
+    };
+    users.nicolaivds = {
+      isNormalUser = true;
+      # initialPassword = "gigachad";
+      extraGroups = ["wheel" "video" "plugdev" "${username}"];
+      packages = with pkgs; [
+      ];
+    };
+  };
+
+  environment.sessionVariables = rec {
+    WLR_NO_HARDWARE_CURSORS = "1";
+    NIXOS_OZONE_WL = "1";
+    LIBSEAT_BACKEND = "logind";
+
+    XDG_CACHE_HOME  = "$HOME/.cache";
+    XDG_CONFIG_HOME = "$HOME/.config";
+    XDG_DATA_HOME   = "$HOME/.local/share";
+    XDG_STATE_HOME  = "$HOME/.local/state";
+
+    # Not officially in the specification
+    XDG_BIN_HOME = "$HOME/.local/bin";
+    PATH = [
+      "${XDG_BIN_HOME}"
+    ];
+  };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html)
+  
+  system.stateVersion = "23.05"; # Did you read the comment?
+}
--- a/nix/systems/main/base/docker.nix
+++ b/nix/systems/main/base/docker.nix
@@ -0,0 +1,11 @@
+{ config, lib, pkgs, inputs, ... }:
+{
+	users.users.justinlime.extraGroups = [ "docker" ];
+	environment.systemPackages = with pkgs; [
+		docker-compose
+	];
+	virtualisation.docker = {
+		enable = true;
+		storageDriver = true;
+	};
+}
--- a/nix/systems/main/base/networking.nix
+++ b/nix/systems/main/base/networking.nix
@@ -0,0 +1,13 @@
+{ ... }:
+{
+  networking = {
+    networkmanager.enable = true;
+    nameservers = [ "1.1.1.1" "1.0.0.1" ];
+    firewall = {
+      enable = true;
+      checkReversePath = false;
+      allowedTCPPorts = [ 80 443 ];
+      allowedUDPPorts = [];
+    };
+  };
+}
--- a/nix/systems/main/base/packages.nix
+++ b/nix/systems/main/base/packages.nix
@@ -0,0 +1,68 @@
+{ pkgs, inputs, flake_path, ... }:
+{
+  # List packages installed in system profile
+  environment = {
+    systemPackages = with pkgs; [
+      age
+      curl
+      gcc
+      git
+      gnome.file-roller
+      pulseaudio
+      unzip
+      wireplumber
+      wget
+      wl-clipboard
+      zip
+      inputs.home-manager.packages.${pkgs.system}.home-manager
+    ];
+    variables = { EDITOR = "nvim"; };
+    pathsToLink = [ "/share/zsh" ];
+  };
+
+  hardware.opengl.enable = true;
+
+  # Programs  
+  programs = {
+    dconf.enable = true;
+    direnv.enable = true;
+    hyprland.enable = true;
+    thunar = {
+      enable = true;
+      plugins = with pkgs.xfce; [
+        xfconf
+        thunar-volman
+        thunar-archive-plugin
+        thunar-media-tags-plugin
+      ];
+    };
+    zsh = {
+      enable = true;
+      syntaxHighlighting.enable = true;
+      enableCompletion = true;
+      autosuggestions.enable = true;
+      setOptions = ["PROMPT_SUBST" "appendhistory"];
+      shellAliases = {
+        ga = "git add";
+        gs = "git status";
+        gb = "git branch";
+        gm = "git merge";
+        gpl = "git pull";
+        gplo = "git pull origin";
+        gps = "git push";
+        gpso = "git push origin";
+        gc = "git commit";
+        gcm = "git commit -m";
+        gch = "git checkout";
+        gchb = "git checkout -b";
+        gcoe = "git config user.email";
+        gcon = "git config user.name";
+        all-switch = "nix-switch && home-switch";
+        all-update = "nix flake update ${flake_path}# && all-switch";
+        vi = "nvim";
+        vim = "nvim";
+        vimdiff = "nvim -d";
+      };
+    };
+  };
+}
--- a/nix/systems/main/base/services.nix
+++ b/nix/systems/main/base/services.nix
@@ -0,0 +1,74 @@
+{ lib, pkgs, ... }:
+{
+  # List services that you want to enable:
+  services = {
+    xserver = {
+      layout = "be";
+      xkbVariant = "nodeadkeys";
+      videoDrivers = ["nvidia"];
+      exportConfiguration = true;
+
+      #displayManager.gdm.enable = true;
+    };
+
+    gnome.gnome-keyring.enable = true;
+
+    spice-vdagentd.enable = true;
+    gvfs = {
