jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NixOS/workstation/configuration.org
Danilo Reyes 87f9cd0b84 enable obs virtual camera 
sdksa
2023-12-19 15:30:20 -06:00

1169 lines
32 KiB
Org Mode
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#+TITLE: JawZ NixOS workstation configuration
#+AUTHOR: Danilo Reyes
#+PROPERTY: header-args :tangle configuration.nix
#+auto_tangle: t
* TODO [0/6]
- [ ] System configurations [0/8]
- [ ] Bluetooth multiple devices + pass-through
- [ ] dotfiles [0/4]
- [ ] migrate config to home-manager
- [ ] migrate dconf to home-manager
- [ ] Misc [0/3]
- [ ] Figure out how to get rid of xterm
* DECLARATION
Here I will declare the dependencies and variables that will be used multiple
times through the config file, such as the current version of NixOS,
repositories and even some scripts that will be reused on systemd
configurations.
- version: used by both NixOS and home-manager to dictate the state repository
from which to pull configurations, modules and packages.
- myEmail myName: used by git and acme
- cpuArchitecture: used by NixOS to optimize the compiled binaries to my current
CPU specifications.
- home-manager: the channel containing the packages matching the NixOS state
version, with a commented out to the unstable master.
- unstable: a sort of overlay that allows to prepend "unstable" to a package,
to pull from the unstable channel rather than precompiled binaries on a case
by case use.
- nixGaming: a channel containing some tweaks and optimized packages for gaming.
- jawz*: scripts that will be reused multiple times through the config, such as
on systemd, and as such this feels like a safe way to compile them only once.
#+begin_src nix
{ config, lib, pkgs, ... }:
let
version = "23.11";
myEmail = "CaptainJawZ@outlook.com";
myName = "Danilo Reyes";
cpuArchitecture = "znver3";
home-manager = builtins.fetchTarball
# "https://github.com/nix-community/home-manager/archive/master.tar.gz";
"https://github.com/nix-community/home-manager/archive/release-${version}.tar.gz";
unstable = import
(builtins.fetchTarball
"https://github.com/nixos/nixpkgs/tarball/master") {
config = config.nixpkgs.config;
};
nixGaming = import
(builtins.fetchTarball
"https://github.com/fufexan/nix-gaming/archive/master.tar.gz");
jawzTasks = pkgs.writeScriptBin
"tasks" (builtins.readFile ../scripts/tasks.sh);
in
{ # Remember to close this bracket at the end of the document
#+end_src
These are files and modules which get loaded onto the configuration file, in the
future I may segment this file into different modules once it becomes too
cluttered, for example, I may create a module for systemd units.
- agenix: an encryption system which cleans up the nix-configuration files from
passwords and other secrets.
- pipewireLowLatency: better sound for games, but also, music sounds a bit less
compressed, who knows, I'm half deaf.
#+begin_src nix
imports = [
# <agenix/modules/age.nix>
./fstab.nix
(import "${home-manager}/nixos")
nixGaming.nixosModules.pipewireLowLatency
];
#+end_src
* SYSTEM CONFIGURATION
** NETWORKING
Sets sensible networking options, such as setting up a hostname, and creating a
hosts file with the static IP and hostname of other devices on my network.
Also open ports on the firewall for LAN connectivity, and well keeping commented
what each port does, I declared the firwewall ports with variables, because I
can not be bothered to figure out whether I need TCP or UDP so let's open both,
and repetition is maddening.
#+begin_src nix
networking = {
useDHCP = lib.mkDefault true;
enableIPv6 = false;
hostName = "workstation";
networkmanager.enable = true;
extraHosts = ''
192.168.1.69 server
'';
firewall = let
openFirewallPorts = [
7860 # gpt
6674 # ns-usbloader
];
openFirewallPortRanges = [
{ from = 1714; to = 1764; } # kdeconnect
];
in
{
enable = true;
allowedTCPPorts = openFirewallPorts;
allowedUDPPorts = openFirewallPorts;
allowedTCPPortRanges = openFirewallPortRanges;
allowedUDPPortRanges = openFirewallPortRanges;
};
};
#+end_src
** TIMEZONE & LOCALE
For some reason, useXkbConfig throws an error when building the system, either
way it is an unnecessary setting as my keyboards are the default en_US, only
locale set to Canadian out because I prefer how it displays the date.
