john/dendritic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: john/dendritic:main
Branches Tags
john/dendritic:main john/dendritic:omen john/dendritic:wrappers john/dendritic:forgejo
...
pull from: john/dendritic:omen
Branches Tags
john/dendritic:omen john/dendritic:wrappers john/dendritic:main john/dendritic:forgejo

29 Commits
main ... omen

Author SHA1 Message Date
John Lancaster 021ca1ba83 added steam to omen 2026-06-14 20:47:34 -05:00
John Lancaster 4bd11e1047 audio stuff in nixos-base 2026-06-14 20:47:22 -05:00
John Lancaster ff80098418 niri hotkey changes 2026-06-14 18:05:13 -05:00
John Lancaster 3265669503 security stuff in nixos-base 2026-06-14 18:04:27 -05:00
John Lancaster 7294e04ae2 onepassword module 2026-06-14 13:17:05 -05:00
John Lancaster 3e1d438453 desktop import 2026-06-14 12:50:36 -05:00
John Lancaster 2f653b95ce added websockets 2026-06-14 12:43:31 -05:00
John Lancaster 1c1515678a created nixos-base 2026-06-14 12:25:33 -05:00
John Lancaster ee4839877c null fixes 2026-06-14 11:31:33 -05:00
John Lancaster fc2325e70b fix 2026-06-14 11:21:01 -05:00
John Lancaster 2ae5eb9547 niri hotkeys 2026-06-14 11:15:27 -05:00
John Lancaster ba305e29fd WIP noctalia rendering 2026-06-14 10:58:26 -05:00
John Lancaster deda2c9bbc WIP greetd 2026-06-14 10:06:43 -05:00
John Lancaster 10c8c887db WIP greetd 2026-06-14 10:02:11 -05:00
John Lancaster 7b2dffbccf WIP niri greeter 2026-06-14 09:41:14 -05:00
John Lancaster 95f382107d separated wrapped nixGL packages 2026-06-14 08:37:30 -05:00
John Lancaster 3cd3099987 added greetd 2026-06-14 08:33:00 -05:00
John Lancaster 775543224e moved 2026-06-14 08:29:56 -05:00
John Lancaster aff608c1ce login stuff 2026-06-14 08:26:13 -05:00
John Lancaster ecb640fa45 undo 2026-06-14 08:11:55 -05:00
John Lancaster ceeba1c786 added spawn-at-startup command to niri 2026-06-14 08:09:18 -05:00
John Lancaster b8153f0ebc formatting 2026-06-14 07:52:17 -05:00
John Lancaster e9ec34f15c flake.lock update 2026-06-14 07:45:10 -05:00
John Lancaster 6c8ca29751 added john module 2026-06-13 10:46:29 -05:00
John Lancaster bcd07532db flake.lock update 2026-06-13 10:06:46 -05:00
John Lancaster 2861c460c2 ssh updates 2026-06-13 10:05:50 -05:00
John Lancaster 6e27e92f89 flake.lock update 2026-06-13 09:43:07 -05:00
John Lancaster 1002e6e0da wrapped versions of niri and noctalia 2026-06-13 09:27:01 -05:00
John Lancaster 24eeb5967c initial omen config 2026-06-11 08:28:49 -05:00
15 changed files with 514 additions and 187 deletions
Expand all files Collapse all files
README.md
+4
View File
@@ -12,6 +12,10 @@ home-manager switch --flake .#desktop
nix flake show --all-systems
```
```shell
nix run nixpkgs#nh home switch -- --configuration john@john-pc-ubuntu .
