jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

organization p2

Browse Source
This commit is contained in:
Danilo Reyes
2025-06-08 18:47:39 -06:00
parent 8a02320f12
commit 5593b85524
10 changed files with 48 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

204
config/base.nix Normal file
View File

@@ -0,0 +1,204 @@
{
lib,
pkgs,
inputs,
outputs,
config,
...
}:
{
imports = [
inputs.home-manager.nixosModules.home-manager
./jawz.nix
../modules/modules.nix
];
system.stateVersion = "23.05";
sops = {
defaultSopsFormat = "yaml";
defaultSopsFile = ../secrets/secrets.yaml;
age = {
sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
keyFile = "/var/lib/sops-nix/key.txt";
generateKey = true;
};
};
home-manager = {
backupFileExtension = "hbckup";
useUserPackages = true;
useGlobalPkgs = true;
extraSpecialArgs = {
inherit inputs outputs;
};
users.jawz = import ./home-manager.nix;
};
time = {
inherit (config.my) timeZone;
hardwareClockInLocalTime = true;
};
i18n = {
defaultLocale = "en_CA.UTF-8";
extraLocaleSettings = {
LC_MONETARY = "es_MX.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
security = {
polkit.enable = true;
sudo = {
enable = true;
wheelNeedsPassword = false;
};
pam.loginLimits = [
{
domain = "*";
type = "soft";
item = "nofile";
value = "8192";
}
];
};
users = {
mutableUsers = false;
groups = {
users.gid = 100;
piracy.gid = 985;
};
};
nixpkgs.config = {
allowUnfree = true;
permittedInsecurePackages = [
"aspnetcore-runtime-wrapped-6.0.36"
"aspnetcore-runtime-6.0.36"
"dotnet-runtime-6.0.36"
"dotnet-sdk-wrapped-6.0.428"
"dotnet-sdk-6.0.428"
];
};
nix =
let
featuresList = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
"gccarch-znver3"
"gccarch-skylake"
"gccarch-alderlake"
];
in
{
distributedBuilds = true;
optimise.automatic = true;
settings = {
use-xdg-base-directories = true;
auto-optimise-store = true;
trusted-users = [
"jawz"
"root"
"nixremote"
];
system-features = featuresList;
experimental-features = [
"nix-command"
"flakes"
"pipe-operators"
];
substituters = [
"https://nix-gaming.cachix.org"
"https://nixpkgs-python.cachix.org"
"https://devenv.cachix.org"
"https://cuda-maintainers.cachix.org"
"https://ai.cachix.org"
"https://cache.lix.systems"
"https://cosmic.cachix.org"
];
trusted-public-keys = [
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"nixpkgs-python.cachix.org-1:hxjI7pFxTyuTHn2NkvWCrAUcNZLNS3ZAvfYNuYifcEU="
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
"ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc="
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
"cache.servidos.lat:om+P81I+m8Hawcvt1ydaSNVxGNnR0POJ8Wz+QVjQ3hA="
];
};
};
documentation.enable = false;
environment = {
systemPackages = builtins.attrValues {
inherit (pkgs)
wget
sops
;
};
variables =
let
XDG_DATA_HOME = "\${HOME}/.local/share";
XDG_CONFIG_HOME = "\${HOME}/.config";
XDG_CACHE_HOME = "\${HOME}/.cache";
in
{
# PATH
inherit XDG_DATA_HOME XDG_CONFIG_HOME XDG_CACHE_HOME;
XDG_BIN_HOME = "\${HOME}/.local/bin";
XDG_STATE_HOME = "\${HOME}/.local/state";
# DEV PATH
PSQL_HISTORY = "${XDG_DATA_HOME}/psql_history";
REDISCLI_HISTFILE = "${XDG_DATA_HOME}/redis/rediscli_history";
WINEPREFIX = "${XDG_DATA_HOME}/wine";
# OPTIONS
ELECTRUMDIR = "${XDG_DATA_HOME}/electrum";
WGETRC = "${XDG_CONFIG_HOME}/wgetrc";
XCOMPOSECACHE = "${XDG_CACHE_HOME}/X11/xcompose";
"_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=${XDG_CONFIG_HOME}/java";
ORG_DEVICE = "workstation";
# WAYLAND
WLR_NO_HARDWARE_CURSORS = 1;
NIXOS_OZONE_WL = 1;
PATH = [ "\${HOME}/.local/bin" ];
};
};
programs = {
nh = {
enable = true;
flake = "/home/jawz/Development/NixOS";
clean = {
enable = true;
extraArgs = "--keep-since 3d";
};
};
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
};
services = {
udev.packages = [ pkgs.yubikey-personalization ];
smartd.enable = true;
fstrim.enable = true;
avahi = {
enable = true;
nssmdns4 = true;
};
openssh = {
enable = true;
openFirewall = true;
startWhenNeeded = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = "prohibit-password";
KbdInteractiveAuthentication = false;
};
};
};
fonts.fontconfig.enable = true;
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
}