LC_MONETARY, it's also a personal preference.
hardwareClockInLocalTime allows dual booting without the time getting messed up
between boots.
#+begin_src nix
time = {
timeZone = "America/Mexico_City";
hardwareClockInLocalTime = true;
};
i18n = {
defaultLocale = "en_CA.UTF-8";
extraLocaleSettings = {
LC_MONETARY = "es_MX.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
};
#+end_src
** SYSTEM/NIX CONFIGURATIONS
The first setting creates a copy the NixOS configuration file and link it from
the resulting system (/run/current-system/configuration.nix). This is useful in
case you accidentally delete configuration.nix.
The version value determines the NixOS release from which the default settings for
stateful data, like file locations and database versions on your system.
Its perfectly fine and recommended to leave this value at the release version
of the first install of this system.
Lastly I configure in here cachix repositories, which is a website that keeps a
cache of nixbuilds for easy quick deployments without having to compile
everything from scratch.
- gc: automatically garbage-collects.
- auto-optimise-store: hard-links binaries whenever possible.
- system-features: features present on compiling time.
#+begin_src nix
system = {
copySystemConfiguration = true;
stateVersion = "${version}";
};
nix = let featuresList = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
"gccarch-${cpuArchitecture}"
"gccarch-skylake"
];
in {
gc = {
automatic = true;
dates = "weekly";
};
distributedBuilds = true;
settings = {
cores = 16;
auto-optimise-store = true;
trusted-users = [ "nixremote" ];
system-features = featuresList;
substituters = [
"https://nix-gaming.cachix.org"
"https://nixpkgs-python.cachix.org"
"https://devenv.cachix.org"
"https://cuda-maintainers.cachix.org"
];
trusted-public-keys = [
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"nixpkgs-python.cachix.org-1:hxjI7pFxTyuTHn2NkvWCrAUcNZLNS3ZAvfYNuYifcEU="
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
];
};
};
#+end_src
* GNOME
At the time of writing this file, I require of X11, as the NVIDIA support for
Wayland is not perfect yet. At the time being, the ability to switch through
GDM from Wayland to XORG, it's pretty handy, but in the future these settings
will require an update.
Sets up GNOME as the default desktop environment, while excluding some
undesirable packages from installing.
Lastly, since there is not a dedicated customization module per-say I setup qt
options in here, for the sake of gnome consistency.
#+begin_src nix
services = {
xserver = {
videoDrivers = [ "nvidia" ];
enable = true;
displayManager.gdm.enable = true;
desktopManager = {
gnome.enable = true;
};
layout = "us";
libinput.enable = true;
};
};
environment.gnome.excludePackages = (with pkgs; [
gnome-photos
gnome-tour
gnome-text-editor
gnome-connections
# gnome-shell-extensions
baobab
])
++ (with pkgs.gnome; [
# totem
gedit
gnome-music
epiphany
gnome-characters
yelp
gnome-font-viewer
# cheese
]);
# Sets up QT to use adwaita themes.
qt = {
enable = true;
platformTheme = "gnome";
style = "adwaita";
};
#+end_src
* SOUND
In order to avoid issues with PipeWire, the wiki recommends to disable
pulseaudio. This is a basic PipeWire configuration that can support alsa/pulse
backends.
lowLatency is a module of nix-gaming, and hardware bluetooth settings are there
to allegedly improve the quality of bluetooth in the system, to this day,
bluetooth and I remain enemies.
#+begin_src nix
sound.enable = false;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
lowLatency = {
enable = true;
quantum = 64;
rate = 48000;
};
};
hardware = {
pulseaudio.enable = false;
bluetooth.enable = true;
bluetooth.settings = {
General = {
Enable = "Source,Sink,Media,Socket";
};
};
};
#+end_src
* SECURITY
Disabled password in sudo for commodity, but this is obviously not recommended,
regarding rkit, that setting enables pipewire to run with real-time
capabilities. And lastly, the acme settings are for signing certificates.
