-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
10 changed files
with
304 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,106 @@ | ||
| # Edit this configuration file to define what should be installed on | ||
| # your system. Help is available in the configuration.nix(5) man page, on | ||
| # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). | ||
|
|
||
| { config, lib, pkgs, ... }: | ||
|
|
||
| { | ||
| imports = | ||
| [ # Include the results of the hardware scan. | ||
| ./hardware-configuration.nix | ||
| ./disko-config.nix | ||
|
|
||
| ./home.nix | ||
| ./secrets.nix | ||
| ]; | ||
|
|
||
| hardware.amdgpu.opencl = false; | ||
|
|
||
| boot.kernelPackages = pkgs.linuxPackages_6_6; | ||
|
|
||
| # Use the systemd-boot EFI boot loader. | ||
| boot.loader.systemd-boot.enable = true; | ||
| boot.loader.efi.canTouchEfiVariables = true; | ||
|
|
||
| boot.tmp.useTmpfs = true; | ||
|
|
||
| services.btrfs = { | ||
| autoScrub = { | ||
| enable = true; | ||
| fileSystems = ["/"]; | ||
| }; | ||
| }; | ||
|
|
||
| networking.hostName = "talos"; # Define your hostname. | ||
| networking.domain = "alarsyo.net"; | ||
| # Pick only one of the below networking options. | ||
| # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. | ||
| networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. | ||
|
|
||
| # Set your time zone. | ||
| time.timeZone = "Europe/Paris"; | ||
|
|
||
| # Configure network proxy if necessary | ||
| # networking.proxy.default = "http://user:password@proxy:port/"; | ||
| # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; | ||
|
|
||
| programs = { | ||
| dconf.enable = true; | ||
| light.enable = true; | ||
| }; | ||
| services = { | ||
| fwupd.enable = true; | ||
| openssh.enable = true; | ||
| }; | ||
| virtualisation = { | ||
| docker.enable = true; | ||
| libvirtd.enable = true; | ||
| }; | ||
|
|
||
| my.services = { | ||
| tailscale = { | ||
| enable = true; | ||
| useRoutingFeatures = "client"; | ||
| }; | ||
|
|
||
| pipewire.enable = true; | ||
| }; | ||
|
|
||
| my.gui.enable = true; | ||
| my.displayManager.sddm.enable = lib.mkForce false; | ||
|
|
||
| hardware.bluetooth = { | ||
| enable = true; | ||
| powerOnBoot = false; | ||
| settings.General.Experimental = true; | ||
| }; | ||
|
|
||
| # Configure console keymap | ||
| console.keyMap = "us"; | ||
|
|
||
| # Select internationalisation properties. | ||
| i18n.defaultLocale = "en_US.UTF-8"; | ||
| i18n.extraLocaleSettings = { | ||
| LC_ADDRESS = "fr_FR.UTF-8"; | ||
| LC_IDENTIFICATION = "fr_FR.UTF-8"; | ||
| LC_MEASUREMENT = "fr_FR.UTF-8"; | ||
| LC_MONETARY = "fr_FR.UTF-8"; | ||
| LC_NAME = "fr_FR.UTF-8"; | ||
| LC_PAPER = "fr_FR.UTF-8"; | ||
| LC_TELEPHONE = "fr_FR.UTF-8"; | ||
| }; | ||
|
|
||
| # Enable the X11 windowing system. | ||
| services.xserver.enable = true; | ||
|
|
||
| # Enable the KDE Plasma Desktop Environment. | ||
| services.xserver.displayManager.sddm.enable = true; | ||
| services.xserver.desktopManager.plasma5.enable = true; | ||
| services.power-profiles-daemon.enable = true; | ||
|
|
||
| # Copy the NixOS configuration file and link it from the resulting system | ||
| # (/run/current-system/configuration.nix). This is useful in case you | ||
| # accidentally delete configuration.nix. | ||
| # system.copySystemConfiguration = true; | ||
| } | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,63 @@ | ||
| { | ||
| disko.devices = { | ||
| disk = { | ||
| nvme0n1 = { | ||
| type = "disk"; | ||
| device = "/dev/nvme0n1"; | ||
| content = { | ||
| type = "gpt"; | ||
| partitions = { | ||
| ESP = { | ||
| size = "512M"; | ||
| type = "EF00"; | ||
| content = { | ||
| type = "filesystem"; | ||
| format = "vfat"; | ||
| mountpoint = "/boot"; | ||
| mountOptions = [ | ||
| "defaults" | ||
| ]; | ||
| }; | ||
| }; | ||
| luks = { | ||
| size = "100%"; | ||
| content = { | ||
| type = "luks"; | ||
| name = "crypted"; | ||
| # disable settings.keyFile if you want to use interactive password entry | ||
| passwordFile = "/tmp/secret.key"; # Interactive | ||
| settings = { | ||
| allowDiscards = true; | ||
| #keyFile = "/tmp/secret.key"; | ||
| }; | ||
| #additionalKeyFiles = [ "/tmp/additionalSecret.key" ]; | ||