```
## Layout
- Everything under `./modules` gets auto-imported by `import-tree`
flake.lock
Generated
+31 -31
View File
@@ -64,11 +64,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1780459148,
"narHash": "sha256-oIpiel88r8zV/WqTFwcGAjWXKOASHNzq7wjXQ6ORTvg=",
"lastModified": 1781195293,
"narHash": "sha256-C9OFghpvf3RzK2rGsZjjNNrTrHgFOecEkpDhFnU4QGs=",
"owner": "cachix",
"repo": "devenv",
"rev": "493ed7ef062ba3972c06e60970fe5ebe014f5c33",
"rev": "5f5109c83854577191634f7b86fc6e0c8fd44964",
"type": "github"
},
"original": {
@@ -111,11 +111,11 @@
},
"flake-file": {
"locked": {
"lastModified": 1779051720,
"narHash": "sha256-+jbXnODsR19pFKB0x/6kHhFgW6yV6N+CGClFr45eDU8=",
"lastModified": 1781217157,
"narHash": "sha256-N3q/SP2Ropk336e9KSgLh7kpROY6P70dprYdbPIfd5c=",
"owner": "vic",
"repo": "flake-file",
"rev": "c58eb27d9434e5be0c8693f1eb18d47035bc21ba",
"rev": "ce63eaf7ebfe04a176653f66385a7f0a36380cee",
"type": "github"
},
"original": {
@@ -273,11 +273,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1780408569,
"narHash": "sha256-s7Tv6FUQThRAvW8En8XVC6HMb0uiikzVccCcCo9u/Bg=",
"lastModified": 1781365335,
"narHash": "sha256-zqDBhXMzfbdlO7F2bGHe7MOtB3xngd/+4ieMHDC+ZXo=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f384af1bec6423a0d4ba1855917ab948f64e5808",
"rev": "5b6f5733726a1b2ccafb5dec6ac4ca7299fad66c",
"type": "github"
},
"original": {
@@ -303,11 +303,11 @@
},
"mnw": {
"locked": {
"lastModified": 1778541201,
"narHash": "sha256-n0twkzWexzjsoDycOTvvQNuGEdg62UiNHYcFCduYpKI=",
"lastModified": 1780772958,
"narHash": "sha256-VKKe8r4pwCGWZ3Yr9CPN129R4S3CKLSrlYqdYz3vKpM=",
"owner": "Gerg-L",
"repo": "mnw",
"rev": "1a3573fc9d2486738fe0b2cacc5cd10dd5f3a445",
"rev": "0871dbf63a53610c95db04439ed8ea4d6ec9c160",
"type": "github"
},
"original": {
@@ -428,11 +428,11 @@
"nixos-hardware": {
"flake": false,
"locked": {
"lastModified": 1780310866,
"narHash": "sha256-fPBRVf6A5xlACYcOI59shGrjURuvwu0lRsDoSCEXt/I=",
"lastModified": 1781168557,
"narHash": "sha256-LOnLQ2tpYF9gqIDDr3+j3DbpJJr/QCH6zPRT2GzEUOE=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "4ed851c979641e28597a05086332d75cdc9e395f",
"rev": "6358ff76821101c178e3ab4919a62799bfe3652e",
"type": "github"
},
"original": {
@@ -479,11 +479,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1779877693,
"narHash": "sha256-NOF9NAREhxr50bbBfVcVOq+ArCMSoe8dP79Pk2uyARk=",
"lastModified": 1780365719,
"narHash": "sha256-QfWfccTN+70ZQ4m2qlU9PiKfz2Yppq94058iJyARNwc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4100e830e085863741bc69b156ec4ccd53ab5be0",
"rev": "ffa10e26ae11d676b2db836259889f1f571cb14f",
"type": "github"
},
"original": {
@@ -495,11 +495,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1780336545,
"narHash": "sha256-bWVU1JP9hCYZzQjMLdMzr/FINF+UvpZGvCJcnNY616k=",
"rev": "4df1b885d76a54e1aa1a318f8d16fd6005b6401f",
"lastModified": 1781359544,
