From 8ae8963cfedb729cd6cfe2a2437974d1bd6e5e2c Mon Sep 17 00:00:00 2001 From: Danilo Reyes Date: Sun, 9 Jun 2024 00:10:13 -0600 Subject: [PATCH] modularization of workstation complete --- configuration.org | 1184 --------------------------------------------- flake.nix | 61 +-- overlay.nix | 38 ++ 3 files changed, 40 insertions(+), 1243 deletions(-) delete mode 100644 configuration.org create mode 100644 overlay.nix diff --git a/configuration.org b/configuration.org deleted file mode 100644 index 9cf80c9..0000000 --- a/configuration.org +++ /dev/null @@ -1,1184 +0,0 @@ -#+TITLE: JawZ NixOS workstation configuration -#+AUTHOR: Danilo Reyes -# #+PROPERTY: header-args :tangle configuration.nix -# #+auto_tangle: t - -* TODO [0/6] -- [ ] System configurations [0/8] - - [ ] Bluetooth multiple devices + pass-through -- [ ] dotfiles [0/4] - - [ ] migrate config to home-manager - - [ ] migrate dconf to home-manager -- [ ] Misc [0/3] - - [ ] Figure out how to get rid of xterm - -* DECLARATION -Here I will declare the dependencies and variables that I call multiple times -through the config file, such as the current version of NixOS, repositories and -even some scripts that I reuse on systemd configurations. - -- version: used by both NixOS and home-manager to dictate the state repository - from which to pull configurations, modules and packages. -- myEmail myName: used by git and acme -- cpuArchitecture: used by NixOS to optimize the compiled binaries to my current - CPU specifications. -- home-manager: the channel containing the packages matching the NixOS state - version, with a commented out to the unstable master. -- unstable: a sort of overlay that allows to prepend "unstable" to a package, - to pull from the unstable channel rather than precompiled binaries on a case - by case use. -- nixGaming: a channel containing some tweaks and optimized packages for gaming. -- jawz*: scripts that will reuse multiple times through the config, such as - on systemd, and as such this feels like a safe way to compile them only once. - - -#+begin_src nix -{ config, lib, pkgs, ... }: -let - version = "23.11"; - cpuArch = "x86_64-linux"; - myEmail = "CaptainJawZ@outlook.com"; - myName = "Danilo Reyes"; - cpuArchitecture = "znver3"; - home-manager = builtins.fetchTarball - "https://github.com/nix-community/home-manager/archive/release-${version}.tar.gz"; - unstable = import - (builtins.fetchTarball - "https://github.com/nixos/nixpkgs/tarball/master") { - config = config.nixpkgs.config; - }; - nixGaming = import - (builtins.fetchTarball - "https://github.com/fufexan/nix-gaming/archive/master.tar.gz"); - jawzTasks = pkgs.writeScriptBin - "tasks" (builtins.readFile ../scripts/tasks.sh); -in -{ # Remember to close this bracket at the end of the document -#+end_src - -These are files and modules which get loaded onto the configuration file, in the -future I may segment this file into different modules once it becomes too -cluttered, for example, I may create a module for systemd units. - -- agenix: an encryption system which cleans up the nix-configuration files from -passwords and other secrets. -- pipewireLowLatency: better sound for games, but also, music sounds a bit less - compressed, who knows, I'm half deaf. - -#+begin_src nix -imports = [ - # - ./fstab.nix - # ./docker.nix - (import "${home-manager}/nixos") - # nixGaming.nixosModules.pipewireLowLatency -]; -#+end_src - -* SYSTEM CONFIGURATION -** NETWORKING -Sets sensible networking options, such as setting up a hostname, and creating a -hosts file with the static IP and hostname of other devices on my network. - -Also open ports on the firewall for LAN connectivity, and well keeping commented -what each port does, I declared the firwewall ports with variables, because I -don't care to figure out whether I need TCP or UDP so let's open both, and -repetition is maddening. - -#+begin_src nix -networking = { - useDHCP = lib.mkDefault true; - enableIPv6 = false; - hostName = "workstation"; - networkmanager.enable = true; - extraHosts = '' - 192.168.1.69 server - 192.168.1.100 miniserver - ''; - firewall = let - openFirewallPorts = [ - 7860 # gpt - 6674 # ns-usbloader - ]; - openFirewallPortRanges = [ - { from = 1714; to = 1764; } # kdeconnect - ]; - in - { - enable = true; - allowedTCPPorts = openFirewallPorts; - allowedUDPPorts = openFirewallPorts; - allowedTCPPortRanges = openFirewallPortRanges; - allowedUDPPortRanges = openFirewallPortRanges; - }; -}; -#+end_src - -** TIMEZONE & LOCALE -For some reason, useXkbConfig throws