The pam limits exists so NixOS can compile the entire system without running
into "Too many files open" errors.
#+begin_src nix
security = {
polkit.enable = true;
rtkit.enable = true;
sudo = {
enable = true;
wheelNeedsPassword = false;
};
pam.loginLimits = [{
domain = "*";
type = "soft";
item = "nofile";
value = "8192";
}];
};
#+end_src
* NIXPKGS SETTINGS
Allow non-free, sadly is a requirement for some of my drivers, besides that,
here is a good place to declare some package overrides as well as permit unsafe
packages.
localSystem allows me to compile the entire operating system optimized to my CPU
architecture and other build flags.
=note= if using gcc.arch flags, comment out hostPlatform and viceversa.
#+begin_src nix
nixpkgs = {
hostPlatform = lib.mkDefault "x86_64-linux";
config = {
allowUnfree = true;
permittedInsecurePackages = [
];
};
# localSystem = {
# gcc.arch = cpuArchitecture;
# gcc.tune = cpuArchitecture;
# system = "x86_64-linux";
# };
};
#+end_src
* NORMAL USERS
Being part of the "wheel" group, means that the user has root privileges. The
piracy.gid is so I have read/write access permissions on all the hard drives
split among my multiple systems, the rest of the groups are self explanatory.
#+begin_src nix
users = {
groups = {
piracy.gid = 985;
nixremote.gid = 555;
};
users = {
nixremote = {
isNormalUser = true;
createHome = true;
group = "nixremote";
home = "/var/nixremote/";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN6HsajaTL+nTJtSIu00M5WJwgt/7fyU59gBr2R7tbnv root@server"
];
};
jawz = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "scanner"
"lp" "piracy" "kavita" "video" "docker"
"libvirt"
];
initialPassword = "password";
openssh = {
authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5GaQM4N+yGAByibOFQOBVMV/6TjOfaGIP+NunMiK76 gpodeacero\cdreyes@100CDREYES"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIParbc033V2/yPsuhBQ8NPbnsEI/Ec0N4Lk6RJubTFfZ jawz@workstation"
];
};
#+end_src
* USER PACKAGES
This section of the document categorizes and organizes all he packages that I
want installed, attempting to group them as dependencies of others when
necessary.
Begin the block to install user packages.
#+begin_src nix
packages = (with pkgs; [
#+end_src
** HUNSPELL
These dictionaries are compatible with Firefox, Doom Emacs and LibreOffice.
#+begin_src nix
hunspell
hunspellDicts.it_IT
hunspellDicts.es_MX
hunspellDicts.en_CA
#+end_src
** CUSTOMIZATION PACKAGES
Themes and other customization, making my DE look the way I want is one of the
main draws of Linux for me.
#+begin_src nix
# Themes
adw-gtk3
gnome.gnome-tweaks # tweaks for the gnome desktop environment
# gradience # theme customizer, allows you to modify adw-gtk3 themes
# Fonts
(nerdfonts.override {
fonts = [ "Agave" "CascadiaCode" "SourceCodePro"
"Ubuntu" "FiraCode" "Iosevka" ];
})
symbola
(papirus-icon-theme.override {
color = "adwaita";
})
#+end_src
** GUI PACKAGES
All of my GUI applications categorized to make it easier to identify what each
application does, and the justification for is existence on my system.
*** ART AND DEVELOPMENT
Art and development applications are together, as a game-developer one of my
goals is to create a workflow between this ecosystem of applications.
#+begin_src nix
godot_4 # game development
# gdtoolkit # gdscript language server
blender # cgi animation and sculpting
gimp # the coolest bestest art program to never exist
krita # art to your heart desire!
mypaint # not the best art program
mypaint-brushes # but it's got some
mypaint-brushes1 # nice damn brushes
# drawpile # arty party with friends!!
pureref # create inspiration/reference boards
#+end_src
*** GAMING
So far gaming has been a lot less painful than I could have originally
anticipated, most everything seems to run seamlessly.
Most packages on this section are set to unstable so we compile the newest
possible binaries, which is handy mostly for frequently developed emulators.