"narHash": "sha256-X8fdRtvrm8OHLZ6Lkg3ZAQm5N6we5mLkdYd92vAw4c8=",
"rev": "9f11f828c213641c2369a9f1fa31fe31557e3156",
"type": "tarball",
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-26.11pre1008784.4df1b885d76a/nixexprs.tar.xz"
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-26.11pre1015979.9f11f828c213/nixexprs.tar.xz"
},
"original": {
"type": "tarball",
@@ -518,11 +518,11 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1780421419,
"narHash": "sha256-EkZYvhK9B9M9j9vuLNSexG1Uf51UshGkPy5iVpYORe8=",
"lastModified": 1781440932,
"narHash": "sha256-aPOboQRLIpNe5XiNE6z3Bo0ra/l9Bgh1/vNy+wlw2v4=",
"owner": "notashelf",
"repo": "nvf",
"rev": "8265ea062b4c37dc1b9846ec83bb8c9615048ef1",
"rev": "cc5fe0bdf72aad87a140b16a65296db92a9ecffb",
"type": "github"
},
"original": {
@@ -575,11 +575,11 @@
]
},
"locked": {
"lastModified": 1777944972,
"narHash": "sha256-VfGRo1qTBKOe3s2gOv8LSoA6Fk19PvBlwQ1ECN0Evn8=",
"lastModified": 1780547341,
"narHash": "sha256-Gq8KNx5A7hBB3uGJaj6eQfLDIz5YdLu92gqBcvHvoUo=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "c591bf665727040c6cc5cb409079acb22dcce33c",
"rev": "9ed65852b6257fbeae4355bc24ecfea307ca759a",
"type": "github"
},
"original": {
@@ -647,11 +647,11 @@
]
},
"locked": {
"lastModified": 1780449413,
"narHash": "sha256-ZsjnJ85CrTxI7+VaOWzkOB1u/+d4CM9AxBazXfsYXuA=",
"lastModified": 1780661205,
"narHash": "sha256-3F5DixT3Gk91lBI9E+TGMm0ko5HrRbDiL23di16TJGA=",
"owner": "BirdeeHub",
"repo": "nix-wrapper-modules",
"rev": "e72bd9cf5fbc57e620912b773bed42b4e278bdc0",
"rev": "8dd304c3582ddd339217e1cc5fb53f50acb63c2d",
"type": "github"
},
"original": {
modules/features/greetd.nix
+15 -2
View File
@@ -1,11 +1,24 @@
# https://github.com/glabrie/dotfiles/blob/main/modules/system/settings/greetd.nix
{ inputs, ... }: {
flake.modules.nixos.greetd = { pkgs, lib, ... }: {
flake.modules.nixos.greetd = { pkgs, lib, config, ... }:
let
niriPackage = if config.programs.niri.enable then config.programs.niri.package else pkgs.niri;
niriExe = lib.getExe niriPackage;
regreetExe = lib.getExe config.programs.regreet.package;
greeterNiriConfig = pkgs.writeText "niri-greeter.kdl" ''
spawn-at-startup "${regreetExe}"
hotkey-overlay {
skip-at-startup
}
'';
in {
programs.regreet.enable = true;
services.greetd = {
enable = true;
settings = {
default_session = {
command = "${lib.getExe pkgs.tuigreet} --time --remember --cmd niri-session";
command = "${pkgs.dbus}/bin/dbus-run-session -- ${niriExe} --config ${greeterNiriConfig}";
user = "greeter";
};
};
modules/features/niri.nix
+156
View File
@@ -0,0 +1,156 @@
{ self, inputs, ... }: {
flake.modules.nixos.niri = { pkgs, lib, ... }:
let
niriPkg = self.packages.${pkgs.stdenv.hostPlatform.system}.myNiri;
in
{
programs.niri = {
enable = true;
package = niriPkg;
};
systemd.user.services.niri.enableDefaultPath = false;
};
perSystem = { pkgs, lib, self', ... }:
let
nixGLPackage = inputs.nixgl.packages.${pkgs.stdenv.hostPlatform.system}.nixGLIntel;
noctaliaPkg = self'.packages.myNoctaliaNixGL;
terminalPkg = pkgs.ghostty;
myNiriUnwrapped = inputs.wrapper-modules.wrappers.niri.wrap {
inherit pkgs;
settings = {
spawn-at-startup = [
(lib.getExe noctaliaPkg)
];
xwayland-satellite.path = lib.getExe pkgs.xwayland-satellite;
input.keyboard.xkb.layout = "us,ua";
layout.gaps = 5;
binds = {
"Mod+Return".spawn-sh = lib.getExe terminalPkg;
# "Mod+Ctrl+Return".spawn-sh = "${lib.getExe noctaliaPkg} ipc call launcher toggle";
"Mod+Space".spawn-sh = "${lib.getExe noctaliaPkg} ipc call launcher toggle";
"Mod+B".spawn-sh = "${lib.getExe pkgs.brave}";
"Mod+E".spawn-sh = "xdg-open .";
"Mod+Alt+L".spawn-sh = "loginctl lock-session";
"Alt+F4".spawn-sh = "${lib.getExe' pkgs.coreutils "true"}";
"Mod+Shift+Q".close-window = { };
"Mod+S".spawn-sh = "${lib.getExe noctaliaPkg} ipc call launcher toggle";
"Mod+1".focus-workspace = 1;
"Mod+2".focus-workspace = 2;
"Mod+3".focus-workspace = 3;
"Mod+4".focus-workspace = 4;
"Mod+5".focus-workspace = 5;
"Mod+6".focus-workspace = 6;
"Mod+7".focus-workspace = 7;
"Mod+8".focus-workspace = 8;
"Mod+9".focus-workspace = 9;
"Mod+Tab".focus-workspace-previous = { };
# "Mod+WheelScrollDown".focus-workspace-down = { };
# "Mod+WheelScrollUp".focus-workspace-up = { };
# "Mod+Up".focus-window-up = { };
# "Mod+Down".focus-window-down = { };
"Mod+Up".focus-workspace-up = { };
"Mod+Down".focus-workspace-down = { };
"Mod+Left".focus-column-left = { };
"Mod+Right".focus-column-right = { };
"Mod+K".focus-window-up = { };
"Mod+J".focus-window-down = { };
"Mod+H".focus-column-left = { };
"Mod+L".focus-column-right = { };
"Mod+Home".focus-column-first = { };
"Mod+End".focus-column-last = { };
# "Mod+Shift+Left".focus-monitor-left = { };
# "Mod+Shift+Right".focus-monitor-right = { };
# "Mod+Shift+Up".focus-monitor-up = { };
# "Mod+Shift+Down".focus-monitor-down = { };
"Mod+Shift+1".move-column-to-workspace = 1;
"Mod+Shift+2".move-column-to-workspace = 2;
"Mod+Shift+3".move-column-to-workspace = 3;
"Mod+Shift+4".move-column-to-workspace = 4;
"Mod+Shift+5".move-column-to-workspace = 5;
"Mod+Shift+6".move-column-to-workspace = 6;
"Mod+Shift+7".move-column-to-workspace = 7;
"Mod+Shift+8".move-column-to-workspace = 8;
"Mod+Shift+9".move-column-to-workspace = 9;
"Mod+Ctrl+Up".move-window-up = { };
"Mod+Ctrl+Down".move-window-down = { };
"Mod+Ctrl+Left".move-column-left = { };
"Mod+Ctrl+Right".move-column-right = { };
"Mod+Ctrl+K".move-window-up = { };
"Mod+Ctrl+J".move-window-down = { };
"Mod+Ctrl+H".move-column-left = { };
"Mod+Ctrl+L".move-column-right = { };
"Mod+Ctrl+Home".move-column-to-first = { };
"Mod+Ctrl+End".move-column-to-last = { };
"Mod+Shift+Ctrl+Left".move-column-to-monitor-left = { };
"Mod+Shift+Ctrl+Right".move-column-to-monitor-right = { };