an error when building the system, either -way it is an unnecessary setting as my keyboards are the default en_US, only -locale set to Canadian out because I prefer how it displays the date. -LC_MONETARY, it's also a personal preference. - -hardwareClockInLocalTime allows dual booting without the time getting messed up -between boots. - -#+begin_src nix -time = { - timeZone = "America/Mexico_City"; - hardwareClockInLocalTime = true; -}; -i18n = { - defaultLocale = "en_CA.UTF-8"; - extraLocaleSettings = { - LC_MONETARY = "es_MX.UTF-8"; - }; -}; -console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - # useXkbConfig = true; # use xkbOptions in tty. -}; -#+end_src - -** SYSTEM/NIX CONFIGURATIONS -The first setting creates a copy the NixOS configuration file and link it from -the resulting system (/run/current-system/configuration.nix). This is useful in -case you accidentally delete configuration.nix. - -The version value determines the NixOS release from which the default settings for -stateful data, like file locations and database versions on your system. -It‘s perfectly fine and recommended to leave this value at the release version -of the first install of this system. - -Lastly I configure in here cachix repositories, which is a website that keeps a -cache of nixbuilds for easy quick deployments without having to compile -everything from scratch. - -- gc: automatically garbage-collects. -- auto-optimise-store: hard-links binaries whenever possible. -- system-features: features present on compiling time. - -#+begin_src nix -system = { - copySystemConfiguration = true; - stateVersion = "${version}"; -}; -nix = let featuresList = [ - "nixos-test" - "benchmark" - "big-parallel" - "kvm" - "gccarch-${cpuArchitecture}" - "gccarch-skylake" - ]; - in { - gc = { - automatic = true; - dates = "weekly"; - }; - distributedBuilds = true; - settings = { - cores = 16; - auto-optimise-store = true; - trusted-users = [ "nixremote" ]; - system-features = featuresList; - experimental-features = [ - "nix-command" "flakes" - ]; - substituters = [ - "https://nix-gaming.cachix.org" - "https://nixpkgs-python.cachix.org" - "https://devenv.cachix.org" - "https://cuda-maintainers.cachix.org" - "https://ai.cachix.org" - ]; - trusted-public-keys = [ - "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" - "nixpkgs-python.cachix.org-1:hxjI7pFxTyuTHn2NkvWCrAUcNZLNS3ZAvfYNuYifcEU=" - "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw=" - "cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E=" - "ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc=" - ]; - }; -}; -#+end_src - -* GNOME -At the time of writing this file, I require of X11, as the NVIDIA support for -Wayland is not perfect yet. At the time being, the ability to switch through -GDM from Wayland to XORG, it's pretty handy, but in the future these settings -will require an update. - -Sets up GNOME as the default desktop environment, while excluding some -undesirable packages from installing. - -Lastly, since there is not a dedicated customization module per-say I setup qt -options in here, for the sake of gnome consistency. - - -#+begin_src nix -services = { - xserver = { - videoDrivers = [ "nvidia" ]; - enable = true; - displayManager.gdm.enable = true; - desktopManager = { - gnome.enable = true; - }; - layout = "us"; - libinput.enable = true; - }; -}; - -environment.gnome.excludePackages = (with pkgs; [ - gnome-photos - gnome-tour - gnome-text-editor - gnome-connections - # gnome-shell-extensions - baobab -]) -++ (with pkgs.gnome; [ - # totem - gedit - gnome-music - epiphany - gnome-characters - yelp - gnome-font-viewer - cheese -]); - -# Sets up QT to use adwaita themes. -qt = { - enable = true; - style = "adwaita"; -}; -#+end_src - -* SOUND -In order to avoid issues with PipeWire, the wiki recommends to disable -pulseaudio. This is a basic PipeWire configuration that can support alsa/pulse -backends. - -lowLatency is a module of nix-gaming, and hardware bluetooth settings are there -to allegedly improve the quality of bluetooth in the system, to this day, -bluetooth and I remain enemies. - -#+begin_src nix -sound.enable = false; -services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # lowLatency = { - # enable = true; - # quantum = 64; - # rate = 48000; - # }; -}; -hardware.pulseaudio.enable = false; -#+end_src - -* SECURITY -Disabled password in sudo for commodity, but this is obviously not recommended, -regarding rkit, that setting enables pipewire to run with real-time -capabilities. And