diff options
Diffstat (limited to 'system/settings')
47 files changed, 1050 insertions, 0 deletions
diff --git a/system/settings/base.nix b/system/settings/base.nix new file mode 100644 index 00000000..9e94a5a2 --- /dev/null +++ b/system/settings/base.nix @@ -0,0 +1,13 @@ +{ config, pkgs, ... }: + +{ boot.loader.timeout = 1; + + environment.systemPackages = with pkgs; [ + nix-index + ]; + + networking.extraHosts = '' + 127.0.0.1 ${config.networking.hostName} + ::1 ${config.networking.hostName} + ''; +} diff --git a/system/settings/configuration/berlin.nix b/system/settings/configuration/berlin.nix new file mode 100644 index 00000000..246510c4 --- /dev/null +++ b/system/settings/configuration/berlin.nix @@ -0,0 +1,8 @@ +{ config, pkgs, ... }: + +{ time.timeZone = "Europe/Berlin"; + services.redshift = { + latitude = "52.586"; + longitude = "13.300"; + }; +} diff --git a/system/settings/configuration/british-english.nix b/system/settings/configuration/british-english.nix new file mode 100644 index 00000000..3ff93678 --- /dev/null +++ b/system/settings/configuration/british-english.nix @@ -0,0 +1,4 @@ +{ config, pkgs, ... }: + +{ i18n.defaultLocale = "en_GB.UTF-8"; +} diff --git a/system/settings/configuration/england.nix b/system/settings/configuration/england.nix new file mode 100644 index 00000000..b2f799cd --- /dev/null +++ b/system/settings/configuration/england.nix @@ -0,0 +1,8 @@ +{ config, pkgs, ... }: + +{ time.timeZone = "Europe/London"; + services.redshift = { + latitude = "52.2394"; + longitude = "-0.9416"; + }; +} diff --git a/system/settings/configuration/nix.nix b/system/settings/configuration/nix.nix new file mode 100644 index 00000000..d254de0e --- /dev/null +++ b/system/settings/configuration/nix.nix @@ -0,0 +1,29 @@ +{ config, pkgs, ... }: + +{ nix = { + buildCores = 0; + + daemonNiceLevel = 19; + daemonIONiceLevel = 7; + + autoOptimiseStore = true; + gc = { + automatic = true; + options = "--delete-older-than 14d"; + }; + }; + + environment.systemPackages = with pkgs; [ + cachix + ]; + + system.autoUpgrade = { + enable = true; + flags = [ "--max-jobs" "1" ]; + }; + systemd.services.nixos-upgrade = { + script = pkgs.lib.mkForce '' + ${config.system.build.nixos-rebuild}/bin/nixos-rebuild boot --no-build-output --upgrade ${toString config.system.autoUpgrade.flags} + ''; + }; +} diff --git a/system/settings/configuration/user.nix b/system/settings/configuration/user.nix new file mode 100644 index 00000000..e7362bce --- /dev/null +++ b/system/settings/configuration/user.nix @@ -0,0 +1,11 @@ +{ config, pkgs, ... }: + +{ users.extraUsers.alan = { + description = "Alan Pearce"; + isNormalUser = true; + extraGroups = [ "audio" "wheel" "lp" "adbusers" "docker" "nitrokey" "dialout" "networkmanager" ]; + shell = "/run/current-system/sw/bin/zsh"; + home = "/home/alan"; + uid = 1000; + }; +} diff --git a/system/settings/gaming.nix b/system/settings/gaming.nix new file mode 100644 index 00000000..0dbc5b12 --- /dev/null +++ b/system/settings/gaming.nix @@ -0,0 +1,27 @@ +{ config, pkgs, ... }: + +{ + hardware.steam-hardware.enable = true; + hardware.opengl.driSupport32Bit = true; + hardware.pulseaudio.support32Bit = true; + + systemd = { + extraConfig = '' + DefaultLimitNOFILE=524288 + ''; + user.extraConfig = '' + DefaultLimitNOFILE=524288 + ''; + }; + + networking.firewall = { + allowedUDPPorts = [ + 27031 + 27036 + ]; + allowedTCPPorts = [ + 27036 + 27037 + ]; + }; +} diff --git a/system/settings/hardware/adb.nix b/system/settings/hardware/adb.nix new file mode 100644 index 00000000..8b511f55 --- /dev/null +++ b/system/settings/hardware/adb.