wayne/system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Misnux added.

Browse Source
This commit is contained in:
wayne 2024-11-29 15:31:17 -08:00
parent b7006e904d
commit b73c284d65
21 changed files with 578 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
configuration.nix
View File

@ -1,5 +1,5 @@
# NixOS's declarative configuration calculates which software packages need to be installed and then soft-links the storage paths of these packages in the Nix Store to /run/current-system, and by modifying environment variables like PATH
{ lib, config, pkgs, zen-browser, hyprland, inputs, agenix, ... }:
{ lib, config, pkgs, zen-browser, hyprland, inputs, agenix, pkgs-unstable, ... }:
let
unstable = import <nixpkgs> {
overlays = pkgs.overlays;
@ -11,10 +11,12 @@ in
./environment.nix
./hardware-configuration.nix
# (import ./modules/containers.nix { inherit pkgs inputs config lib pkgs-unstable ;})
./modules/containers.nix
./modules/display.nix
./modules/files.nix
./modules/fonts.nix
./modules/musnix.nix
./modules/network.nix
./modules/nix.nix
# ./modules/qt.nix
@ -41,6 +43,18 @@ in
};
wantedBy = [ "multi-user.target" ];
};
systemd.services.logid = {
description = "Logitech Configuration Daemon";
startLimitIntervalSec = 0;
after = [ "multi-user.target" ];
wants = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "/run/current-system/sw/bin/logid";
User = "root";
};
wantedBy = [ "multi-user.target" ];
};
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
@ -169,19 +183,19 @@ in
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
# wireplumber.enable = true;
};
hardware.openrgb = {
enable = true;
package = pkgs.openrgb-with-all-plugins;
motherboard = "intel";
server.port = 6742;
};
# hardware.openrgb = {
# enable = false;
# package = pkgs.openrgb-with-all-plugins;
# motherboard = "intel";
# server.port = 6742;
# };
};
# List packages installed in system profile. To search, run:
@ -197,7 +211,7 @@ in
})
vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget git sshfs
pciutils
pciutils usbutils
zsh
cryptsetup agenix.packages.x86_64-linux.default
@ -222,8 +236,10 @@ in
# steam-run
lxqt.pavucontrol-qt
openrgb-with-all-plugins i2c-tools
i2c-tools
android-udev-rules
logiops
];
system.stateVersion = "24.05"; # Did you read the comment?
}

14
environment.nix
View File

@ -1,4 +1,4 @@
{ ... }:
{ config, ... }:
{
# Set your time zone.
time.timeZone = "America/Los_Angeles";
@ -27,8 +27,8 @@
XDG_CURRENT_DESKTOP = "Hyprland";
XDG_SESSION_DESKTOP = "Hyprland";
XDG_SESSION_TYPE = "wayland";
XDG_DATA_HOME = "$HOME/.local/share";
GDK_BACKEND = "wayland";
XDG_DATA_HOME = "~/.local/share";
# GDK_BACKEND = "wayland";
GTK_USE_PORTAL = "1";
QT_QPA_PLATFORM = "wayland;xcb";
@ -50,5 +50,13 @@
__GLX_VENDOR_LIBRARY_NAME = "nvidia";
# QT_LOGGING_RULES="*.debug=true";
# Stolen from Plasma
KPACKAGE_DEP_RESOLVERS_PATH="/nix/store/219bis5qbxz1i66qgc0l8g8qr6nn7c5m-frameworkintegration-6.7.0/libexec/kf6/kpackagehandlers";
QT_PLUGIN_PATH="/home/wayne/.nix-profile/lib/qt-5.15.15/plugins:/home/wayne/.nix-profile/lib/qt-6/plugins:/nix/profile/lib/qt-5.15.15/plugins:/nix/profile/lib/qt-6/plugins:/home/wayne/.local/state/nix/profile/lib/qt-5.15.15/plugins:/home/wayne/.local/state/nix/profile/lib/qt-6/plugins:/etc/profiles/per-user/wayne/lib/qt-5.15.15/plugins:/etc/profiles/per-user/wayne/lib/qt-6/plugins:/nix/var/nix/profiles/default/lib/qt-5.15.15/plugins:/nix/var/nix/profiles/default/lib/qt-6/plugins:/run/current-system/sw/lib/qt-5.15.15/plugins:/run/current-system/sw/lib/qt-6/plugins";
};
# environment.etc = {
# "pipewire.conf.d/rt.conf".source = ./pipewire.conf.d/rt.conf;
# };
}