lastly, the acme settings are for signing certificates. - -The pam limits exists so NixOS can compile the entire system without running -into "Too many files open" errors. - -#+begin_src nix -security = { - polkit.enable = true; - rtkit.enable = true; - sudo = { - enable = true; - wheelNeedsPassword = false; - }; - pam.loginLimits = [{ - domain = "*"; - type = "soft"; - item = "nofile"; - value = "8192"; - }]; -}; -#+end_src - -* NIXPKGS SETTINGS -Allow non-free, sadly is a requirement for some of my drivers, besides that, -here is a good place to declare some package overrides as well as permit unsafe -packages. - -localSystem allows me to compile the entire operating system optimized to my CPU -architecture and other build flags. - -=note= if using gcc.arch flags, comment out hostPlatform and viceversa. - -#+begin_src nix -nixpkgs = { - hostPlatform = lib.mkDefault cpuArch; - config = { - allowUnfree = true; - permittedInsecurePackages = [ ]; - }; - # localSystem = { - # gcc.arch = cpuArchitecture; - # gcc.tune = cpuArchitecture; - # system = "x86_64-linux"; - # }; -}; -#+end_src - -* NORMAL USERS -Being part of the "wheel" group, means that the user has root privileges. The -piracy.gid is so I have read/write access permissions on all the hard drives -split among my multiple systems, the rest of the groups are self explanatory. - -#+begin_src nix -users = { - groups = { - piracy.gid = 985; - nixremote.gid = 555; - }; - users = { - nixremote = { - isNormalUser = true; - createHome = true; - group = "nixremote"; - home = "/var/nixremote/"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN6HsajaTL+nTJtSIu00M5WJwgt/7fyU59gBr2R7tbnv root@server" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGrC7sVvDT0is2oq/H1Do99LPaQKvyGMAsrF6/fuf1aP root@miniserver" - ]; - }; - jawz = { - isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "scanner" - "lp" "piracy" "kavita" "video" "docker" - "libvirt" "rslsync" - ]; - initialPassword = "password"; - openssh = { - authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5GaQM4N+yGAByibOFQOBVMV/6TjOfaGIP+NunMiK76 gpodeacero\cdreyes@100CDREYES" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMkpeIV9G26W2/e9PsjBx3sNwPGoicJ807ExRGh4KjhW jawz@server" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGjnNIggZweJ+GJKKvFEPhpLcs+t64xXjBmeuERsLFLL jawz@miniserver" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBEblxSDhWPEo33crSjooeUg4W02ruENxHLmmBqCuIo jawz@galaxy" - ]; - }; -#+end_src - -* USER PACKAGES -This section of the document categorizes and organizes all he packages that I -want installed, attempting to group them as dependencies of others when -necessary. - -Begin the block to install user packages. - -#+begin_src nix -packages = (with pkgs; [ -#+end_src - -** HUNSPELL -These dictionaries are compatible with Firefox, Doom Emacs and LibreOffice. - -#+begin_src nix -hunspell -hunspellDicts.it_IT -hunspellDicts.es_MX -hunspellDicts.es_ES -hunspellDicts.en_CA-large -#+end_src - -** CUSTOMIZATION PACKAGES -Themes and other customization, making my DE look the way I want is one of the -main draws of Linux for me. - -#+begin_src nix -# Themes -adw-gtk3 -gnome.gnome-tweaks # tweaks for the gnome desktop environment -# gradience # theme customizer, allows you to modify adw-gtk3 themes - -# Fonts -(nerdfonts.override { - fonts = [ "CascadiaCode" - "ComicShannsMono" - "Iosevka" ]; -}) -symbola -(papirus-icon-theme.override { - color = "adwaita"; -}) -#+end_src - -** GUI PACKAGES -All of my GUI applications categorized to make it easier to identify what each -application does, and the justification for is existence on my system. - -*** ART AND DEVELOPMENT -Art and development applications are together, as a game-developer one of my -goals is to create a workflow between this ecosystem of applications. - -#+begin_src nix -godot_4 # game development -unstable.gdtoolkit # gdscript language server -blender # cgi animation and sculpting - -gimp # the coolest bestest art program to never exist -krita # art to your heart desire! -mypaint # not the best art program -mypaint-brushes # but it's got some -mypaint-brushes1 # nice damn brushes -# drawpile # arty party with friends!! - -# pureref # create inspiration/reference boards -#+end_src - -*** GAMING -So far gaming has been a lot less painful than I could have originally -anticipated, most everything seems to run seamlessly. - -Most packages on this section are unstable so we compile the newest -possible binaries, which is handy for frequently developed