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ programs.adb.enable = true; + users.groups.adbusers = {}; + + services.udev = { + packages = [ pkgs.android-udev-rules ]; + }; +} diff --git a/system/settings/hardware/audio.nix b/system/settings/hardware/audio.nix new file mode 100644 index 00000000..ed956919 --- /dev/null +++ b/system/settings/hardware/audio.nix @@ -0,0 +1,20 @@ +{ config, pkgs, ... }: + +{ hardware.pulseaudio = { + enable = true; + support32Bit = true; + daemon.config = { + flat-volumes = "no"; + }; + package = if config.hardware.bluetooth.enable + then pkgs.pulseaudioFull + else pkgs.pulseaudio; + }; + + sound.enable = true; + + environment.systemPackages = with pkgs; [ + pamixer + pavucontrol + ]; +} diff --git a/system/settings/hardware/bare-metal.nix b/system/settings/hardware/bare-metal.nix new file mode 100644 index 00000000..0a61790a --- /dev/null +++ b/system/settings/hardware/bare-metal.nix @@ -0,0 +1,29 @@ +{ config, pkgs, ... }: + +{ environment.systemPackages = with pkgs; [ + fuse_exfat + cryptsetup + dmidecode + hdparm + pciutils + usbutils + ]; + + hardware.cpu.intel.updateMicrocode = true; + + boot.kernel.sysctl = { + "net.ipv4.tcp_allowed_congestion_control" = "illinois reno lp"; + "net.ipv4.tcp_congestion_control" = "illinois"; + }; + + zramSwap = { + enable = true; + algorithm = "zstd"; + }; + boot.tmpOnTmpfs = true; + + boot.kernelModules = [ "bfq" ]; + + fileSystems."/".options = [ "noatime" "nodiratime" ]; + fileSystems."/home".options = [ "noatime" "nodiratime" ]; +} diff --git a/system/settings/hardware/connman.nix b/system/settings/hardware/connman.nix new file mode 100644 index 00000000..0361f9cb --- /dev/null +++ b/system/settings/hardware/connman.nix @@ -0,0 +1,14 @@ +{ config, pkgs, ... }: + +{ networking.connman = { + enable = true; + enableVPN = false; + }; + networking.wireless.enable = true; + + environment.systemPackages = with pkgs; [ + cmst + connman-notify + connman_dmenu + ]; +} diff --git a/system/settings/hardware/grub2.nix b/system/settings/hardware/grub2.nix new file mode 100644 index 00000000..70e86e71 --- /dev/null +++ b/system/settings/hardware/grub2.nix @@ -0,0 +1,13 @@ +{ config, pkgs, ... }: + +{ boot.loader = { + grub = { + enable = true; + splashImage = null; + version = 2; + device = "nodev"; + efiSupport = true; + }; + efi.canTouchEfiVariables = true; + }; +} diff --git a/system/settings/hardware/hidpi.nix b/system/settings/hardware/hidpi.nix new file mode 100644 index 00000000..1f4644c5 --- /dev/null +++ b/system/settings/hardware/hidpi.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ i18n = { + consoleFont = "ter-v24b"; + consolePackages = with pkgs; [ + terminus_font + ]; + }; +} diff --git a/system/settings/hardware/intel-gpu.nix b/system/settings/hardware/intel-gpu.nix new file mode 100644 index 00000000..fc6b6fa3 --- /dev/null +++ b/system/settings/hardware/intel-gpu.nix @@ -0,0 +1,15 @@ +{ config, pkgs, ... }: + +{ hardware.opengl.extraPackages = with pkgs; [ + vaapiIntel + vaapiVdpau + libvdpau-va-gl + ]; + + services.xserver.videoDrivers = [ "intel" "modesetting" ]; + + boot.earlyVconsoleSetup = true; + boot.initrd.kernelModules = [ + "i915" + ]; +} diff --git a/system/settings/hardware/keyboardio-model01.nix b/system/settings/hardware/keyboardio-model01.nix new file mode 100644 index 00000000..7a624f56 --- /dev/null +++ b/system/settings/hardware/keyboardio-model01.nix @@ -0,0 +1,13 @@ +{ config, pkgs, ... }: + +{ services.udev.extraRules = '' + SUBSYSTEMS=="usb", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="2300", SYMLINK+="model01", ENV{ID_MM_DEVICE_IGNORE}:="1", ENV{ID_MM_CANDIDATE}:="0" + SUBSYSTEMS=="usb", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="2301", SYMLINK+="model01", ENV{ID_MM_DEVICE_IGNORE}:="1", ENV{ID_MM_CANDIDATE}:="0" + ''; + + environment.systemPackages = with pkgs; [ + arduino_core + ]; + + environment.variables.ARDUINO_PATH = "${pkgs.arduino_core}/share/arduino"; +} diff --git a/system/settings/hardware/laptop.nix b/system/settings/hardware/laptop.nix new file mode 100644 index 00000000..17e27b63 --- /dev/null +++ b/system/settings/hardware/laptop.nix @@ -0,0 +1,87 @@ +{ config, pkgs, lib, ... }: + +{ boot.kernelModules = [ "coretemp" ]; + boot.extraModulePackages = with config.boot.kernelPackages; [ + x86_energy_perf_policy + ]; + + hardware = { + bluetooth = { + enable = true; + powerOnBoot = false; + package = pkgs.bluezFull; + }; + pulseaudio = { + extraModules = with pkgs; [ + pulseaudio-modules-bt + ]; + }; + }; + systemd.services.bluetooth.wantedBy = lib.mkForce []; + systemd.timers.bluetooth = { + description = "Delayed startup of Bluetooth"; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnActiveSec = "1 min"; + }; + }; + + environment.systemPackages = with pkgs; [ + blueman + bluez-tools + + powerstat + powertop + + arandr + autorandr + disper + ]; + + programs.light.enable = true; + + services.autorandr.enable = true; + + services.logind.extraConfig = '' + IdleAction=suspend + IdleActionSec=600 + ''; + + services.acpid = { + enable = true; + lidEventCommands = '' + ${pkgs.autorandr}/bin/autorandr --batch --change + ''; + }; + + services.tlp = { + enable = true; + extraConfig = '' + CPU_SCALING_GOVERNOR_ON_BAT=powersave + ENERGY_PERF_POLICY_ON_BAT="balance_power" + + SOUND_POWER_SAVE_ON_AC=60 + DEVICES_TO_DISABLE_ON_BAT_NOT_IN_USE="bluetooth wwan" + ''; + }; + + services.xserver = { + libinput = { + enable = lib.mkDefault true; + naturalScrolling = true; + disableWhileTyping = true; + }; + displayManager.sessionCommands = '' + ${pkgs.autorandr}/bin/autorandr --change --force + ${pkgs.blueman}/bin/blueman-applet & + ''; + }; + + systemd.services.nixos-upgrade.unitConfig.ConditionACPower = true; + systemd.services.nix-gc.unitConfig.ConditionACPower = true; + systemd.services.docker-prune.unitConfig.ConditionACPower = true; + + imports = [ + ../user-interface.nix + ]; +} diff --git a/system/settings/hardware/mouse.nix b/system/settings/hardware/mouse.nix new file mode 100644 index 00000000..b30d4124 --- /dev/null +++ b/system/settings/hardware/mouse.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: + +{ services.xserver.config = '' + Section "InputClass" + Identifier "Mouse (No Acceleration)" + MatchIsPointer "yes" + MatchIsTouchpad "no" + Option "AccelerationProfile" "-1" + Option "AccelerationScheme" "none" + EndSection + ''; +} diff --git a/system/settings/hardware/network-manager.nix b/system/settings/hardware/network-manager.nix new file mode 100644 index 00000000..f28548a1 --- /dev/null +++ b/system/settings/hardware/network-manager.nix @@ -0,0 +1,12 @@ +{ config, pkgs, ... }: + +{ networking.networkmanager = { + enable = true; + dns = "unbound"; + }; + + environment.systemPackages = with pkgs; [ + networkmanagerapplet + networkmanager_dmenu + ]; +} diff --git a/system/settings/hardware/nitrokey.nix b/system/settings/hardware/nitrokey.nix new file mode 100644 index 00000000..a77ce00c --- /dev/null +++ b/system/settings/hardware/nitrokey.nix @@ -0,0 +1,13 @@ +{ config, pkgs, lib, ... }: + +{ + hardware.nitrokey = { + enable = true; + }; + + services.pcscd.enable = true; + + environment.systemPackages = with pkgs; [ + nitrokey-app + ]; +} diff --git a/system/settings/hardware/nvidia-gpu.nix b/system/settings/hardware/nvidia-gpu.nix new file mode 100644 index 00000000..9fc34169 --- /dev/null +++ b/system/settings/hardware/nvidia-gpu.nix @@ -0,0 +1,5 @@ +{ config, pkgs, ... }: + +{ services.xserver.videoDrivers = [ "nvidia" ]; + nixpkgs.config.allowUnfree = true; +} diff --git a/system/settings/hardware/printing.nix b/system/settings/hardware/printing.nix new file mode 