I never figured out why, but lutris will give me wine errors unless both wine64
and wineWow are installed.
=note= Steam is setup way later on the config file.
=note= Roblox uninstalled as there is ongoing drama regarding Linux users.
#+begin_src nix
(lutris.override {
extraPkgs = pkgs: [
winetricks
wine64Packages.stable
wineWowPackages.stable
];
})
# nixGaming.packages.${pkgs.hostPlatform.system}.wine-tkg
# nixGaming.packages.${pkgs.hostPlatform.system}.wine-discord-ipc-bridge
# vulkan-tools # needed? stuff for vulkan drivers I suppose
cartridges
heroic # install epic games
gamemode # optimizes linux to have better gaming performance
# grapejuice # roblox manager
# minecraft # minecraft official launcher
parsec-bin # remote gaming with friends
protonup-qt # update proton-ge
ns-usbloader # load games into my switch
# emulators
rpcs3 # ps3 emulator
pcsx2 # ps2 emulator
cemu # wii u emulator
dolphin-emu # wii emulator
citra-nightly # 3Ds emulator
snes9x-gtk # snes emulator
#+end_src
*** PRODUCTIVITY
An assorted list of productivity-oriented apps which I will never use.
#+begin_src nix
libreoffice-fresh # office, but based
calibre # ugly af eBook library manager
foliate # gtk eBook reader
newsflash # feed reader, syncs with nextcloud
wike # gtk wikipedia wow!
denaro # manage your finances
furtherance # I made this one tehee track time utility
# flowtime # competition to furtherance grrrr
gnome.simple-scan # scanner
#+end_src
*** MISC
Most of these apps, are part of the gnome circle, and I decide to install them
if just for a try and play a little. Most are kept commented out as an archive,
so I remember their names in case I want to check them out or recommend them to
someone.
#+begin_src nix
blanket # background noise
pika-backup # backups
metadata-cleaner # remove any metadata and geolocation from files
# sequeler # friendly SQL client
# czkawka # duplicate finder
# celeste # sync tool for any cloud provider
#+end_src
*** MULTIMEDIA
Overwhelmingly player applications, used for videos and music, while most of my
consumption has moved towards jellyfin, it's still worth the install of most
of these, for now.
#+begin_src nix
celluloid # video player
cozy # audiobooks player
komikku # manga & comic GUI downloader
gnome-podcasts # podcast player
handbrake # video converter, may be unnecessary
curtail # image compressor
pitivi # video editor
identity # compare images or videos
gnome-obfuscate # censor private information
mousai # poor man shazam
tagger # tag music files
obs-studio # screen recorder & streamer
shortwave # listen to world radio
nextcloud-client # self-hosted google-drive alternative
#+end_src
*** WEB
Stuff that I use to interact with the web, web browsers, chats, download
managers, etc.
#+begin_src nix
firefox # web browser that allows to disable spyware
tor-browser-bundle-bin # dark web, so dark!
chromium # web browser with spyware included
telegram-desktop # furry chat
nicotine-plus # remember Ares?
warp # never used, but supposedly cool for sharing files
discord
# (pkgs.discord.override {
# # withOpenASAR = true;
# withVencord = true;
# })
# hugo # website engine
#+end_src
** COMMAND-LINE PACKAGES
cli and tui packages, which on their own right are as or more powerful than the
packages on the previous section.
=note= exa is no longer maintained, and will soon be replaced by eza, a maintained
fork.
#+begin_src nix
unstable.yt-dlp # downloads videos from most video websites
unstable.gallery-dl # similar to yt-dlp but for most image gallery websites
fd # modern find, faster searches
fzf # fuzzy finder! super cool and useful
gdu # disk-space utility checker, somewhat useful
du-dust # rusty du similar to gdu
ripgrep # modern grep
trash-cli # oop! did not meant to delete that
eza # like ls but with colors
gocryptfs # encrypted filesystem! shhh!!!
rmlint # probably my favourite app, amazing dupe finder that integrates well with BTRFS
ffmpeg # not ffmpreg, the coolest video conversion tool!