emulators. - -Lutris will give me wine errors unless both wine64 and wineWow are both -installed. - -=note= Steam is setup way later on the config file. -=note= Roblox uninstalled as there is ongoing drama regarding Linux users. - -#+begin_src nix -wineWowPackages.stable -(lutris.override { - extraPkgs = pkgs: [ - winetricks - wine64Packages.stable - wineWowPackages.stable - ]; -}) -cartridges # games launcher -heroic # install epic games -gamemode # optimizes linux to have better gaming performance -# grapejuice # roblox manager -# minecraft # minecraft official launcher -protonup-qt # update proton-ge -ns-usbloader # load games into my switch - -# emulators -rpcs3 # ps3 emulator -pcsx2 # ps2 emulator -cemu # wii u emulator -dolphin-emu # wii emulator -citra-nightly # 3Ds emulator -snes9x-gtk # snes emulator -#+end_src - -*** PRODUCTIVITY -An assorted list of productivity-oriented apps which I will never use. - -#+begin_src nix -libreoffice # office, but based -calibre # ugly af eBook library manager -# foliate # gtk eBook reader -# newsflash # feed reader, syncs with nextcloud -# wike # gtk wikipedia wow! -# denaro # manage your finances -furtherance # I packaged this one tehee track time utility -gnome.simple-scan # scanner -#+end_src - -*** MISC -Most of these apps, are part of the gnome circle, and I decide to install them -if just for a try and play a little. Most I keep commented out as an archive, -so I remember their names in case I want to check them out or recommend them to -someone. - -#+begin_src nix -blanket # background noise -pika-backup # backups -metadata-cleaner # remove any metadata and geolocation from files -# sequeler # friendly SQL client -# czkawka # duplicate finder -# celeste # sync tool for any cloud provider -#+end_src - -*** MULTIMEDIA -Overwhelmingly player applications, used for videos and music, while most of my -consumption has moved towards jellyfin, it's still worth the install of most -of these, for now. - -#+begin_src nix -easyeffects # equalizer -celluloid # video player -# cozy # audiobooks player -# hakuneko # manga & comic GUI downloader -# gnome-podcasts # podcast player -handbrake # video converter, may be unnecessary -curtail # image compressor -pitivi # video editor -identity # compare images or videos -gnome-obfuscate # censor private information -mousai # poor man shazam -tagger # tag music files -obs-studio # screen recorder & streamer -shortwave # listen to world radio -nextcloud-client # self-hosted google-drive alternative -fragments # beautiful torrent client -#+end_src - -*** WEB -Stuff that I use to interact with the web, web browsers, chats, download -managers, etc. - -#+begin_src nix -protonmail-bridge # bridge for protonmail -tor-browser-bundle-bin # dark web, so dark! -chromium # web browser with spyware included -telegram-desktop # furry chat -nicotine-plus # remember Ares? -vesktop -(pkgs.discord.override { - withOpenASAR = true; - # withVencord = true; -}) -# hugo # website engine -#+end_src - -** COMMAND-LINE PACKAGES -cli and tui packages, which on their own right are as or more powerful than the -packages on the previous section. - -#+begin_src nix -unstable.yt-dlp # downloads videos from most video websites -unstable.gallery-dl # similar to yt-dlp but for most image gallery websites - -fd # modern find, faster searches -fzf # fuzzy finder! super cool and useful -gdu # disk-space utility checker, somewhat useful -du-dust # rusty du similar to gdu -(ripgrep.override {withPCRE2 = true;}) # modern grep -trash-cli # oop! did not meant to delete that -eza # like ls but with colors -gocryptfs # encrypted filesystem! shhh!!! -rmlint # probably my favourite app, amazing dupe finder that integrates well with BTRFS -imagemagick # photoshop what?? - -ffmpeg_5-full # not ffmpreg, the coolest video conversion tool! -torrenttools # create torrent files from the terminal! -vcsi # video thumbnails for torrents, can I replace it with ^? -#+end_src - -*** MY SCRIPTS -Here I compile my own scripts into binaries. - -#+begin_src nix -jawzTasks -(writeScriptBin "ffmpeg4discord" (builtins.readFile ../scripts/ffmpeg4discord.py)) -(writeScriptBin "ffmpreg" (builtins.readFile ../scripts/ffmpreg.sh)) -(writeScriptBin "split-dir" (builtins.readFile ../scripts/split-dir.sh)) -(writeScriptBin "run" (builtins.readFile ../scripts/run.sh)) -(writeScriptBin "pika-list" (builtins.readFile ../scripts/pika-list.sh)) -#+end_src - -*** DEVELOPMENT PACKAGES -Assorted development packages and libraries, categorized by languages. - -#+begin_src