"Mod+Shift+Ctrl+Up".move-column-to-monitor-up = { };
"Mod+Shift+Ctrl+Down".move-column-to-monitor-down = { };
"Mod+Ctrl+F".expand-column-to-available-width = { };
"Mod+C".center-column = { };
"Mod+Ctrl+C".center-visible-columns = { };
"Mod+Minus".set-column-width = "-10%";
"Mod+Equal".set-column-width = "+10%";
"Mod+Shift+Minus".set-window-height = "-10%";
"Mod+Shift+Equal".set-window-height = "+10%";
"Mod+T".toggle-window-floating = { };
"Mod+F".fullscreen-window = { };
"Mod+W".toggle-column-tabbed-display = { };
"Mod+O".toggle-overview = { };
"Ctrl+Shift+1".screenshot = { };
"Ctrl+Shift+2".screenshot-screen = { };
"Ctrl+Shift+3".screenshot-window = { };
"Mod+Shift+Slash".show-hotkey-overlay = { };
"Mod+Escape".toggle-keyboard-shortcuts-inhibit = { };
"Mod+Shift+P".power-off-monitors = { };
"Ctrl+Alt+Delete".quit = { };
"Mod+WheelScrollRight".focus-column-right = { };
"Mod+WheelScrollLeft".focus-column-left = { };
"Mod+Ctrl+WheelScrollRight".move-column-right = { };
"Mod+Ctrl+WheelScrollLeft".move-column-left = { };
"Mod+Shift+WheelScrollDown".focus-column-right = { };
"Mod+Shift+WheelScrollUp".focus-column-left = { };
# "Mod+Ctrl+Shift+WheelScrollDown".move-column-right = { };
# "Mod+Ctrl+Shift+WheelScrollUp".move-column-left = { };
};
};
};
in {
packages.myNiri = myNiriUnwrapped;
packages.myNiriNixGL = pkgs.symlinkJoin {
name = "my-niri-nixgl";
paths = [ myNiriUnwrapped ];
nativeBuildInputs = [ pkgs.makeWrapper ];
meta.mainProgram = "niri";
postBuild = ''
for exe in "$out"/bin/*; do
if [[ -f "$exe" ]]; then
base="$(basename "$exe")"
mv "$exe" "$out/bin/.''${base}-real"
makeWrapper ${lib.getExe nixGLPackage} "$exe" \
--add-flags "$out/bin/.''${base}-real"
fi
done
'';
};
};
}
modules/features/nixos-base.nix
+58
View File
@@ -0,0 +1,58 @@
{ self, inputs, ... }: {
flake.modules.nixos.base = { config, pkgs, lib, ... }: {
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixpkgs.config = {
permittedInsecurePackages = [ "openssl-1.1.1w" ];
allowUnfree = true;
};
# Set your time zone.
time.timeZone = "US/Central";
# Select internationalisation properties.
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
};
fonts.packages = with pkgs; [
nerd-fonts.hack
nerd-fonts.sauce-code-pro
];
# Need for less pain-in-the-ass for doing normal-ish stuff
# This is needed for VSCode remote support. Read: https://nixos.wiki/wiki/Visual_Studio_Code
programs.nix-ld.enable = true;
# Configure network connections interactively with nmcli or nmtui.
networking.networkmanager.enable = true;
services.openssh.enable = true;
security.polkit.enable = true; # polkit
services.gnome.gnome-keyring.enable = true; # secret service
security.pam.services.swaylock = {};
# Enable sound with pipewire.
services.pulseaudio.enable = false;
security.rtkit.enable = true; # PulseAudio server uses this to acquire realtime priority.