95
flake.lock generated
View File

@ -26,11 +26,11 @@
"fromYaml": "fromYaml"
},
"locked": {
"lastModified": 1721224776,
"narHash": "sha256-iakVQHg2DSmdOc5dNBwrDt9JLRxX5MT+IIbxfZEpGdo=",
"lastModified": 1732200724,
"narHash": "sha256-+R1BH5wHhfnycySb7Sy5KbYEaTJZWm1h+LW1OtyhiTs=",
"owner": "SenchoPens",
"repo": "base16.nix",
"rev": "c89c8123310257f3ddc04cc59aa4b5573c6d515f",
"rev": "153d52373b0fb2d343592871009a286ec8837aec",
"type": "github"
},
"original": {
@ -58,11 +58,11 @@
"base16-vim": {
"flake": false,
"locked": {
"lastModified": 1728589662,
"narHash": "sha256-rujJnzPRpeQWd0bP4pOa7cG5GswX4uwLBQzuhDFrdRs=",
"lastModified": 1731949548,
"narHash": "sha256-XIDexXM66sSh5j/x70e054BnUsviibUShW7XhbDGhYo=",
"owner": "tinted-theming",
"repo": "base16-vim",
"rev": "24d384a064d09a20eca7e78a0bfe1fb302c0eb99",
"rev": "61165b1632409bd55e530f3dbdd4477f011cadc6",
"type": "github"
},
"original": {
@ -114,11 +114,11 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
@ -130,11 +130,11 @@
"fromYaml": {
"flake": false,
"locked": {
"lastModified": 1721222302,
"narHash": "sha256-5vL4w9+tS9yd8WpIiDUtxN1IuxCVK2nebZMs/hCXXis=",
"lastModified": 1731966426,
"narHash": "sha256-lq95WydhbUTWig/JpqiB7oViTcHFP8Lv41IGtayokA8=",
"owner": "SenchoPens",
"repo": "fromYaml",
"rev": "93bad85d1633b8b27287b438c0bd394094c24d06",
"rev": "106af9e2f715e2d828df706c386a685698f3223b",
"type": "github"
},
"original": {
@ -200,6 +200,24 @@
"type": "github"
}
},
"musnix": {
"inputs": {
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1732661062,
"narHash": "sha256-E8mk/P0wUpHXy7tDQqUzbpa9IJoN/DmA1a6iFBuXqgI=",
"owner": "musnix",
"repo": "musnix",
"rev": "629dcc6010365cfd268702065c2f8149ae19ea02",
"type": "github"
},
"original": {
"owner": "musnix",
"repo": "musnix",
"type": "github"
}
},
"nix-colors": {
"inputs": {
"base16-schemes": "base16-schemes",
@ -252,11 +270,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1728492678,
"narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=",
"lastModified": 1732014248,
"narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7",
"rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
"type": "github"
},
"original": {
@ -268,11 +286,27 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1728740863,
"narHash": "sha256-u+rxA79a0lyhG+u+oPBRtTDtzz8kvkc9a6SWSt9ekVc=",
"lastModified": 1732014248,
"narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1731797254,
"narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "a3f9ad65a0bf298ed5847629a57808b97e6e8077",
"rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59",
"type": "github"
},
"original": {
@ -282,13 +316,13 @@
"type": "github"
}
},
"nixpkgs_3": {
"nixpkgs_4": {
"locked": {
"lastModified": 1730200266,
"narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=",
"lastModified": 1732521221,
"narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd",
"rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
"type": "github"
},
"original": {
@ -307,8 +341,9 @@
"flake-utils": "flake-utils",
"home-manager": "home-manager_2",
"legacy": "legacy",
"musnix": "musnix",
"nix-colors": "nix-colors",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable",
"tt-schemes": "tt-schemes",
"zen-browser": "zen-browser"
@ -347,11 +382,11 @@
"tt-schemes": {
"flake": false,
"locked": {
"lastModified": 1727294262,
"narHash": "sha256-UCRGabAyj8+RFkKdSZBR8BPE6yLM3rPpdxXHmwd9rZ0=",
"lastModified": 1731411556,
"narHash": "sha256-Tp1BpaF5qRav7O2TsSGjCfgRzhiasu4IuwROR66gz1o=",
"owner": "tinted-theming",
"repo": "schemes",
"rev": "b3273211d5d1510aee669083fc5a1e0e4b5e310c",
"rev": "61058a8d2e2bd4482b53d57a68feb56cdb991f0b",
"type": "github"
},
"original": {
@ -362,14 +397,14 @@
},
"zen-browser": {
"inputs": {
"nixpkgs": "nixpkgs_3"
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1730444716,
"narHash": "sha256-WtqSpYQyG5ad+GK7B0ViDSl0NolHp7yM24TacUslBXE=",
"lastModified": 1732835488,
"narHash": "sha256-r1nomBVEMO4I0y3pMfqLletQxKak5xfpk9DhlO1AsuI=",
"owner": "ch4og",
"repo": "zen-browser-flake",
"rev": "d3c639ee7bff20f799f443e18fffa6331a71cd3a",
"rev": "d8fbf602685f5cf2a6475eaf20595a6dc6628891",
"type": "github"
},
"original": {