100644 index 00000000..96d3a959 --- /dev/null +++ b/system/settings/hardware/printing.nix @@ -0,0 +1,19 @@ +{ config, pkgs, lib, ... }: + +{ services.printing.enable = true; + systemd.services.cups.wantedBy = lib.mkForce []; + systemd.sockets.cups.wantedBy = [ "sockets.target" ]; + systemd.services.cups-browsed.wantedBy = lib.mkForce []; + + systemd.timers.cups-browsed = { + description = "Delayed startup of CUPS Remote Printer Discovery"; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnActiveSec = "2 min"; + }; + }; + + imports = [ + ../services/zeroconf.nix + ]; +} diff --git a/system/settings/hardware/qwerty.nix b/system/settings/hardware/qwerty.nix new file mode 100644 index 00000000..c967d561 --- /dev/null +++ b/system/settings/hardware/qwerty.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + services.xserver = { + layout = "us"; + xkbVariant = "intl-unicode"; + xkbOptions = "altwin:prtsc_rwin,caps:escape"; + }; +} diff --git a/system/settings/hardware/synaptics.nix b/system/settings/hardware/synaptics.nix new file mode 100644 index 00000000..9f075cce --- /dev/null +++ b/system/settings/hardware/synaptics.nix @@ -0,0 +1,27 @@ +{ config, pkgs, ... }: + +{ services.xserver = { + libinput.enable = false; + synaptics = { + enable = true; + + accelFactor = "0.04"; + + minSpeed = "0.3"; + maxSpeed = "0.6"; + + palmDetect = true; + palmMinWidth = 5; + palmMinZ = 20; + + twoFingerScroll = true; + vertTwoFingerScroll = true; + horizTwoFingerScroll = true; + additionalOptions = '' + Option "RBCornerButton" "3" + Option "VertScrollDelta" "-111" + Option "HorizScrollDelta" "-111" + ''; + }; + }; +} diff --git a/system/settings/hardware/systemd-boot.nix b/system/settings/hardware/systemd-boot.nix new file mode 100644 index 00000000..80e79fdc --- /dev/null +++ b/system/settings/hardware/systemd-boot.nix @@ -0,0 +1,10 @@ +{ config, pkgs, ... }: + +{ boot.loader.systemd-boot = { + enable = true; + editor = false; # Don't allow modification + }; + boot.loader.efi.canTouchEfiVariables = true; + boot.vesa = true; + boot.earlyVconsoleSetup = true; +} diff --git a/system/settings/hardware/thinkpad.nix b/system/settings/hardware/thinkpad.nix new file mode 100644 index 00000000..903e819b --- /dev/null +++ b/system/settings/hardware/thinkpad.nix @@ -0,0 +1,26 @@ +{ config, pkgs, ... }: + +{ boot.kernelModules = [ ]; + boot.blacklistedKernelModules = [ "thinkpad_ec" ]; + boot.extraModulePackages = with config.boot.kernelPackages; [ + acpi_call + ]; + + hardware.trackpoint = { + enable = true; + emulateWheel = true; + }; + + services.thinkfan = { + enable = true; + }; + + services.tlp = { + enable = true; + }; + + imports = [ + ./bare-metal.nix + ./laptop.nix + ]; +} diff --git a/system/settings/hardware/trackball.nix b/system/settings/hardware/trackball.nix new file mode 100644 index 00000000..9aa5abc0 --- /dev/null +++ b/system/settings/hardware/trackball.nix @@ -0,0 +1,13 @@ +{ config, pkgs, ... }: + +{ services.xserver.config = '' + Section "InputClass" + Identifier "Trackball (No Acceleration)" + MatchIsPointer "yes" + MatchIsTouchpad "no" + MatchProduct "Trackball" + Option "AccelerationProfile" "-1" + Option "AccelerationScheme" "none" + EndSection + ''; +} diff --git a/system/settings/hardware/trezor.nix b/system/settings/hardware/trezor.nix new file mode 100644 index 00000000..33cc6f25 --- /dev/null +++ b/system/settings/hardware/trezor.nix @@ -0,0 +1,13 @@ +{ config, lib, pkgs, ... }: + +{ services.trezord.enable = true; + environment.systemPackages = with pkgs; [ + gnupg + pinentry + (python3.withPackages(ps: with ps; [ trezor_agent wheel ])) + ]; + programs.gnupg.agent = { + enable = lib.mkForce false; + enableSSHSupport = lib.mkForce false; + }; +} diff --git a/system/settings/kubernetes.nix