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
};
};
}
modules/features/noctalia.nix
+34
View File
@@ -0,0 +1,34 @@
{ self, inputs, ... }: {
perSystem = { pkgs, lib, ... }:
let
nixGLPackage = inputs.nixgl.packages.${pkgs.stdenv.hostPlatform.system}.nixGLIntel;
myNoctaliaUnwrapped = inputs.wrapper-modules.wrappers.noctalia-shell.wrap {
inherit pkgs;
runtimePkgs = [
pkgs.qt6.qtwebsockets
];
# settings =
# (builtins.fromJSON
# (builtins.readFile ./noctalia.json)).settings;
};
in {
packages.myNoctalia = myNoctaliaUnwrapped;
packages.myNoctaliaNixGL = pkgs.symlinkJoin {
name = "my-noctalia-nixgl";
paths = [ myNoctaliaUnwrapped ];
nativeBuildInputs = [ pkgs.makeWrapper ];
meta.mainProgram = "noctalia-shell";
postBuild = ''
for exe in "$out"/bin/*; do
if [[ -f "$exe" ]]; then
base="$(basename "$exe")"
mv "$exe" "$out/bin/.''${base}-real"
makeWrapper ${lib.getExe nixGLPackage} "$exe" \
--add-flags "$out/bin/.''${base}-real"
fi
done
'';
};
};
}
modules/hosts/john-p14s/configuration.nix
+3 -67
View File
@@ -9,28 +9,16 @@
in
{
imports = [
self.modules.nixos.base
self.modules.nixos.p14sHardware
self.modules.nixos.onepassword
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixpkgs.config = {
permittedInsecurePackages = [ "openssl-1.1.1w" ];
allowUnfree = true;
};
rebuild.flakeDir = flakeDir;
networking = {
hostName = hostname;
networkmanager.enable = true;
};
# Enable automatic login for the user.
# services.displayManager.autoLogin.enable = true;
# services.displayManager.autoLogin.user = "john";
networking.hostname = hostname;
programs.zsh.enable = true;
services.openssh.enable = true;
services.tailscale.enable = true;
# List packages installed in system profile. To search, run:
@@ -45,18 +33,6 @@
security.pam.services.swaylock = {};
security.pam.services.swaylock.fprintAuth = true;
programs._1password.enable = true;
programs._1password-gui = {
enable = true;
# Certain features, including CLI integration and system authentication support,
# require enabling PolKit integration on some desktop environments (e.g. Plasma).
polkitPolicyOwners = [ "john" ];
# TODO this should not be a hardcoded username
};
# This is needed for VSCode remote support. Read: https://nixos.wiki/wiki/Visual_Studio_Code
programs.nix-ld.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
@@ -65,49 +41,9 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
# Set your time zone.
time.timeZone = "America/Chicago";
# Select internationalisation properties.
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
};
fonts.packages = with pkgs; [
nerd-fonts.hack
nerd-fonts.sauce-code-pro
];
services.libinput.enable = true; # Enable touchpad support (enabled default in most desktopManager).
services.fprintd.enable = true; # Enables fingerprint sensor
# Enable sound with pipewire.
services.pulseaudio.enable = false;
security.rtkit.enable = true; # PulseAudio server uses this to acquire realtime priority.
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
# media-session.enable = true;
};
home-manager.users.root = {
imports = with inputs.self.modules.homeManager; [
rebuild
modules/hosts/omen-nixos/configuration.nix
+123
View File
@@ -0,0 +1,123 @@
{ self, inputs, ... }: {
flake.modules.nixos.omen = { pkgs, lib, ... }: {
# import any other modules from here
imports = [
self.modules.nixos.omenHardware
self.modules.nixos.base
self.modules.nixos.greetd
self.modules.nixos.niri
self.modules.nixos.onepassword
self.modules.nixos.steam
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Use latest kernel.
boot.kernelPackages = pkgs.linuxPackages_latest;
networking.hostName = "nixos-omen"; # Define your hostname.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkb.options in tty.
# };
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# services.pulseaudio.enable = true;
# OR
# services.pipewire = {
# enable = true;
# pulse.enable = true;
# };
# Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# users.users.alice = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = with pkgs; [
# tree
# ];
# };
# programs.firefox.enable = true;
# List packages installed in system profile.
# You can use https://search.nixos.org/ to find more packages (and options).
environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget
git
micro
nh
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "26.05"; # Did you read the comment?