71
config/home-manager.nix Normal file
View File

@@ -0,0 +1,71 @@
{
inputs,
config,
pkgs,
...
}:
{
home.stateVersion = "23.05";
programs.bash =
let
inherit (pkgs) fd fzf;
inherit (inputs.jawz-scripts.packages.x86_64-linux) pokemon-colorscripts;
in
{
enable = true;
historyFile = "\${XDG_STATE_HOME}/bash/history";
historyControl = [
"erasedups"
"ignorespace"
"ignoredups"
];
shellAliases = {
cp = "cp -i";
mv = "mv -i";
mkdir = "mkdir -p";
".." = "cd ..";
"..." = "cd ../..";
".3" = "cd ../../..";
".4" = "cd ../../../..";
".5" = "cd ../../../../..";
c = "cat";
sc = "systemctl --user";
jc = "journalctl --user -xefu";
open-gallery = ''
cd /srv/server/pool/scrapping/JawZ/gallery-dl &&
xdg-open "$(${fd}/bin/fd . ./ Husbands -tdirectory -d 1 | ${fzf}/bin/fzf -i)"'';
};
enableVteIntegration = true;
initExtra = ''
${pokemon-colorscripts}/bin/pokemon-colorscripts -r --no-title
export command_timeout=60
'';
};
xdg = {
enable = true;
userDirs = {
enable = true;
createDirectories = false;
desktop = "${config.home.homeDirectory}";
documents = "${config.home.homeDirectory}/Documents";
download = "${config.home.homeDirectory}/Downloads";
music = "${config.home.homeDirectory}/Music";
pictures = "${config.home.homeDirectory}/Pictures";
templates = "${config.xdg.dataHome}/Templates";
videos = "${config.home.homeDirectory}/Videos";
};
configFile.wgetrc.text = "hsts-file=\${XDG_CACHE_HOME}/wget-hsts";
};
programs = {
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
};
git = {
enable = true;
userName = "Danilo Reyes";
userEmail = "CaptainJawZ@protonmail.com";
};
};
}

104
config/jawz.nix Normal file
View File

@@ -0,0 +1,104 @@
{ config, ... }:
let
inherit (config.networking) hostName;
in
{
sops.secrets =
let
baseDir = ".ssh/ed25519";
keyConfig = file: {
sopsFile = ../secrets/keys.yaml;
owner = config.users.users.jawz.name;
inherit (config.users.users.jawz) group;
path = "/home/jawz/${file}";
};
in
{
jawz-password.neededForUsers = true;
"private_keys/age" = keyConfig "${baseDir}_age";
"public_keys/age" = keyConfig "${baseDir}_age.pub";
"private_keys/${hostName}" = keyConfig "${baseDir}_${hostName}";
"git_private_keys/${hostName}" = keyConfig "${baseDir}_git";
"syncthing_keys/${hostName}" = keyConfig ".config/syncthing/key.pem";
"syncthing_certs/${hostName}" = keyConfig ".config/syncthing/cert.pem";
};
home-manager.users.jawz.home.file.".librewolf/.stignore".source = ../dotfiles/stignore;
services.syncthing = {
enable = true;
user = "jawz";
group = "users";
overrideDevices = true;
overrideFolders = true;
key = config.sops.secrets."syncthing_keys/${hostName}".path;
cert = config.sops.secrets."syncthing_certs/${hostName}".path;
settings = {
devices = {
server.id = "BG6PF7S-KATABWO-7WAZFMX-6YO7IS3-WQTMR3M-VSOSV7V-HFFMNNH-BFX2EQ4";
miniserver.id = "HDYEGIR-GFU7ONK-MOOJUFH-N3L3XHX-SXWN3FI-O23K6LD-BJENQK5-VIPV2AT";
workstation.id = "4E4KJ6M-MSTNBVF-D7CNHDW-DUTB3VR-SXKZ4NH-ZKAOMF5-V24JECJ-4STSZAA";
galaxy.id = "UAZ5YDV-YUFBXOY-QMS6S6R-WPIIKZI-4OPPW5L-G4OVUPO-YW5KFYY-YASRAAV";
};
folders = {
cache = {
path = "~/Downloads/cache/";
ignorePerms = false;
devices = [ "galaxy" ];
};
gdl = {
path = "~/.config/jawz/";
ignorePerms = false;
devices = [
"server"
"miniserver"
"workstation"
];
};
librewolf = {
path = "~/.librewolf/";
ignorePerms = false;
copyOwnershipFromParent = true;
type = if config.networking.hostName == "workstation" then "sendonly" else "receiveonly";
devices = [
"server"
"miniserver"
"workstation"
];
};
notes = {
path = "~/Documents/";
ignorePerms = false;
devices = [ "galaxy" ];
};
};
};
};
users.users.jawz = {
uid = 1000;
linger = true;
isNormalUser = true;
hashedPasswordFile = config.sops.secrets.jawz-password.path;
extraGroups = [
"wheel"
"networkmanager"
"scanner"
"lp"
"piracy"
"kavita"
"video"
"docker"
"libvirt"
"rslsync"
"plugdev"
"bluetooth"
];
openssh.authorizedKeys.keyFiles = [
../secrets/ssh/ed25519_deacero.pub
../secrets/ssh/ed25519_workstation.pub
../secrets/ssh/ed25519_server.pub
../secrets/ssh/ed25519_miniserver.pub
../secrets/ssh/ed25519_galaxy.pub
../secrets/ssh/ed25519_phone.pub
];
};
}

