diff --git a/flake.nix b/flake.nix index 0b8faa7..6e2faa0 100644 --- a/flake.nix +++ b/flake.nix @@ -67,9 +67,9 @@ "speccon18" #default user [ ./hosts/creatorforge.nix - modules/services/docker.nix - modules/services/openssh.nix - modules/desktop/gui/gnome.nix + ./modules/services/docker.nix + ./modules/services/openssh.nix + ./modules/desktop/gui/gnome.nix ] #extra modules to load []; #extra modules to be loaded by home-manager creatorforge-framework = mkComputer @@ -79,9 +79,9 @@ nixos-hardware.nixosModules.framework-12th-gen-intel disko.nixosModules.disko ./hosts/creatorforge.nix - modules/services/docker.nix - modules/services/openssh.nix - modules/desktop/gui/gnome.nix + ./modules/services/docker.nix + ./modules/services/openssh.nix + ./modules/desktop/gui/gnome.nix ] #extra modules to load []; #extra modules to be loaded by home-manager diff --git a/modules/desktop/gui/gnome.nix b/modules/desktop/gui/gnome.nix new file mode 100644 index 0000000..89cf1e2 --- /dev/null +++ b/modules/desktop/gui/gnome.nix @@ -0,0 +1,38 @@ +{ config, pkgs, lib, ... }: +{ + # Gnome extensions + environment.systemPackages = with pkgs; [ + gnomeExtensions.dock-from-dash + gnomeExtensions.pop-shell + ]; + services = { + gnome = { + core-utilities.enable = false; + gnome-keyring.enable = true; + }; + + xserver = { + enable = true; + layout = "us"; + xkbVariant = ""; + displayManager = { + gdm = { + enable = true; + wayland = true; + }; + defaultSession = lib.mkDefault "gnome"; + }; + desktopManager = { + xterm.enable = lib.mkForce false; + gnome.enable = lib.mkDefault true; + }; + }; + }; + + programs = { + xwayland.enable = lib.mkDefault true; + }; + + xdg.portal = { enable = lib.mkDefault true; }; + +} diff --git a/modules/desktop/gui/wayfire.nix b/modules/desktop/gui/wayfire.nix new file mode 100644 index 0000000..3373d70 --- /dev/null +++ b/modules/desktop/gui/wayfire.nix @@ -0,0 +1,6 @@ +{ config, pkgs, lib, ... }: +{ + environment.systemPackages = with pkgs; [ + inputs.nixpkgs-wayland.packages.${system}.wayfire-unstable + ]; +} \ No newline at end of file diff --git a/modules/disko/luks-lvm.nix b/modules/disko/luks-lvm.nix new file mode 100644 index 0000000..f199b10 --- /dev/null +++ b/modules/disko/luks-lvm.nix @@ -0,0 +1,83 @@ +{ disks ? [ "/dev/nvme0n1" ], ... }: { + disk = { + disk-0 = { + type = "disk"; + device = builtins.elemAt disks 0; + content = { + type = "table"; + format = "gpt"; + partitions = [ + { + type = "partition"; + name = "ESP"; + start = "1MiB"; + end = "2g"; + bootable = true; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ + "defaults" + ]; + }; + } + { + name = "swap"; + type = "partition"; + start = "2G"; + end = "40G"; + part-type = "primary"; + content = { + type = "swap"; + randomEncryption = true; + }; + } + { + type = "partition"; + name = "luks"; + start = "40G"; + end = "100%"; + content = { + type = "luks"; + name = "crypted"; + extraOpenArgs = [ "--allow-discards" ]; + content = { + type = "lvm_pv"; + vg = "pool"; + }; + }; + } + ]; + }; + }; + }; + lvm_vg = { + pool = { + type = "lvm_vg"; + lvs = { + root = { + type = "lvm_lv"; + size = "128G"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ + "defaults" + ]; + }; + }; + home = { + type = "lvm_lv"; + size = "25G"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/home"; + }; + }; + }; + }; + }; +} diff --git a/modules/services/docker.nix b/modules/services/docker.nix new file mode 100644 index 0000000..6f9acf0 --- /dev/null +++ b/modules/services/docker.nix @@ -0,0 +1,11 @@ +{ config, pkgs, lib, ... }: +{ + virtualisation.docker = { + enable = true; + liveRestore = false; + autoPrune.enable = true; + }; + + # But allow docker containers to access the local machine + networking.firewall.trustedInterfaces = [ "docker0" ]; +} \ No newline at end of file diff --git a/modules/services/openssh.nix b/modules/services/openssh.nix new file mode 100644 index 0000000..abdd037 --- /dev/null +++ b/modules/services/openssh.nix @@ -0,0 +1,19 @@ +{ config, pkgs, lib, ... }: + +{ + services.openssh = lib.mkDefault { + enable = true; + openFirewall = true; + #settings = lib.mkDefault { + passwordAuthentication = false; + permitRootLogin = "no"; + kbdInteractiveAuthentication = false; + #}; + startWhenNeeded = true; + kexAlgorithms = [ "curve25519-sha256@libssh.org" ]; + }; + security.pam = lib.mkDefault { + enableSSHAgentAuth = true; + services.sudo.sshAgentAuth = true; + }; +} \ No newline at end of file diff --git a/modules/services/pipewire.nix b/modules/services/pipewire.nix new file mode 100644 index 0000000..9481f9b --- /dev/null +++ b/modules/services/pipewire.nix @@ -0,0 +1,17 @@ +# https://nixos.wiki/wiki/PipeWire +{ config, pkgs, lib, ... }: +{ + # Remove sound.enable or turn it off if you had it set previously, it seems to cause conflicts with pipewire + #sound.enable = false; + # rtkit is optional but recommended + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa = { + enable = true; + support32Bit = true; + }; + pulse.enable = true; + jack.enable = true; + }; +} \ No newline at end of file diff --git a/users/arouzing/default.nix b/users/arouzing/default.nix new file mode 100644 index 0000000..a4510ef --- /dev/null +++ b/users/arouzing/default.nix @@ -0,0 +1,12 @@ +{ config, pkgs, lib, ... }: +{ + users.users.arouzing = { + isNormalUser = true; + initialHashedPassword = "$6$tucSnzN8mqHQo/Fd$Q/RtaTpoXN0xnlLAFy6ohWWYuTYd54CXaCrocV1vgFRQVuONga1LyzwdJ0vXa.NT6MRcO7IXNQ3YeURJsSdP61"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJAGm66rJsr8vjRCYDkH4lEPncPq27o6BHzpmRmkzOiM" + ]; + description = "admin"; + extraGroups = [ "wheel" "docker" ]; + }; +} \ No newline at end of file diff --git a/users/speccon18/default.nix b/users/speccon18/default.nix new file mode 100644 index 0000000..dee8fe8 --- /dev/null +++ b/users/speccon18/default.nix @@ -0,0 +1,14 @@ +{ config, pkgs, lib, ... }: +{ + users.users.speccon18 = { + shell = pkgs.zsh; + isNormalUser = true; + initialHashedPassword = "$y$j9T$RdLBHOvUpb17egl0d16LT/$3Y2RD/tT1IZ0nkfAR13pp3IzBjvKLRgGpDPLobUeO23"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdigmndcdQD/864P059K2hZOXyEkbGvMkH0/b2QavkD speccon18@creatorforge" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPc1AQ6hcjdSZZuhS5SISwtulFoTLpC5f5JoMFQkZ5l2 specCon18@DESKTOP-Q1I2PAE" + ]; + description = "admin"; + extraGroups = [ "wheel" "docker" ]; + }; +} \ No newline at end of file diff --git a/users/speccon18/home.nix b/users/speccon18/home.nix new file mode 100644 index 0000000..2f7f3fe --- /dev/null +++ b/users/speccon18/home.nix @@ -0,0 +1,124 @@ +{ pkgs, config, ... }: { +#Home manager configuration +imports = [ ./../../home ./../../home/nixos ]; + + home = { + username = "speccon18"; + homeDirectory = "/home/speccon18"; + stateVersion = "22.11"; + packages = with pkgs; [ + nushell + firefox + discord + nodejs-18_x + spotify + nerdfonts + fira-code + libreoffice + asciinema + postman + gimp + rustup + neofetch + vlc + remmina + signal-desktop + starship + alacritty + uutils-coreutils + ]; + }; + + + programs = { + nushell = { + enable = true; + }; + starship = { + enable = true; + enableZshIntegration = true; + enableNushellIntegration = true; + }; + zsh = { + enable = lib.mkDefault true; + dotDir = ".config/zsh"; + history = { + path = "$ZDOTDIR/.zsh_history"; + save = 10000000; + }; + }; + direnv = { + enable = true; + enableZshIntegration = lib.mkDefault true; + enableNushellIntegration = true; + }; + home-manager = { + enable = true; + }; + vscode = { + enable = true; + package = pkgs.vscode.fhs; + enableExtensionUpdateCheck = true; + enableUpdateCheck = false; + extensions = [ +# "tlahmann.alex-linter" +# "astro-build.astro-vscode" +# "aaron-bond.better-comments" +# "bungcip.better-toml" +# "antfu.browse-lite" +# "firefox-devtools.vscode-firefox-debug" +# "ms-vscode-remote.remote-containers" +# "ms-azuretools.vscode-docker" +# "editorconfig.editorconfig" +# "dbaeumer.vscode-eslint" +# "donjayamanne.githistory" +# "felipecaputo.git-project-manager" +# "github.copilot" +# "eamodio.gitlens" +# "graphql.vscode-graphql" +# "graphql.vscode-graphql-syntax" +# "oderwat.indent-rainbow" +# "skellock.just" +# "monokai.theme-monokai-pro-vscode" +# "bbenoist.nix" +# "jnoortheen.nix-ide" +# "christian-kohler.path-intellisense" +# "csstools.postcss" +# "esbenp.prettier-vscode" +# "ms-vscode-remote.remote-ssh" +# "ms-vscode-remote.remote-ssh-edit" +# "ms-vscode.remote-server" +# "ms-vscode-remote.vscode-remote-extensionpack" +# "ms-vscode.remote-explorer" +# "rust-lang.rust-analyzer" +# "rhalaly.scope-to-this" +# "svelte.svelte-vscode" +# "bradlc.vscode-tailwindcss" +# "tauri-apps.tauri-vscode" +# "antfu.vite" +# "zixuanchen.vitest-explorer" +# "vscode-icons-team.vscode-icons" +# "thenuprojectcontributors.vscode-nushell-lang" +# "ms-vscode-remote.remote-wsl" +# "redhat.vscode-yaml" + ]; + }; + git = { + enable = true; + userName = "specCon18"; + userEmail = "steven.carpenter@skdevstudios.com"; + # delta.enable = true; + extraConfig = { + init = { + defaultBranch = "main"; + }; + }; + }; + }; + + dconf.settings = { + "org/gnome/mutter" = { + experimental-features = [ "x11-randr-fractional-scaling" ]; + }; + }; +}