# ...
home-manager.users.john.imports = with inputs.self.modules.homeManager; [
desktop
# rebuild
{
my-vscode.enable = true;
}
];
};
}
modules/hosts/omen-nixos/default.nix
+8
View File
@@ -0,0 +1,8 @@
{ self, inputs, ... }: {
flake.nixosConfigurations.omen = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.modules.nixos.omen
self.modules.nixos.john
];
};
}
modules/hosts/omen-nixos/hardware.nix
+28
View File
@@ -0,0 +1,28 @@
{ self, inputs, ... }: {
flake.modules.nixos.omenHardware = { config, lib, pkgs, modulesPath, ... }: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/35f77d1a-346c-4c52-83b2-7d25e2ac9fe1";
fsType = "ext4";
};
"/mnt/shared" = {
device = "/dev/disk/by-uuid/216e8dca-170d-4377-bf1a-69b574e1778c";
fsType = "ext4";
};
};
swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
}
modules/nix-tools/user.nix
+1 -1
View File
@@ -26,7 +26,7 @@
group = username;
home = "/home/${username}";
shell = pkgs.zsh;
extraGroups = [ "input" "networkmanager" ]
extraGroups = [ "input" "networkmanager" "video" "render" ]
++ lib.optional isAdmin "wheel"
++ lib.optional config.virtualisation.docker.enable "docker"
++ lib.optional (isAdmin && config.services.forgejo.enable) config.services.forgejo.group
modules/programs/niri.nix
-28
View File
@@ -1,28 +0,0 @@
{ self, inputs, ... }: {
flake.modules.nixos.niri = { pkgs, lib, ... }: {
programs.niri = {
enable = true;
package = self.packages.${pkgs.stdenv.hostPlatform.system}.myNiri;
};
};
perSystem = { pkgs, lib, self', ... }: {
packages.myNiri = inputs.wrapper-modules.wrappers.niri.wrap {
inherit pkgs;
env.RUST_BACKTRACE = "full";
settings = {
spawn-at-startup = [
"${lib.getExe self'.packages.myNoctalia}"
];
xwayland-satellite.path = lib.getExe pkgs.xwayland-satellite;
input.keyboard.xkb.layout = "us,ua";
layout.gaps = 5;
binds = {
"Mod+Return".spawn-sh = lib.getExe pkgs.ghostty;
"Mod+Q".close-window = null;
"Mod+S".spawn-sh = "${lib.getExe self'.packages.myNoctalia} ipc call launcher toggle";
};
};
};
};
}
modules/programs/noctalia.nix
-8
View File
@@ -1,8 +0,0 @@
{ self, inputs, ... }: {
perSystem = { pkgs, ... }: {
packages.myNoctalia = inputs.wrapper-modules.wrappers.noctalia-shell.wrap {
inherit pkgs;
# settings = (builtins.fromJSON (builtins.readFile ./noctalia.json)).settings;
};
};
}
modules/programs/onepassword.nix
+11
View File
@@ -1,4 +1,15 @@
{ self, inputs, ... }: {
flake.modules.nixos.onepassword = { config, ... }: {
programs._1password.enable = true;
programs._1password-gui = {
enable = true;