# torrenttools # create torrent files from the terminal!
# vcsi # video thumbnails for torrents, can I replace it with ^?
#+end_src
*** MY SCRIPTS
Here I compile my own scripts into binaries.
#+begin_src nix
jawzTasks
(writeScriptBin "ffmpeg4discord" (builtins.readFile ../scripts/ffmpeg4discord.py))
(writeScriptBin "ffmpreg" (builtins.readFile ../scripts/ffmpreg.sh))
(writeScriptBin "split-dir" (builtins.readFile ../scripts/split-dir.sh))
(writeScriptBin "run" (builtins.readFile ../scripts/run.sh))
(writeScriptBin "pika-list" (builtins.readFile ../scripts/pika-list.sh))
#+end_src
*** DEVELOPMENT PACKAGES
Assorted development packages and libraries, categorized by languages.
#+begin_src nix
# required (optionally) by doom emacs, but still are rather useful
tree-sitter # code parsing based on symbols and shit, I do not get it
graphviz # graphs
tetex
# languagetool # proofreader for English
# these two are for doom everywhere
xorg.xwininfo
xdotool
xclip
tldr # man for retards
exercism # learn to code
# SH
bats # testing system, required by Exercism
bashdb # autocomplete
shellcheck # linting
shfmt # a shell parser and formatter
# NIX
expect # keep color when nom'ing
nix-output-monitor # autistic nix builds
nixfmt # linting
cachix # why spend time compiling?
# PYTHON.
(python3.withPackages (ps: with ps; [
pipenv # python development workflow for humans
# poetry # dependency management made easy
flake8 # wraper for pyflakes, pycodestyle and mccabe
isort # sort Python imports
nose # testing and running python scripts
pyflakes # checks source code for errors
pytest # framework for writing tests
speedtest-cli # check internet speed from the comand line
editorconfig # follow rules of contributin
black # Python code formatter
pylint # bug and style checker for python
]))
# C# & Rust
# omnisharp-roslyn # c# linter and code formatter
# HASKELL
ghc # compiler
cabal-install # haskell app manager
stack # haskell took stack
# unstable.haskellPackages.ghcup
# JS
nodejs # not as bad as I thought
# jq # linting
#+end_src
** CUSTOM PYTHON SCRIPTS
Libraries & apps not found on the nix-store and scripts made by me.
#+begin_src nix
]) ++ (with pkgs.python3Packages; [
(buildPythonApplication rec {
pname = "download";
version = "1.5";
src = ../scripts/download/.;
doCheck = false;
buildInputs = [ setuptools ];
propagatedBuildInputs =
[ pyyaml types-pyyaml ];
})
(buildPythonApplication rec {
pname = "ffpb";
version = "0.4.1";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-7eVqbLpMHS1sBw2vYS4cTtyVdnnknGtEI8190VlXflk=";
};
doCheck = false;
buildInputs = [ setuptools ];
propagatedBuildInputs =
[ tqdm ];
})
#+end_src
*** NODEJS PACKAGES
Mostly language servers and linters.
#+begin_src nix
]) ++ (with pkgs.nodePackages; [
# Language servers
dockerfile-language-server-nodejs
yaml-language-server
bash-language-server
vscode-json-languageserver
pyright
markdownlint-cli # Linter
prettier # Linter
pnpm # Package manager
#+end_src
** GNOME EXTENSIONS
The last line can be commented to allow for the installation of gnome-extensions
from the unstable channel.
#+begin_src nix
]) ++ (with pkgs; [
# lm_sensors # for extension, displays cpu temp
libgda # for pano shell extension
]) ++ (with pkgs.gnomeExtensions; [
appindicator # applets for open applications
panel-scroll # scroll well to change workspaces
reading-strip # like putting a finger on every line I read
tactile # window manager
pano # clipboard manager
# freon # hardware temperature monitor
# blur-my-shell # make the overview more visually appealing
# gamemode # I guess I'm a gamer now?
# burn-my-windows
# forge # window manager
# ]) ++ (with unstable.pkgs.gnomeExtensions; [
#+end_src
** CLOSE USER PACKAGES
#+begin_src nix
]); }; }; };# <--- end of package list
#+end_src
* HOME-MANAGER
** HOME-MANAGER SETTINGS
These make it so packages install to '/etc' rather than the user home directory,
also allow for upgrades when rebuilding the system.