34
flake.nix
View File

@ -18,6 +18,9 @@
flake = false;
};
# nix-ld.url = "github:Mic92/nix-ld";
# nix-ld.inputs.nixpkgs.follows = "nixpkgs";
base16.url = "github:SenchoPens/base16.nix";
nix-colors.url = "github:misterio77/nix-colors";
tt-schemes = {
@ -44,12 +47,31 @@
# inputs.nixpkgs.follows = "nixpkgs";
# };
agenix.url = "github:ryantm/agenix";
musnix.url = "github:musnix/musnix";
};
outputs = { self, nixpkgs, legacy, home-manager, flake-utils, flake-compat, zen-browser, nix-colors, base16, agenix, ... } @ inputs:
outputs = {
self,
nixpkgs,
nixpkgs-unstable,
legacy,
home-manager,
flake-utils,
flake-compat,
zen-browser,
nix-colors,
base16,
agenix,
# nix-ld,
musnix,
...
} @ inputs:
let
inherit (self) outputs;
system = "x86_64-linux";
lib = nixpkgs.lib; # Import lib here explicitly from nixpkgs
systems = [
"aarch64-linux"
"i686-linux"
@ -84,8 +106,15 @@
specialArgs = {inherit inputs outputs systemSettings userSettings lib agenix ;};
modules = [
# kmonad.nixosModules.default
./configuration.nix
musnix.nixosModules.musnix
agenix.nixosModules.default
./configuration.nix
# nix-ld.nixosModules.nix-ld
# https://github.com/nix-community/nix-ld
# The module in this repository defines a new module under (programs.nix-ld.dev) instead of (programs.nix-ld)
# to not collide with the nixpkgs version.
# { programs.nix-ld.dev.enable = true; }
];
};
};
@ -102,7 +131,6 @@
# import `theming.nix`, we will write it in the next, final, step
# ./theming.nix
./hm/home.nix
];
};
};

4
hardware-configuration.nix
View File

@ -26,8 +26,12 @@
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ "i2c-dev" "i2c-piix4" ];
boot.kernel.sysctl."net.ipv6.conf.enp4s0.disable_ipv6" = true;
boot.kernel.sysctl."net.ipv6.conf.wlp5s0.disable_ipv6" = true;
boot.kernel.sysctl."net.ipv6.conf.br0.disable_ipv6" = true;
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
# boot.kernelPackages = pkgs.linuxKernel.kernels.linux_6_12;
fileSystems."/" =
{ device = "/dev/disk/by-uuid/34b5e875-d066-49f9-9809-7a68d93406b3";