# Certain features, including CLI integration and system authentication support,
# require enabling PolKit integration on some desktop environments (e.g. Plasma).
polkitPolicyOwners = [ "john" ];
# TODO this should not be a hardcoded username
};
};
flake.modules.homeManager.onepassword = { config, ... }: {
home.file.".config/1Password/ssh/agent.toml".text = ''
# https://developer.1password.com/docs/ssh/agent/config
modules/services/ssh.nix
+42 -50
View File
@@ -126,98 +126,90 @@ in
SetEnv TERM="xterm-256color"
'';
matchBlocks = lib.mkMerge [
settings = lib.mkMerge [
{
"john-pc-ubuntu" = {
hostname = "192.168.1.85";
HostName = "192.168.1.85";
};
"*" = lib.mkMerge [
{
user = "john";
identityAgent = "${config.home.homeDirectory}/.1password/agent.sock";
User = "john";
IdentityAgent = "${config.home.homeDirectory}/.1password/agent.sock";
compression = false;
serverAliveInterval = 0;
serverAliveCountMax = 3;
Compression = false;
ServerAliveInterval = 0;
ServerAliveCountMax = 3;
identitiesOnly = true;
inherit identityFile;
IdentitiesOnly = true;
IdentityFile = identityFile;
hashKnownHosts = false;
userKnownHostsFile = cfg.knownHostsFile;
HashKnownHosts = false;
UserKnownHostsFile = cfg.knownHostsFile;
addKeysToAgent = "yes";
forwardAgent = false;
AddKeysToAgent = "yes";
ForwardAgent = false;
}
(lib.mkIf cfg.certificates.enable { inherit certificateFile; })
(lib.mkIf cfg.certificates.enable { CertificateFile = certificateFile; })
];
}
(lib.mkIf cfg.matchSets.appdaemon {
"appdaemon" = {
hostname = "192.168.1.242";
user = "appdaemon";
HostName = "192.168.1.242";
User = "appdaemon";
};
"ad-nix" = {
hostname = "192.168.1.201";
user = "appdaemon";
HostName = "192.168.1.201";
User = "appdaemon";
};
})
(lib.mkIf cfg.matchSets.certs {
"janus" = {
hostname = "janus.john-stream.com";
user = "root";
HostName = "janus.john-stream.com";
User = "root";
};
"soteria" = {
hostname = "soteria.john-stream.com";
user = "john";
HostName = "soteria.john-stream.com";
User = "john";
};
})
(lib.mkIf cfg.matchSets.homelab {
"docs" = {
hostname = "192.168.1.110";
user = "root";
extraOptions = {
RequestTTY = "force";
RemoteCommand = "~/.nix-profile/bin/jsl-zsh";
};
HostName = "192.168.1.110";
User = "root";
RequestTTY = "force";
RemoteCommand = "~/.nix-profile/bin/jsl-zsh";
};
"gitea" = {
hostname = "192.168.1.104";
user = "john";
HostName = "192.168.1.104";
User = "john";
};
"hermes" = {
hostname = "192.168.1.150";
user = "root";
HostName = "192.168.1.150";
User = "root";
# Enabling this breaks the ability of Zed to install its remote stuff
# extraOptions = {
# RequestTTY = "force";
# RemoteCommand = "/root/.nix-profile/bin/jsl-zsh";
# };
# RequestTTY = "force";
# RemoteCommand = "/root/.nix-profile/bin/jsl-zsh";
};
"panoptes" = {
hostname = "192.168.1.107";
user = "panoptes";
HostName = "192.168.1.107";
User = "panoptes";
};
})
(lib.mkIf cfg.matchSets.dev {
"test-nix" = {
hostname = "fded:fb16:653e:25da:be24:11ff:fea0:753f";
user = "john";
extraOptions = {
RequestTTY = "auto";
# RemoteCommand = "/run/current-system/sw/bin/jsl-zsh";
};
HostName = "fded:fb16:653e:25da:be24:11ff:fea0:753f";
User = "john";
RequestTTY = "auto";
# RemoteCommand = "/run/current-system/sw/bin/jsl-zsh";
};
})
(lib.mkIf cfg.matchSets.tailscale {
"jdl-docker" = {
hostname = "jdl-docker.tailcf205.ts.net";
user = "john";
extraOptions = {
RequestTTY = "auto";
# RemoteCommand = "~/.nix-profile/bin/jsl-zsh";
};
HostName = "jdl-docker.tailcf205.ts.net";
User = "john";
RequestTTY = "auto";
# RemoteCommand = "~/.nix-profile/bin/jsl-zsh";
};
})
];