#+begin_src nix
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
users.jawz = { config, pkgs, ... }:{
home.stateVersion = "${version}";
#+end_src
** DOTFILES
I opted out of using home-manager to declare my package environment, and instead
I use it exclusively for setting up my dotfiles.
*** BASH
Declares my .bashrc file, and sets up some environment and functions.
#+begin_src nix
programs.bash = {
enable = true;
historyFile = "\${XDG_STATE_HOME}/bash/history";
historyControl = [ "erasedups" "ignorespace" ];
shellAliases = {
hh = "hstr";
ls = "eza --icons --group-directories-first";
edit = "emacsclient -t";
comic = "download -u jawz -i \"$(cat $LC | fzf --multi --exact -i)\"";
gallery = "download -u jawz -i \"$(cat $LW | fzf --multi --exact -i)\"";
cp = "cp -i";
mv = "mv -i";
mkcd = "mkdir -pv \"$1\" && cd \"$1\" || exit";
mkdir = "mkdir -p";
rm = "trash";
".." = "cd ..";
"..." = "cd ../..";
".3" = "cd ../../..";
".4" = "cd ../../../..";
".5" = "cd ../../../../..";
dl = "download -u jawz -i";
e = "edit";
c = "cat";
f = "fzf --multi --exact -i";
sc = "systemctl --user";
jc = "journalctl --user -xefu";
open-gallery = "cd /mnt/pool/scrapping/JawZ/gallery-dl &&
xdg-open \"$(fd . ./ Husbands -tdirectory -d 1 | fzf -i)\"";
unique-extensions = "fd -tf | rev | cut -d. -f1 | rev |
tr '[:upper:]' '[:lower:]' | sort |
uniq --count | sort -rn";
};
enableVteIntegration = true;
initExtra = ''
,#+begin_src bash
$HOME/.local/bin/pokemon-colorscripts -r --no-title
# Lists
list_root="${config.xdg.configHome}"/jawz/lists/jawz
export LW=$list_root/watch.txt
export LI=$list_root/instant.txt
export LC=$list_root/comic.txt
export command_timeout=30
if command -v fzf-share >/dev/null; then
source "$(fzf-share)/key-bindings.bash"
source "$(fzf-share)/completion.bash"
fi
nixos-reload () {
NIXOSDIR=/home/jawz/Development/NixOS
nix-store --add-fixed sha256 $NIXOSDIR/scripts/PureRef-1.11.1_x64.Appimage
nixfmt $NIXOSDIR/workstation/*.nix
sudo unbuffer nixos-rebuild switch -I \
nixos-config=$NIXOSDIR/workstation/configuration.nix \
|& nom
}
'';
};
#+end_src
*** XDG
Configurations for XDG directories, as well as installing dotfiles from the
sub-directory on this repository.
#+begin_src nix
xdg = {
enable = true;
userDirs = {
enable = true;
createDirectories = false;
desktop = "${config.home.homeDirectory}";
documents = "${config.home.homeDirectory}/Documents";
download = "${config.home.homeDirectory}/Downloads";
music = "${config.home.homeDirectory}/Music";
pictures = "${config.home.homeDirectory}/Pictures";
templates = "${config.xdg.dataHome}/Templates";
videos = "${config.home.homeDirectory}/Videos";
};
configFile = {
"wgetrc".source = ../dotfiles/wget/wgetrc;
"configstore/update-notifier-npm-check.json".source = ../dotfiles/npm/update-notifier-npm-check.json;
"npm/npmrc".source = ../dotfiles/npm/npmrc;
"gallery-dl/config.json".source = ../dotfiles/gallery-dl/config.json;
"htop/htoprc".source = ../dotfiles/htop/htoprc;
"python/pythonrc".source = ../dotfiles/pythonrc;
};
};
#+end_src
** HOME-MANAGER PROGRAMS
Program declarations that are exclusive to home-manager, declaring packages this
way allows for extra configuration and integration beyond installing the
packages on the user environment, it's the only exception I make to installing
packages through home-manager.