b/system/settings/kubernetes.nix new file mode 100644 index 00000000..692e46d6 --- /dev/null +++ b/system/settings/kubernetes.nix @@ -0,0 +1,21 @@ +{ config, pkgs, ... }: + +{ + networking.bridges = { + cbr0.interfaces = []; + }; + networking.interfaces = { + cbr0 = { + ipv4.addresses = [ + { address = "10.10.0.1"; + prefixLength = 24; + } + ]; + }; + }; + services.kubernetes.roles = ["master" "node"]; + services.kubernetes.kubelet.extraOpts = "--fail-swap-on=false"; + virtualisation.docker.extraOptions = '' + --iptables=false --ip-masq=false -b cbr0 + ''; +} diff --git a/system/settings/machines/t470s.nix b/system/settings/machines/t470s.nix new file mode 100644 index 00000000..4ee6c2ac --- /dev/null +++ b/system/settings/machines/t470s.nix @@ -0,0 +1,59 @@ +{ config, pkgs, ... }: + +{ hardware.usbWwan.enable = false; # unused + systemd.services.ModemManager.enable = false; + + hardware.firmware = with pkgs; [ + firmwareLinuxNonfree + ]; + + services.thinkfan.sensors = '' + hwmon /sys/devices/platform/coretemp.0/hwmon/hwmon0/temp3_input + hwmon /sys/devices/platform/coretemp.0/hwmon/hwmon0/temp1_input + hwmon /sys/devices/platform/coretemp.0/hwmon/hwmon0/temp2_input + ''; + services.thinkfan.levels = '' + (0, 0, 48) + (1, 45, 52) + (2, 50, 57) + (3, 55, 63) + (6, 60, 65) + (7, 60, 85) + (127, 80, 32767) + ''; + + boot.kernelParams = [ + "i915.enable_guc=2" + "i915.enable_psr=1" + ]; + + boot.postBootCommands = '' + echo bfq > /sys/block/nvme0n1/queue/scheduler + ''; + + hardware.pulseaudio.extraConfig = '' + load-module module-alsa-sink device=hw:0,7 + ''; + + services.tlp.extraConfig = '' + DISK_DEVICES="nvme0n1" + DISK_IOSCHED="keep" + ''; + + services.xserver = { + dpi = 109; + monitorSection = '' + DisplaySize 310 176 + ''; + }; + + environment.systemPackages = with pkgs; [ + nvme-cli + ]; + + imports = [ + ../hardware/intel-gpu.nix + ../hardware/hidpi.nix + ../hardware/thinkpad.nix + ]; +} diff --git a/system/settings/machines/x250.nix b/system/settings/machines/x250.nix new file mode 100644 index 00000000..0e8ac04e --- /dev/null +++ b/system/settings/machines/x250.nix @@ -0,0 +1,33 @@ +{ config, pkgs, ... }: + +{ boot.extraModulePackages = with config.boot.kernelPackages; [ + acpi_call + ]; + + hardware.firmware = with pkgs; [ + firmwareLinuxNonfree + ]; + + services.tlp.extraConfig = '' + # Newer Thinkpads have a battery firmware + # it conflicts with TLP if stop thresholds are set + START_CHARGE_THRESH_BAT0=70 + # STOP_CHARGE_THRESH_BAT0=80 + START_CHARGE_THRESH_BAT1=70 + # STOP_CHARGE_THRESH_BAT1=80 + + DISK_APM_LEVEL_ON_AC="254 254" + DISK_APM_LEVEL_ON_BAT="128 128" + + # One or both of these lines stops disk corruption + # when re-attaching to AC whilst on. + SATA_LINKPWR_ON_BAT=medium_power + SATA_LINKPWR_BLACKLIST="host1" + ''; + + imports = [ + ../hardware/synaptics.nix + ../hardware/intel-gpu.nix + ../hardware/thinkpad.nix + ]; +} diff --git a/system/settings/programs/accounting.nix b/system/settings/programs/accounting.nix new file mode 100644 index 00000000..e98c3e7e --- /dev/null +++ b/system/settings/programs/accounting.nix @@ -0,0 +1,10 @@ +{ config, pkgs, ... }: + +{ environment.systemPackages = with pkgs; [ + ledger + bean-add + beancount + fava + reckon + ]; +} diff --git a/system/settings/programs/barrier.nix b/system/settings/programs/barrier.nix new file mode 100644 index 00000000..9a73620d --- /dev/null +++ b/system/settings/programs/barrier.nix @@ -0,0 +1,7 @@ +{ config, pkgs, ... }: { + environment.systemPackages = with pkgs; [ + barrier + ]; + + networking.firewall.allowedTCPPorts = [ 24800 ]; +} diff --git a/system/settings/programs/gnome.nix b/system/settings/programs/gnome.nix new file mode 100644 index 00000000..bd785453 --- /dev/null +++ b/system/settings/programs/gnome.nix @@ -0,0 +1,24 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ services = { + gnome3 = { + gnome-documents.enable = false; + gnome-user-share.enable = false; + gnome-online-accounts.enable = false; + seahorse.enable = false; + tracker.enable = false; + }; + telepathy.enable = false; + + xserver = { + desktopManager.gnome3 = { + enable = true; + extraGSettingsOverrides = '' + [org.gnome.desktop.input-sources] + sources=[('xkb','${config.services.xserver.layout + (optionalString (config.services.xserver.xkbVariant != "") ("+" + config.services.xserver.xkbVariant))}')] + ''; + }; + }; + }; +} diff --git a/system/settings/programs/gnupg.nix b/system/settings/programs/gnupg.nix new file mode 100644 index 00000000..663bcb3c --- /dev/null +++ b/system/settings/programs/gnupg.nix @@ -0,0 +1,10 @@ +{ config, pkgs, lib, ... }: + +{ + environment.systemPackages = with pkgs; [ + gnupg + pinentry + (python3.withPackages(ps: with ps; [ trezor_agent wheel ])) + ]; + environment.variables.GNUPGHOME = "$HOME/.gnupg/trezor/"; +} diff --git a/system/settings/programs/i3.nix b/system/settings/programs/i3.nix new file mode 100644 index 00000000..b0140cdb --- /dev/null +++ b/system/settings/programs/i3.nix @@ -0,0 +1,20 @@ +{ config, pkgs, ... }: + +{ services.xserver.windowManager = { + default = "i3"; + i3 = { + enable = true; + extraSessionCommands = '' + ${pkgs.sxhkd}/bin/sxhkd & + ''; + }; + }; + + environment.systemPackages = with pkgs; [ + i3status + ]; + + imports = [ + ./window-manager.nix + ]; +} diff --git a/system/settings/programs/infrastructure.nix b/system/settings/programs/infrastructure.nix new file mode 100644 index 00000000..5e68bc8a --- /dev/null +++ b/system/settings/programs/infrastructure.nix @@ -0,0 +1,8 @@ +{ config, pkgs, ... }: + +{ environment.systemPackages = with pkgs; [ + hugo + + nixops + ]; +} diff --git a/system/settings/programs/kde.nix b/system/settings/programs/kde.nix new file mode 100644 index 00000000..652eb2a6 --- /dev/null +++ b/system/settings/programs/kde.nix @@ -0,0 +1,20 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ services = { + xserver = { + desktopManager = { + plasma5.enable = true; + }; + displayManager = { + sddm.enable = true; + }; + }; + + physlock.enable = lib.mkForce false; + }; + + environment.systemPackages = with pkgs; [ + kde-gtk-config + ]; +} diff --git a/system/settings/programs/keybase.nix b/system/settings/programs/keybase.nix new file mode 100644 index 00000000..39a16b27 --- /dev/null +++ b/system/settings/programs/keybase.nix @@ -0,0 +1,11 @@ +{ config, pkgs, lib, ... }: + +{ + services.keybase.enable = true; + services.kbfs.enable = true; + environment.variables.NIX_SKIP_KEYBASE_CHECKS = "1"; + + environment.systemPackages = with pkgs; [ + keybase-gui + ]; +} diff --git a/system/settings/programs/shell.nix b/system/settings/programs/shell.nix new file mode 100644 index 00000000..a8d4f56f --- /dev/null +++ b/system/settings/programs/shell.nix @@ -0,0 +1,8 @@ +{ config, pkgs, ... }: + +{ programs.zsh = { + enable = true; + promptInit = ""; + }; + programs.bash.enableCompletion = true; +} diff --git a/system/settings/programs/tor.nix b/system/settings/programs/tor.nix new file mode 100644 index 00000000..5524aede --- /dev/null +++ b/system/settings/programs/tor.nix @@ -0,0 +1,22 @@ +{ config, pkgs, lib, ... }: + +{ + services.tor = { + enable = true; + client = { + enable = true; + socksListenAddress = "9050 IPv6Traffic"; + }; + torsocks = { + enable = true; + }; + }; + systemd.services.tor.wantedBy = lib.mkForce []; + systemd.timers.tor = { + description = "Delayed startup of Tor"; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnActiveSec = "1 min"; + }; + }; +} diff --git a/system/settings/programs/window-manager.nix