nix -# required (optionally) by doom emacs, but still are rather useful -tree-sitter # code parsing based on symbols and shit, I do not get it -graphviz # graphs -tetex -languagetool # proofreader for English -# these two are for doom everywhere -xorg.xwininfo -xdotool -xclip - -tldr # man for retards -exercism # learn to code - -# SH -bats # testing system, required by Exercism -bashdb # autocomplete -shellcheck # linting -shfmt # a shell parser and formatter - -# NIX -expect # keep color when nom'ing -nix-output-monitor # autistic nix builds -nixfmt # linting -cachix # why spend time compiling? - -# PYTHON. -pipenv # python development workflow for humans -(python3.withPackages (ps: with ps; [ - # poetry # dependency management made easy - flake8 # wraper for pyflakes, pycodestyle and mccabe - isort # sort Python imports - nose # testing and running python scripts - pyflakes # checks source code for errors - pytest # framework for writing tests - speedtest-cli # check internet speed from the comand line - editorconfig # follow rules of contributin - black # Python code formatter - pylint # bug and style checker for python -])) - -# C# & Rust -# omnisharp-roslyn # c# linter and code formatter - -# HASKELL -ghc # compiler -haskell-language-server # lsp - -# DOCKER -dockfmt - -# JS -nodejs # not as bad as I thought -# jq # linting -#+end_src - -** CUSTOM PYTHON SCRIPTS -Libraries & apps not found on the nix-store and scripts made by me. - -#+begin_src nix -]) ++ (with pkgs.python3Packages; [ - (buildPythonApplication rec { - pname = "download"; - version = "1.5"; - src = ../scripts/download/.; - doCheck = false; - buildInputs = [ setuptools ]; - propagatedBuildInputs = - [ pyyaml types-pyyaml ]; - }) - (buildPythonApplication rec { - pname = "ffpb"; - version = "0.4.1"; - src = fetchPypi { - inherit pname version; - sha256 = "sha256-7eVqbLpMHS1sBw2vYS4cTtyVdnnknGtEI8190VlXflk="; - }; - doCheck = false; - buildInputs = [ setuptools ]; - propagatedBuildInputs = - [ tqdm ]; - }) -#+end_src - -*** NODEJS PACKAGES -Language servers and linters. - -#+begin_src nix -]) ++ (with pkgs.nodePackages; [ - # Language servers - dockerfile-language-server-nodejs - yaml-language-server - bash-language-server - vscode-json-languageserver - pyright - - markdownlint-cli # Linter - prettier # Linter - pnpm # Package manager -#+end_src - -** GNOME EXTENSIONS -The last line can is there to allow for the installation of gnome-extensions -from the unstable channel. - -#+begin_src nix -]) ++ (with pkgs; [ - # lm_sensors # for extension, displays cpu temp - libgda # for pano shell extension -]) ++ (with pkgs.gnomeExtensions; [ - appindicator # applets for open applications - reading-strip # like putting a finger on every line I read - tactile # window manager - pano # clipboard manager - freon # hardware temperature monitor - # blur-my-shell # make the overview more visually appealing - # gamemode # I guess I'm a gamer now? - # burn-my-windows - # forge # window manager -# ]) ++ (with unstable.pkgs.gnomeExtensions; [ -#+end_src - -** CLOSE USER PACKAGES - -#+begin_src nix -]); }; }; };# <--- end of package list -#+end_src - -* HOME-MANAGER -** HOME-MANAGER SETTINGS -These make it so packages install to '/etc' rather than the user home directory, -also allow for upgrades when rebuilding the system. - -#+begin_src nix -home-manager = { - useUserPackages = true; - useGlobalPkgs = true; - users.jawz = { config, pkgs, ... }:{ - home.stateVersion = "${version}"; -#+end_src - -** DOTFILES -I opted out of using home-manager to declare my package environment, and instead -I use it exclusively for setting up my dotfiles. - -*** BASH -Declares my .bashrc file, and sets up some environment and functions. - -#+begin_src nix -programs.bash = { - enable = true; - historyFile = "\${XDG_STATE_HOME}/bash/history"; - historyControl = [ "erasedups" "ignorespace" ]; - shellAliases = { - hh = "hstr"; - ls = "eza --icons --group-directories-first"; - edit = "emacsclient -t"; - comic = "download -u jawz -i \"$(cat $LC | fzf --multi --exact -i)\""; - gallery = "download -u jawz -i \"$(cat $LW | fzf --multi --exact -i)\""; - cp = "cp -i"; - mv = "mv -i"; - mkcd = "mkdir -pv \"$1\" && cd \"$1\" || exit"; - mkdir = "mkdir -p"; - rm = "trash"; - ".." = "cd .."; - "..." = "cd ../.."; - ".3" = "cd ../../.."; - ".4" = "cd ../../../.."; - ".5" = "cd ../../../../.."; - dl = "download -u jawz -i"; - e = "edit"; - c = "cat"; - b = "bat"; - f = "fzf --multi --exact -i"; - sc = "systemctl --user"; - jc = "journalctl --user -xefu"; - open-gallery = "cd /mnt/pool/scrapping/JawZ/gallery-dl && - xdg-open \"$(fd . ./ Husbands -tdirectory -d 1 | fzf -i)\""; - unique-extensions = "fd -tf | rev | cut -d. -f1 | rev | - tr '[:upper:]' '[:lower:]' | sort | - uniq --count | sort -rn"; - }; - enableVteIntegration = true; - initExtra = '' - $HOME/.local/bin/pokemon-colorscripts -r --no-title - # Lists - list_root="${config.xdg.configHome}"/jawz/lists/jawz - export LW=$list_root/watch.txt - export LI=$list_root/instant.txt - export LC=$list_root/comic.txt - export command_timeout=30 - - if command -v fzf-share >/dev/null; then - source "$(fzf-share)/key-bindings.bash" - source "$(fzf-share)/completion.bash" - fi - - nixos-reload () { - NIXOSDIR=/home/jawz/Development/NixOS - nix-store --add-fixed sha256 $NIXOSDIR/scripts/PureRef-1.11.1_x64.Appimage - nixfmt $NIXOSDIR/workstation/*.nix - sudo unbuffer nixos-rebuild switch -I \ - nixos-config=$NIXOSDIR/workstation/configuration.nix \ - |& nom - } - ''; -}; -#+end_src - -*** XDG -Configurations for XDG directories, as well as installing dotfiles from the -sub-directory on this repository. - -#+begin_src nix -xdg = { - enable = true; - userDirs = { - enable = true; - createDirectories = false; - desktop = "${config.home.homeDirectory}"; - documents = "${config.home.homeDirectory}/Documents"; - download = "${config.home.homeDirectory}/Downloads"; - music = "${config.home.homeDirectory}/Music"; - pictures = "${config.home.homeDirectory}/Pictures"; - templates = "${config.xdg.dataHome}/Templates"; - videos = "${config.home.homeDirectory}/Videos"; - }; - configFile = { - "wgetrc".source = ../dotfiles/wget/wgetrc; - "configstore/update-notifier-npm-check.json".source = ../dotfiles/npm/update-notifier-npm-check.json; - "npm/npmrc".source = ../dotfiles/npm/npmrc; - "gallery-dl/config.json".source = ../dotfiles/gallery-dl/config.json; - "htop/htoprc".source = ../dotfiles/htop/htoprc; - "python/pythonrc".source = ../dotfiles/pythonrc; - }; -}; -#+end_src - -** HOME-MANAGER PROGRAMS -Program declarations that are exclusive to home-manager, declaring packages this -way allows for extra configuration and integration beyond installing the -packages on the user environment, it's the only exception I make to installing -packages through home-manager. - -#+begin_src nix -programs = { - emacs.enable = true; - helix = { - enable = true; - }; - hstr.enable = true; - direnv = { - enable = true; - enableBashIntegration = true; - nix-direnv.enable = true; - }; - bat = { - enable = true; - config = { - pager = "less -FR"; - theme = "base16"; - }; - extraPackages = with pkgs.bat-extras; [ - batman # man pages - batpipe # piping - batgrep # ripgrep - batdiff # this is getting crazy! - batwatch # probably my next best friend - prettybat # trans your sourcecode! - ]; - }; - git = { - enable = true; - userName = "${myName}"; - userEmail = "${myEmail}"; - }; - htop = { - enable = true; - package = pkgs.htop-vim; - }; -}; -#+end_src - -** HOME-MANAGER USER-SERVICES -Lorri helps optimize emacs compilations, and the declaring emacs as a service -through home-manager fixes the bug where emacs loads so quickly that can not -connect to a graphic environment unless restarting the systemd service. - -#+begin_src nix -services = { - lorri.enable = true; - emacs = { - enable = true; - defaultEditor = true; - package = with pkgs; ( - (emacsPackagesFor emacs-gtk).emacsWithPackages ( - epkgs: [ epkgs.vterm ] - ) - ); - startWithUserSession = "graphical"; - }; -}; -#+end_src - -** CLOSING HOME-MANAGER - -#+begin_src nix -}; }; -#+end_src - -* ENVIRONMENT -These are a MUST to ensure the optimal function of nix, without these, recovery -may be challenging. - -The environment.etc block allows for bluetooth devices to control volume, pause, -and other things through the headset controls. - -Declare environment variables whose function is to clear-up the $HOME -directory from as much bloat as possible, as well as some minor graphical tweaks -some applications use. - -#+begin_src nix -environment = { - etc = { - "wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = '' - bluez_monitor.properties = { - ["bluez5.enable-sbc-xq"] = true, - ["bluez5.enable-msbc"] = true, - ["bluez5.enable-hw-volume"] = true, - ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" - } - ''; - }; - systemPackages = with pkgs; [ - wget - # gwe - ]; - variables = rec { - # PATH - XDG_CACHE_HOME = "\${HOME}/.cache"; - XDG_CONFIG_HOME = "\${HOME}/.config"; - XDG_BIN_HOME = "\${HOME}/.local/bin"; - XDG_DATA_HOME = "\${HOME}/.local/share"; - XDG_STATE_HOME = "\${HOME}/.local/state"; - - # DEV PATH - CABAL_DIR = "${XDG_CACHE_HOME}/cabal"; - CARGO_HOME = "${XDG_DATA_HOME}/cargo"; - GEM_HOME = "${XDG_DATA_HOME}/ruby/gems"; - GEM_PATH = "${XDG_DATA_HOME}/ruby/gems"; - GEM_SPEC_CACHE = "${XDG_DATA_HOME}/ruby/specs"; - GOPATH = "${XDG_DATA_HOME}/go"; - NPM_CONFIG_USERCONFIG = "${XDG_CONFIG_HOME}/npm/npmrc"; - PNPM_HOME = "${XDG_DATA_HOME}/pnpm"; - PSQL_HISTORY="${XDG_DATA_HOME}/psql_history"; - REDISCLI_HISTFILE="${XDG_DATA_HOME}/redis/rediscli_history"; - WINEPREFIX="${XDG_DATA_HOME}/wine"; - PYTHONSTARTUP="${XDG_CONFIG_HOME}/python/pythonrc"; - STACK_ROOT="${XDG_DATA_HOME}/stack"; - - # OPTIONS - HISTFILE = "${XDG_STATE_HOME}/bash/history"; - LESSHISTFILE = "-"; - GHCUP_USE_XDG_DIRS = "true"; - RIPGREP_CONFIG_PATH = "${XDG_CONFIG_HOME}/ripgrep/ripgreprc"; - ELECTRUMDIR = "${XDG_DATA_HOME}/electrum"; - VISUAL = "emacsclient -ca emacs"; - WGETRC = "${XDG_CONFIG_HOME}/wgetrc"; - XCOMPOSECACHE = "${XDG_CACHE_HOME}/X11/xcompose"; - "_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=${XDG_CONFIG_HOME}/java"; - DOCKER_CONFIG="${XDG_CONFIG_HOME}/docker"; - - # NVIDIA - CUDA_CACHE_PATH = "${XDG_CACHE_HOME}/nv"; - - # Themes - # WEBKIT_DISABLE_COMPOSITING_MODE = "1"; - CALIBRE_USE_SYSTEM_THEME = "1"; - - PATH = [ - "\${HOME}/.local/bin" - "\${XDG_CONFIG_HOME}/emacs/bin" - "\${XDG_DATA_HOME}/npm/bin" - "\${XDG_DATA_HOME}/pnpm" - ]; - }; -}; -#+end_src - -* PROGRAMS -Some system programs get enabled and installed through here, as well as the -activation of some services. - -#+begin_src nix -programs = { - firefox = { - enable = true; - languagePacks = [ "en-CA" "es-MX" "it" ]; - }; - starship.enable = true; - tmux.enable = true; - fzf.fuzzyCompletion = true; - neovim = { - enable = true; - vimAlias = true; - }; - gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - geary = { - enable = true; - }; - steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - }; - kdeconnect = { - enable = true; - package = pkgs.gnomeExtensions.gsconnect; - }; -}; -#+end_src - -* SERVICES -Miscellaneous services, managed by systemd. - -- avahi: allows to discover/connect to devices through their hostname on the - same network. -- fstrim/btrfs: file-system services. -- psd: profile-sync-daemon, loads the Chrome/Firefox profile to ram. - -#+begin_src nix -services = { - printing = { - enable = true; - drivers = [ pkgs.hplip pkgs.hplipWithPlugin ]; - }; - avahi = { - enable = true; - nssmdns = true; - }; - psd.enable = true; - smartd.enable = true; - fstrim.enable = true; - btrfs.autoScrub = { - enable = true; - fileSystems = [ - "/" - ]; - }; - openssh = { - enable = true; - openFirewall = true; - startWhenNeeded = true; - settings = { - PasswordAuthentication = false; - PermitRootLogin = "prohibit-password"; - KbdInteractiveAuthentication = false; - }; - }; - resilio = { - deviceName = "chichis"; - enable = true; - useUpnp = true; - enableWebUI = true; - httpPass = "528491"; - httpLogin = "chichis"; - httpListenPort = 9876; - httpListenAddr = "0.0.0.0"; - directoryRoot = "/resilio"; - }; -}; -#+end_src - -* SYSTEMD -Home-manager, is not as flushed out when it comes to creating systemd units, so -the best way to define them for now, is using nix. - -#+begin_src nix -systemd = { - services = { }; - timers = { }; - user = { - services = { - tasks = { - restartIfChanged = true; - description = "Run a tasks script which keeps a lot of things organized"; - wantedBy = [ "default.target" ]; - path = [ - pkgs.bash - pkgs.nix - jawzTasks - ]; - serviceConfig = { - Restart = "on-failure"; - RestartSec = 30; - ExecStart = "${jawzTasks}/bin/tasks"; - }; - }; - }; - timers = { - tasks = { - enable = true; - description = "Run a tasks script which keeps a lot of things organized"; - wantedBy = [ "timers.target" ]; - timerConfig = { - OnCalendar = "*:0/10"; - }; - }; - }; - }; -}; -#+end_src - -* FONTCONFIG -If enabled, a Fontconfig configuration file will point to a set of default -fonts. If you don not care about running X11 applications or any other program -that uses Fontconfig, you can turn this option off and prevent a dependency on -all those fonts. -=tip= once that Wayland is ready for deployment, I probably can remove this -setting. - -#+begin_src nix -fonts.fontconfig.enable = true; -#+end_src - -* HARDWARE -Computer-specific hardware settings. The power management settings default to -"performance". - -- nvidia: GPU drivers. -- sane: hp scanner drivers. -- cpu.amd: microcode