37
config/overlay.nix Normal file
View File

@@ -0,0 +1,37 @@
{
mkpkgs,
inputs,
...
}:
let
pkgs = mkpkgs inputs.nixpkgs;
in
_final: prev: {
nautilus = prev.nautilus.overrideAttrs (old: {
buildInputs =
old.buildInputs
++ builtins.attrValues {
inherit (pkgs.gst_all_1)
gst-plugins-good
gst-plugins-bad
;
};
});
lutris = prev.lutris.override {
extraPkgs =
pkgs:
builtins.attrValues {
inherit (pkgs) pango winetricks;
}
++ (with pkgs; [
wine64Packages.stable
wineWowPackages.stable
]);
};
handbrake = prev.handbrake.override { useGtk = true; };
ripgrep = prev.ripgrep.override { withPCRE2 = true; };
discord = prev.discord.override {
withVencord = true;
withOpenASAR = true;
};
}

110
config/stylix.nix Normal file
View File

@@ -0,0 +1,110 @@
{
pkgs,
lib,
config,
...
}:
let
scheme = schemes.paul;
cfg = config.my.stylix;
mkScheme =
{
color ? null,
name ? null,
polarity,
image,
iconPackage ? pkgs.papirus-icon-theme.override { inherit color; },
base16Scheme ? if name != null then "${pkgs.base16-schemes}/share/themes/${name}.yaml" else null,
}:
{
inherit
color
name
polarity
image
iconPackage
base16Scheme
;
};
schemes = {
who = mkScheme {
name = "catppuccin-frappe";
polarity = "dark";
image = ./wallpapers/Nikolay_Kasatkin_Who.jpeg;
iconPackage = pkgs.catppuccin-papirus-folders.override {
flavor = "frappe";
accent = "peach";
};
};
space = mkScheme {
name = "solarflare";
color = "carmine";
polarity = "dark";
image = ./wallpapers/space.jpg;
};
jesus = mkScheme {
color = "red";
name = "equilibrium-light";
polarity = "light";
image = ./wallpapers/jesus.png;
};
ballerinas = mkScheme {
color = "brown";
name = "mocha";
polarity = "dark";
image = ./wallpapers/Waay-Ballerinas.jpeg;
};
paul = mkScheme {
color = "green";
name = "valua";
polarity = "light";
image = ./wallpapers/paul1.jpg;
base16Scheme = {
base00 = "#18262F";
base01 = "#222E38";
base02 = "#586875";
base03 = "#667581";
base04 = "#85939E";
base05 = "#A6AFB8";
base06 = "#E8E9ED";
base07 = "#F5F7FA";
base08 = "#4c7c4a"; # deep fern green
base09 = "#6b8f3c"; # olive bark
base0A = "#b5b938"; # lichen gold
base0B = "#7CC844"; # success green (kept from original)
base0C = "#4fbf87"; # turquoise vine
base0D = "#2aaf6f"; # jungle leaf
base0E = "#88a337"; # mossy lime
base0F = "#5c8b55"; # swamp olive
};
};
};
in
{
options.my.stylix.enable = lib.mkEnableOption "enable";
config = {
stylix = {
inherit (scheme) image polarity;
enable = cfg.enable;
targets.qt.platform = lib.mkForce "qtct";
} // lib.optionalAttrs (scheme ? base16Scheme) { inherit (scheme) base16Scheme; };
home-manager.users.jawz = {
gtk = lib.mkIf (!cfg.enable) {
iconTheme = scheme.iconPackage;
};
stylix = {
enable = cfg.enable;
iconTheme = {
enable = cfg.enable;
package = scheme.iconPackage;
light = "Papirus-Light";
dark = "Papirus-Dark";
};
targets.librewolf = {
firefoxGnomeTheme.enable = cfg.enable;
profileNames = [ "jawz" ];
};
};
};
};
}