#+begin_src nix
programs = {
hstr.enable = true;
emacs.enable = true;
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
};
bat = {
enable = true;
config = {
pager = "less -FR";
theme = "base16";
};
extraPackages = with pkgs.bat-extras; [
batman # man pages
batpipe # piping
batgrep # ripgrep
batdiff # this is getting crazy!
batwatch # probably my next best friend
prettybat # trans your sourcecode!
];
};
git = {
enable = true;
userName = "${myName}";
userEmail = "${myEmail}";
};
htop = {
enable = true;
package = pkgs.htop-vim;
};
};
#+end_src
** HOME-MANAGER USER-SERVICES
Lorri helps optimize emacs compilations, and the declaring emacs as a service
through home-manager fixes the bug where emacs loads so quickly that can not
connect to a graphic environment unless restarting the systemd service.
#+begin_src nix
services = {
lorri.enable = true;
emacs = {
enable = true;
defaultEditor = true;
package = pkgs.emacs;
startWithUserSession = "graphical";
};
};
#+end_src
** CLOSING HOME-MANAGER
#+begin_src nix
}; };
#+end_src
* ENVIRONMENT
These are a MUST to ensure the optimal function of nix, without these, recovery
may be challenging.
The environment.etc block allows for bluetooth devices to control volume, pause,
and other things through the headset controls.
Declare environment variables whose function is mostly to clear-up the $HOME
directory from as much bloat as possible, as well as some minor graphical tweaks
some applications use.
#+begin_src nix
environment = {
etc = {
"wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = ''
bluez_monitor.properties = {
["bluez5.enable-sbc-xq"] = true,
["bluez5.enable-msbc"] = true,
["bluez5.enable-hw-volume"] = true,
["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]"
}
'';
};
systemPackages = with pkgs; [
virt-manager
docker-compose
wget
gwe
];
variables = rec {
# PATH
XDG_CACHE_HOME = "\${HOME}/.cache";
XDG_CONFIG_HOME = "\${HOME}/.config";
XDG_BIN_HOME = "\${HOME}/.local/bin";
XDG_DATA_HOME = "\${HOME}/.local/share";
XDG_STATE_HOME = "\${HOME}/.local/state";
# DEV PATH
CABAL_DIR = "${XDG_CACHE_HOME}/cabal";
CARGO_HOME = "${XDG_DATA_HOME}/cargo";
GEM_HOME = "${XDG_DATA_HOME}/ruby/gems";
GEM_PATH = "${XDG_DATA_HOME}/ruby/gems";
GEM_SPEC_CACHE = "${XDG_DATA_HOME}/ruby/specs";
GOPATH = "${XDG_DATA_HOME}/go";
NPM_CONFIG_USERCONFIG = "${XDG_CONFIG_HOME}/npm/npmrc";
PNPM_HOME = "${XDG_DATA_HOME}/pnpm";
PSQL_HISTORY="${XDG_DATA_HOME}/psql_history";
REDISCLI_HISTFILE="${XDG_DATA_HOME}/redis/rediscli_history";
WINEPREFIX="${XDG_DATA_HOME}/wine";
PYTHONSTARTUP="${XDG_CONFIG_HOME}/python/pythonrc";
STACK_ROOT="${XDG_DATA_HOME}/stack";
# OPTIONS
HISTFILE = "${XDG_STATE_HOME}/bash/history";
LESSHISTFILE = "-";
GHCUP_USE_XDG_DIRS = "true";
RIPGREP_CONFIG_PATH = "${XDG_CONFIG_HOME}/ripgrep/ripgreprc";
ELECTRUMDIR = "${XDG_DATA_HOME}/electrum";
VISUAL = "emacsclient -ca emacs";
WGETRC = "${XDG_CONFIG_HOME}/wgetrc";
XCOMPOSECACHE = "${XDG_CACHE_HOME}/X11/xcompose";
"_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=${XDG_CONFIG_HOME}/java";
DOCKER_CONFIG="${XDG_CONFIG_HOME}/docker";
# NVIDIA
CUDA_CACHE_PATH = "${XDG_CACHE_HOME}/nv";
# Themes
# WEBKIT_DISABLE_COMPOSITING_MODE = "1";
CALIBRE_USE_SYSTEM_THEME = "1";
PATH = [
"\${HOME}/.local/bin"
"\${XDG_CONFIG_HOME}/emacs/bin"
"\${XDG_DATA_HOME}/npm/bin"
"\${XDG_DATA_HOME}/pnpm"
];
};
};
#+end_src
* PROGRAMS
Some programs get enabled and installed through here, as well as the activation
of some services.