b/system/settings/programs/window-manager.nix new file mode 100644 index 00000000..7095d523 --- /dev/null +++ b/system/settings/programs/window-manager.nix @@ -0,0 +1,46 @@ +{ config, pkgs, ... }: + +{ services.xserver = { + desktopManager.xterm.enable = false; + + displayManager = { + lightdm = { + enable = true; + greeters.mini = { + enable = true; + user = "alan"; + }; + }; + sessionCommands = '' + ${pkgs.xorg.xrdb}/bin/xrdb -merge $HOME/.xresources/main + ${pkgs.xorg.xsetroot}/bin/xsetroot -cursor_name left_ptr -solid '#4d4d4c' + ''; + }; + xautolock = { + enable = true; + locker = "${pkgs.i3lock}/bin/i3lock -n"; + enableNotifier = true; + notifier = "${pkgs.libnotify}/bin/notify-send \"Locking in 10 seconds\""; + time = 5; + }; + }; + + services.xserver.displayManager.setupCommands = '' + ${pkgs.redshift}/bin/redshift \ + -l ${toString config.services.redshift.latitude}:${toString config.services.redshift.longitude} \ + -t ${toString config.services.redshift.temperature.day}:${toString config.services.redshift.temperature.night} \ + -b 1:1 \ + -o \ + -r \ + ''; + + environment.systemPackages = with pkgs; [ + dmenu + libnotify # for notify-send + rofi + sxhkd + maim + + perlPackages.FileMimeInfo # xdg-utils uses this when no DE + ]; +} diff --git a/system/settings/programs/wine.nix b/system/settings/programs/wine.nix new file mode 100644 index 00000000..98dd60a2 --- /dev/null +++ b/system/settings/programs/wine.nix @@ -0,0 +1,6 @@ +{ config, pkgs, ... }: + +{ environment.systemPackages = with pkgs; [ + wineStable + ]; +} diff --git a/system/settings/satoshipay.nix b/system/settings/satoshipay.nix new file mode 100644 index 00000000..9cc5a341 --- /dev/null +++ b/system/settings/satoshipay.nix @@ -0,0 +1,71 @@ +{ config, pkgs, fetchurl, lib, ... }: + +{ virtualisation = { + docker = let + daemonConfig = { + ipv6 = true; + fixed-cidr-v6 = "fd69:2074:9fcd:b0fd::/64"; + features = { + buildkit = true; + }; + }; + in { + enable = true; + enableOnBoot = false; + liveRestore = false; + + extraOptions = "--config-file=${pkgs.writeText "daemon.json" (builtins.toJSON daemonConfig)}"; + + autoPrune = { + enable = true; + }; + }; + }; + + services.mongodb = { + enable = true; + replSetName = "rs0"; + dbpath = "/tmp/mongodb"; + }; + systemd.services.mongodb.wantedBy = lib.mkForce []; + systemd.timers.mongodb = { + description = "Delayed startup of MongoDB"; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnActiveSec = "1 min"; + }; + }; + systemd.services.mongodb-init = { + description = "Init mongodb replicaset"; + requires = [ "mongodb.service" ]; + script = "${pkgs.mongodb}/bin/mongo --eval 'rs.initiate()'"; + }; + systemd.timers.mongodb-init = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnActiveSec = "2 min"; + }; + }; + + services.redis = { + enable = true; + }; + systemd.services.redis.wantedBy = lib.mkForce []; + systemd.timers.redis = { + description = "Delayed startup of Redis"; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnActiveSec = "1 min"; + }; + }; + + + services.printing.drivers = with pkgs; [ + ]; + + networking.domain = "satoshipay.io"; + + networking.extraHosts = '' + 127.0.0.1 blogger.local wallet.satoshipay.local api.satoshipay.local ws.satoshipay.local + ''; +} diff --git a/system/settings/services/syncthing.nix b/system/settings/services/syncthing.nix new file mode 100644 index 00000000..b6a12861 --- /dev/null +++ b/system/settings/services/syncthing.nix @@ -0,0 +1,11 @@ +{ config, pkgs, ... }: + +{ services.syncthing = { + enable = true; + user = "alan"; + group = "users"; + openDefaultPorts = true; + systemService = true; + dataDir = "/home/alan/.config/syncthing"; + }; +} diff --git a/system/settings/services/xserver.nix b/system/settings/services/xserver.nix