+      enable = true;
+      package = lib.mkForce pkgs.gnome3.gvfs;
+    };
+
+    pipewire = {
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+      jack.enable = true;
+    };
+    udev.packages = with pkgs; [
+      via
+    ];
+    printing = {
+      enable = true;
+      drivers = with pkgs; [
+        gutenprint
+        hplip
+      ];
+    };
+  };
+  xdg.portal = {
+    enable = true;
+    wlr.enable = true;
+    extraPortals = [ 
+      #pkgs.xdg-desktop-portal-hyprland
+      pkgs.xdg-desktop-portal-gtk
+      pkgs.xdg-desktop-portal-wlr
+    ];
+  };
+  virtualisation = {
+    docker.enable = true;
+    docker.rootless = {
+      enable = true;
+      setSocketVariable = true;
+    };
+    spiceUSBRedirection.enable = true;
+    libvirtd = {
+      enable = true;
+      allowedBridges = ["wlo1"];
+      qemu = {
+        swtpm.enable = true;
+        ovmf.enable = true;
+        ovmf.packages = [ pkgs.OVMFFull.fd ];
+      };
+    };
+  };
+  security = {
+    rtkit.enable = true;
+    pam.services.swaylock = { #Swaylock fix for wrong password
+      text = ''
+        auth include login
+      '';
+    };
+  };
+}
--- a/nix/systems/main/base/virtulization.nix
+++ b/nix/systems/main/base/virtulization.nix
@@ -0,0 +1,29 @@
+{ config, lib, pkgs, inputs, ... }:
+{
+  users.users.nicolaivds.extraGroups = [ "kvm" "input" "libvirtd" ];
+  environment.systemPackages = with pkgs; [
+    virt-manager
+    virt-viewer
+    win-spice
+    win-virtio
+    spice
+    spice-gtk
+    spice-protocol
+  ];
+
+  services.spice-vdagentd.enable = true;
+  virtualisation = {
+    spiceUSBRedirection.enable = true;
+    libvirtd = {
+      enable = true;
+      allowedBridges = ["wlo1"];
+      qemu = {
+        swtpm.enable = true;
+        ovmf = {
+          enable = true;
+          packages = [ pkgs.OVMFFull.fd ];
+        };
+      };
+    };
+  };
+}
--- a/nix/systems/main/desktop/default.nix
+++ b/nix/systems/main/desktop/default.nix
@@ -0,0 +1,30 @@
+{ pkgs, flake_path, ... }:
+{
+  imports = [
+    ./hardware-configuration.nix
+    ../base
+  ];
+
+  # System
+  networking.hostName = "Beast";
+  programs.steam = {
+    enable = true;
+    remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
+    dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
+  };
+  environment = {
+    systemPackages = with pkgs; [
+      mangohud
+      nvidia-vaapi-driver
+      egl-wayland
+    ];
+  };
+
+  powerManagement = {
+    enable = true;
+    cpuFreqGovernor = "performance";
+  };
+
+  # Programs
+  programs.zsh.shellAliases.nix-switch = "nixos-rebuild switch --use-remote-sudo --flake ${flake_path}#desktop";
+}
--- a/nix/systems/main/desktop/hardware-configuration.nix
+++ b/nix/systems/main/desktop/hardware-configuration.nix
@@ -0,0 +1,68 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/0b17d697-e4df-4a42-b374-57f4474c8d36";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/813C-8212";
+      fsType = "vfat";
+    };
+
+  fileSystems."/mnt/venus" =
+    { device = "/dev/disk/by-uuid/dfc684ed-744d-4560-8c69-846693fb51e6";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/9304179a-f639-41bb-8819-872fc99d5166"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware = {
+    cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+    opengl = {
+      enable = true;
+
+      # Vulkan
+      driSupport = true;
+      driSupport32Bit = true;
+
+      # VA-API
+      extraPackages = with pkgs; [
+        vaapiVdpau
+        libvdpau-va-gl
+        nvidia-vaapi-driver
+      ];
+    };
+
+    nvidia = {
+      modesetting.enable = true;
+      open = true;
+      nvidiaSettings = true;
+      package = config.boot.kernelPackages.nvidiaPackages.vulkan_beta;
+    };
+  };
+}