patches. -- opentabletdriver: overrides the default generic nvidia drivers. -- opengl: required for gaming, as pug drivers as well as video acceleration. - -#+begin_src nix -powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; -hardware = { - cpu.amd.updateMicrocode = - lib.mkDefault config.hardware.enableRedistributableFirmware; - bluetooth = { - enable = true; - settings = { - General = { - Enable = "Source,Sink,Media,Socket"; - Experimental = true; - }; - }; - }; - nvidia = { - modesetting.enable = true; - powerManagement.enable = true; - }; - sane = { - enable = true; - extraBackends = [ pkgs.hplip pkgs.hplipWithPlugin ]; - }; - opentabletdriver = { - enable = true; - daemon.enable = false; - }; - opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; - extraPackages = with pkgs; [ - nvidia-vaapi-driver - vaapiVdpau - libvdpau-va-gl - ]; - }; -}; -#+end_src - -* VIRTUALISATION -Basic docker settings to be able to run some images, although most docker images -run on my server. - -On this section, you can also add virtual machines settings. - -#+begin_src nix -# programs.virt-manager.enable = true; -# virtualisation = { -# libvirtd.enable = true; -# }; -#+end_src - -* CLOSE SYSTEM -#+begin_src nix -} -#+end_src - diff --git a/flake.nix b/flake.nix index b8f70cd..c974071 100644 --- a/flake.nix +++ b/flake.nix @@ -29,67 +29,10 @@ workstation = lib.nixosSystem { inherit system; modules = [ - # lix-module.nixosModules.default ./hosts/workstation/configuration.nix ({ pkgs, ... }: { - nixpkgs.overlays = [ - (self: super: { - gnome = super.gnome.overrideScope' (gFinal: gPrev: { - nautilus = gPrev.nautilus.overrideAttrs (nsuper: { - buildInputs = nsuper.buildInputs - ++ (with pkgs.gst_all_1; [ - gst-libav - gst-plugins-good - gst-plugins-bad - gst-plugins-ugly - gst-plugins-base - ]); - }); - #mutter = gPrev.mutter.overrideAttrs (old: { - # src = super.pkgs.fetchgit { - # url = "https://gitlab.gnome.org/vanvugt/mutter.git"; - # # GNOME 45: triple-buffering-v4-45 - # rev = "0b896518b2028d9c4d6ea44806d093fd33793689"; - # sha256 = - # "sha256-mzNy5GPlB2qkI2KEAErJQzO//uo8yO0kPQUwvGDwR4w="; - # }; - #}); - }); - lutris = super.lutris.override { - extraPkgs = pkgs: [ - pkgs.winetricks - pkgs.wine64Packages.stable - pkgs.wineWowPackages.stable - ]; - }; - nerdfonts = super.nerdfonts.override { - fonts = [ "CascadiaCode" "ComicShannsMono" "Iosevka" ]; - }; - fooyin = pkgsM.fooyin; - planify = pkgsU.planify; - gdtoolkit = pkgsU.gdtoolkit; - gallery-dl = pkgsU.gallery-dl; - #gallery-dl = super.gallery-dl.overrideAttrs (oldAttrs: rec { - # pname = "gallery-dl"; - # version = "2023-05-28-master"; - - # src = super.fetchFromGitHub { - # owner = "mikf"; - # repo = "gallery-dl"; - # rev = "e35317118a1a4a7a2dc85ff5aa996f5f4d3f4197"; - # sha256 = - # "sha256-aHGJZkt5fzF+iHVbHOyYswPLeZfwd6S+pRPXavIpFgI="; - # }; - #}); - ns-usbloader = pkgsU.ns-usbloader; - handbrake = super.handbrake.override { useGtk = true; }; - discord = super.discord.override { withOpenASAR = true; }; - ripgrep = super.ripgrep.override { withPCRE2 = true; }; - blender = super.blender.override { cudaSupport = true; }; - papirus-icon-theme = - super.papirus-icon-theme.override { color = "adwaita"; }; - }) - ]; + nixpkgs.overlays = + [ (import ./overlay.nix { inherit pkgs pkgsU pkgsM; }) ]; }) ]; specialArgs = { inherit inputs outputs; }; diff --git a/overlay.nix b/overlay.nix new file mode 100644 index 0000000..4c25147 --- /dev/null +++ b/overlay.nix @@ -0,0 +1,38 @@ +{ pkgs, pkgsU, pkgsM }: +self: super: { + gnome = super.gnome.overrideScope' (gFinal: gPrev: { + nautilus = gPrev.nautilus.overrideAttrs (nsuper: { + buildInputs = nsuper.buildInputs ++ (with pkgs.gst_all_1; [ + gst-libav + gst-plugins-good + gst-plugins-bad + gst-plugins-ugly + gst-plugins-base + ]); + }); + }); + + lutris = super.lutris.override { + extraPkgs = pkgs: [ + pkgs.winetricks + pkgs.wine64Packages.stable + pkgs.wineWowPackages.stable + ]; + }; + + nerdfonts = super.nerdfonts.override { + fonts = [ "CascadiaCode" "ComicShannsMono" "Iosevka" ]; + }; + + fooyin = pkgsM.fooyin; + planify = pkgsU.planify; + gdtoolkit = pkgsU.gdtoolkit; + gallery-dl = pkgsU.gallery-dl; + + ns-usbloader = pkgsU.ns-usbloader; + handbrake = super.handbrake.override { useGtk = true; }; + discord = super.discord.override { withOpenASAR = true; }; + ripgrep = super.ripgrep.override { withPCRE2 = true; }; + blender = super.blender.override { cudaSupport = true; }; + papirus-icon-theme = super.papirus-icon-theme.override { color = "adwaita"; }; +}