| content = { | ||
| type = "btrfs"; | ||
| extraArgs = [ "-f" ]; | ||
| subvolumes = { | ||
| "/root" = { | ||
| mountpoint = "/"; | ||
| mountOptions = [ "compress=zstd" "noatime" ]; | ||
| }; | ||
| "/home" = { | ||
| mountpoint = "/home"; | ||
| mountOptions = [ "compress=zstd" "noatime" ]; | ||
| }; | ||
| "/nix" = { | ||
| mountpoint = "/nix"; | ||
| mountOptions = [ "compress=zstd" "noatime" ]; | ||
| }; | ||
| "/swap" = { | ||
| mountpoint = "/.swapvol"; | ||
| swap.swapfile.size = "8G"; | ||
| }; | ||
| }; | ||
| }; | ||
| }; | ||
| }; | ||
| }; | ||
| }; | ||
| }; | ||
| }; | ||
| }; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| # Do not modify this file! It was generated by ‘nixos-generate-config’ | ||
| # and may be overwritten by future invocations. Please make changes | ||
| # to /etc/nixos/configuration.nix instead. | ||
| { config, lib, pkgs, modulesPath, ... }: | ||
|
|
||
| { | ||
| imports = | ||
| [ (modulesPath + "/installer/scan/not-detected.nix") | ||
| ]; | ||
|
|
||
| boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ]; | ||
| boot.initrd.kernelModules = [ ]; | ||
| boot.kernelModules = [ "kvm-amd" ]; | ||
| boot.extraModulePackages = [ ]; | ||
|
|
||
| # Enables DHCP on each ethernet and wireless interface. In case of scripted networking | ||
| # (the default) this is the recommended approach. When using systemd-networkd it's | ||
| # still possible to use this option, but it's recommended to use it in conjunction | ||
| # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. | ||
| networking.useDHCP = lib.mkDefault true; | ||
| # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; | ||
|
|
||
| nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; | ||
| hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| { | ||
| config, | ||
| pkgs, | ||
| ... | ||
| }: { | ||
| home-manager.users.alarsyo = { | ||
| my.home.laptop.enable = true; | ||
|
|
||
| # Keyboard settings & i3 settings | ||
| my.home.x.enable = true; | ||
| my.home.x.i3bar.temperature.chip = "k10temp-pci-*"; | ||
| my.home.x.i3bar.temperature.inputs = ["Tctl"]; | ||
| my.home.x.i3bar.networking.throughput_interfaces = ["wlp1s0"]; | ||
| my.home.emacs.enable = true; | ||
|
|
||
| my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; | ||
|
|
||
| # TODO: place in global home conf | ||
| services.dunst.enable = true; | ||
|
|
||
| home.packages = builtins.attrValues { | ||
| inherit | ||
| (pkgs) | ||
| # some websites only work there :( | ||
|
|
||
| chromium | ||
| darktable | ||
| # dev | ||
|
|
||
| rustup | ||
| gdb | ||
| valgrind | ||
| arandr | ||
| zotero | ||
| ; | ||
|
|
||
| #inherit | ||
| # (pkgs.packages) | ||
| # ansel | ||
| # spot | ||
| # ; | ||
|
|
||
| inherit (pkgs.wineWowPackages) stable; | ||
| }; | ||
| }; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| { | ||
| config, | ||
| lib, | ||
| options, | ||
| ... | ||
| }: { | ||
| config.age = { | ||
| secrets = let | ||
| toSecret = name: {...} @ attrs: | ||
| { | ||
| file = ./../../modules/secrets + "/${name}.age"; | ||
| } | ||
| // attrs; | ||
| in | ||
| lib.mapAttrs toSecret { | ||
| #"restic-backup/hephaestus-credentials" = {}; | ||
| #"restic-backup/hephaestus-password" = {}; | ||
|
|
||
| "users/alarsyo-hashed-password" = {}; | ||
| "users/root-hashed-password" = {}; | ||
| }; | ||
| }; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| {...}: { | ||
| imports = [ | ||
| # Default configuration | ||
| ./base | ||
|
|
||
| # Module definitions | ||
| ./modules | ||
|
|
||
| # Service definitions | ||
| ./services | ||
|
|
||
| # Host-specific config | ||
| ./hosts/talos | ||
| ]; | ||
|
|
||
| # This value determines the NixOS release from which the default | ||
| # settings for stateful data, like file locations and database versions | ||
| # on your system were taken. It‘s perfectly fine and recommended to leave | ||
| # this value at the release version of the first install of this system. | ||
| # Before changing this value read the documentation for this option | ||
| # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). | ||
| system.stateVersion = "24.05"; # Did you read the comment? | ||
| } |