new file mode 100644 index 00000000..d898f55a --- /dev/null +++ b/system/settings/services/xserver.nix @@ -0,0 +1,82 @@ +{ config, pkgs, ... }: + +{ services.xserver = { + enable = true; + enableCtrlAltBackspace = true; + exportConfiguration = true; + }; + + i18n.consoleUseXkbConfig = true; + + environment.systemPackages = with pkgs; [ + xorg.xmodmap + xorg.xinit + xorg.xev + xorg.xdpyinfo + xclip + xfontsel + + vanilla-dmz + capitaine-cursors + bibata-cursors + + arc-theme + hicolor_icon_theme + paper-gtk-theme + paper-icon-theme + + arc-icon-theme + tango-icon-theme + + gtk-engine-murrine + gtk_engines + ]; + + fonts = { + enableFontDir = true; + enableDefaultFonts = false; + fontconfig = { + useEmbeddedBitmaps = true; + defaultFonts = { + monospace = [ "Liberation Mono" ]; + sansSerif = [ "Liberation Sans" ]; + serif = [ "Liberation Serif" ]; + }; + penultimate = { + enable = true; + }; + ultimate = { + enable = false; + preset = "osx"; + }; + }; + fonts = with pkgs; [ + dina-font + envypn-font + profont + proggyfonts + terminus_font + terminus_font_ttf + + fantasque-sans-mono + emacs-all-the-icons-fonts + fira + fira-code + fira-mono + go-font + font-awesome_5 + ibm-plex + liberation_ttf + mononoki + roboto + roboto-mono + roboto-slab + source-code-pro + source-sans-pro + source-serif-pro + xorg.fontmiscmisc + xorg.fontcursormisc + xorg.fontbhlucidatypewriter100dpi + ]; + }; +} diff --git a/system/settings/services/zeroconf.nix b/system/settings/services/zeroconf.nix new file mode 100644 index 00000000..0b428c54 --- /dev/null +++ b/system/settings/services/zeroconf.nix @@ -0,0 +1,16 @@ +{ config, pkgs, lib, ... }: + +{ services.avahi = { + enable = true; + nssmdns = true; + ipv6 = true; + }; + systemd.services.avahi-daemon.wantedBy = lib.mkForce []; + systemd.timers.avahi-daemon = { + description = "Delayed startup of Avahi"; + wantedBy = [ "timers.target" ]; + timerConfig = { + OnActiveSec = "1 min"; + }; + }; +} diff --git a/system/settings/user-interface.nix b/system/settings/user-interface.nix new file mode 100644 index 00000000..08d390ab --- /dev/null +++ b/system/settings/user-interface.nix @@ -0,0 +1,97 @@ +{ config, pkgs, lib, makeDesktopItem, ... }: + +{ documentation.info.enable = true; + nixpkgs.config.firefox.enableOfficialBranding = true; + + environment.pathsToLink = [ "/share/zsh" ]; + + environment.systemPackages = with pkgs; [ + aria2 + firefox + pcmanfm + + epdfview + geeqie + + cmus + + fish # for emacs-fish-completion + + lxappearance + lxrandr + lxtask + + python3Packages.keyring + isync + msmtp + html2text + + weechat + + mpv + + aspell + aspellDicts.en + + cifs-utils + hexchat + signal-desktop + wire-desktop + + trash-cli + ]; + + nixpkgs.config.allowUnfree = true; + + services.compton = { + enable = true; + backend = "glx"; + vSync = "opengl-swc"; + }; + + services.devmon.enable = true; + + systemd.user.services.trash-clean = { + path = with pkgs; [ trash-cli ]; + description = "Remove old files from FreeDesktop.org trash"; + + serviceConfig = { + Type = "oneshot"; + }; + script = "trash-empty 30"; + }; + systemd.user.timers.trash-clean = { + wantedBy = [ "default.target" ]; + timerConfig = { + OnCalendar = "weekly"; + Persistent = true; + }; + }; + + environment.variables = { + # This is required so that GTK applications launched from Emacs + # get properly themed: + GTK_DATA_PREFIX = "${config.system.path}"; + }; + + services.redshift = { + enable = true; + temperature = { + day = 6500; + night = 3600; + }; + }; + + programs.ssh.startAgent = true; + + programs.dconf.enable = true; + services.gnome3 = { + gnome-keyring.enable = true; + seahorse.enable = true; + at-spi2-core.enable = true; + }; + + imports = [ + ./services/xserver.nix + ]; +} |