#+begin_src nix
programs = {
starship.enable = true;
fzf.fuzzyCompletion = true;
neovim = {
enable = true;
vimAlias = true;
};
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
geary = {
enable = true;
};
steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
};
kdeconnect = {
enable = true;
package = pkgs.gnomeExtensions.gsconnect;
};
};
#+end_src
* SERVICES
Miscellaneous services, most of which are managed by systemd.
- avahi: allows to discover/connect to devices through their hostname on the
same network.
- fstrim/btrfs: file-system services.
- hardware.openrgb: enables to tune hardware RGB.
- psd: profile-sync-daemon, loads the chrome/firefox profile to ram.
#+begin_src nix
services = {
printing = {
enable = true;
drivers = [ pkgs.hplip pkgs.hplipWithPlugin ];
};
avahi = {
enable = true;
nssmdns = true;
};
psd.enable = true;
smartd.enable = true;
fstrim.enable = true;
btrfs.autoScrub = {
enable = true;
fileSystems = [
"/"
];
};
hardware.openrgb = {
enable = true;
motherboard = "amd";
};
openssh = {
enable = true;
openFirewall = true;
startWhenNeeded = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
};
#+end_src
* SYSTEMD
Home-manager, is not as flushed out when it comes to creating systemd units, so
the best way to define them for now, is using nix.
#+begin_src nix
systemd = {
services = { };
timers = { };
user = {
services = {
tasks = {
restartIfChanged = true;
description = "Run a tasks script which keeps a lot of things organized";
wantedBy = [ "default.target" ];
path = [
pkgs.bash
pkgs.nix
jawzTasks
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${jawzTasks}/bin/tasks";
};
};
};
timers = {
tasks = {
enable = true;
description = "Run a tasks script which keeps a lot of things organized";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
};
};
};
#+end_src
* FONTCONFIG
If enabled, a Fontconfig configuration file will point to a set of default
fonts. If you don not care about running X11 applications or any other program
that uses Fontconfig, you can turn this option off and prevent a dependency on
all those fonts.
=tip= once that Wayland is ready for deployment, I probably can remove this
setting.
#+begin_src nix
fonts.fontconfig.enable = true;
#+end_src
* HARDWARE
Computer-specific hardware settings. The power management settings are
defaulted to "performance".
- nvidia: GPU drivers.
- sane: hp scanner drivers.
- cpu.amd: microcode patches.
- opentabletdriver: overrides the default generic nvidia drivers.
- opengl: required for gaming, as pug drivers as well as video acceleration.
#+begin_src nix
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
hardware = {
cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
nvidia = {
modesetting.enable = true;
powerManagement.enable = true;
};
sane = {
enable = true;
extraBackends = [ pkgs.hplip pkgs.hplipWithPlugin ];
};
opentabletdriver = {
enable = true;
daemon.enable = false;
};
opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [
nvidia-vaapi-driver
vaapiVdpau
libvdpau-va-gl
];
};
};
#+end_src
* VIRTUALISATION
Basic docker settings to be able to run some images, although most docker images
run on my server.
On this section, you can also add virtual machines settings.
#+begin_src nix
# programs.virt-manager.enable = true;
programs.dconf.enable = true; # virt-manager requires dconf to remember settings
virtualisation = {
libvirtd.enable = true;
docker = {
enable = true;
storageDriver = "btrfs";
enableNvidia = true;
};
};
#+end_src
* CLOSE SYSTEM
#+begin_src nix
}
#+end_src
Reference in New Issue View Git Blame Copy Permalink