25
hm/home.nix
View File

@ -13,6 +13,7 @@ let
version = "lsb_release -cs";
cpu-speed = "cat /proc/cpuinfo | grep 'cpu MHz'";
update = "sudo apt update && sudo apt upgrade -y && sudo apt autoremove -y";
nixFlakeUpdate = "nix flake update";
listServices = "systemctl list-units --all --type=service --no-pager";
listUserServices = "systemctl list-units --all --type=service --no-pager --user";
listGenerations = "sudo nix-env -p /nix/var/nix/profiles/system --list-generations";
@ -34,7 +35,7 @@ let
updateChannel="nix-channel --update nixos";
nixOptimize="nix-store --optimise";
mkhome="cd ~/system && home-manager switch --flake .";
buildsys="cd ~/system && sudo nixos-rebuild switch --flake \\'.#\\'";
buildsys="cd ~/system && sudo nixos-rebuild switch --flake \\'.\\#\\'";
get256="nix-prefetch-url --type sha256 $1";
remapKeys="input-remapper-control --command autoload";
@ -87,7 +88,7 @@ let
unstablePkgs = import (
fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz";
sha256 = "0p3ry8x72cl572fs1c47h9y3s045p4aq71wpblzdi4dfqx3z2i7m";
sha256 = "0z9jlamk8krq097a375qqhyj7ljzb6nlqh652rl4s00p2mf60f6r";
})
{
# config = config.nixpkgs.config;
@ -117,7 +118,7 @@ in
# (import ../pkgs/lang/python/python-packages.nix { pkgs = pkgs; })
# (import ../pkgs/app/editor/nvim.nix { pkgs = pkgs; })
# (import ../pkgs/app/terminal/alacritty.nix { pkgs = pkgs; })
(import ../pkgs/app/audio/mopidy.nix { inherit pkgs; })
# (import ../pkgs/app/audio/mopidy.nix { inherit pkgs; })
];
nixpkgs = {
@ -134,7 +135,7 @@ in
sessionVariables = {
EDITOR = userSettings.editor;
TERM = userSettings.term;
PYTHONPATH = "${pkgs.mopidy}/lib/python3.11/site-packages:${pkgs.mopidy-tidal}/lib/python3.11/site-packages:${pkgs.mopidy-musicbox-webclient}/lib/python3.11/site-packages";
# PYTHONPATH = "${pkgs.mopidy}/lib/python3.11/site-packages:${pkgs.mopidy-tidal}/lib/python3.11/site-packages:${pkgs.mopidy-musicbox-webclient}/lib/python3.11/site-packages";
};
};
fonts.fontconfig.enable = true;
@ -150,17 +151,27 @@ in
appimage-run
nerdfonts ubuntu_font_family
doublecmd
doublecmd filezilla
# pentablet-flake
libreoffice
bottles-unwrapped
unstablePkgs.bottles winePackages.wayland
] ++ (import ./pkgs { inherit unstablePkgs pkgs system zen-browser; });
programs = {
home-manager.enable = true;
vscode.enable = true;
ripgrep.enable = true;
vscode = {
enable = true;
extensions = with pkgs.vscode-extensions; [
devsense.profiler-php-vscode
devsense.phptools-vscode
devsense.composer-php-vscode
xdebug.php-debug
firefox-devtools.vscode-firefox-debug
bbenoist.nix
];
};
};
services = {

12
hm/modules/hypr.nix
View File

@ -235,27 +235,27 @@
}
#lock {
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/lock.svg"));
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/assets/lock.svg"));
}
#logout {
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/logout.svg"));
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/assets/logout.svg"));
}
#suspend {
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/suspend.svg"));
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/assets/suspend.svg"));
}
#hibernate {
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/hibernate.svg"));
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/assets/hibernate.svg"));
}
#shutdown {
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/shutdown.svg"));
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/assets/shutdown.svg"));
}
#reboot {
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/reboot.svg"));
background-image: image(url("${config.home.homeDirectory}/.local/share/wlogout/assets/reboot.svg"));
}
'';
};

2
hm/pkgs/creative-packages.nix
View File

@ -5,5 +5,5 @@ with pkgs;
inkscape
blender
gimp-with-plugins
reaper
reaper yabridge yabridgectl
]

5
hm/pkgs/gramming-packages.nix
View File

@ -1,6 +1,11 @@
{ pkgs, ... }:
with pkgs;
[
# (vscode-with-extensions.override {
# vscodeExtensions = with vscode-extensions; [
# devsense.profiler-php-vscode devsense.phptools-vscode devsense.composer-php-vscode
# ];
# })
# IDE's
sublime3 vscode # vscode.languages.web vscode.languages.python vscode.languages.nix vscode.languages.bash
typora obsidian obsidian-export # vimPlugins.obsidian-nvim

2
hm/pkgs/inet-packages.nix
View File

@ -17,7 +17,7 @@ with pkgs;
# Mail
mailspring
betterbird
# betterbird
# Cloud/Remote
restic

6
hm/pkgs/theme-packages.nix
View File

@ -2,8 +2,8 @@
with pkgs;
[
(unstablePkgs.catppuccin-kvantum.override {
accent = "Blue";
variant = "Macchiato";
accent = "blue";
variant = "macchiato";
})
qt5.qtwayland qt6.qtwayland
@ -18,4 +18,4 @@ with pkgs;
nordzy-icon-theme nordzy-cursor-theme
# hyprcursor nordzy-icon-theme
nordic
]
]

1
hm/pkgs/wm-packages.nix
View File

@ -13,4 +13,5 @@ with pkgs;
xorg.xrandr
dconf
polycat
adwaita-qt adwaita-qt6 gnome.adwaita-icon-theme
]

377
modules/containers.nix
View File

@ -3,18 +3,22 @@
# edit secrets file
# agenix -e secret.age
{ inputs, config, lib, pkgs, ... }:
{ inputs, config, lib, pkgs, pkgs-unstable, ... }:
{
containers = {
nextcloud = {
privateNetwork = true;
# hostAddress = "192.168.12.40";
hostAddress = "192.168.12.40";
localAddress = "192.168.12.71/24";
hostBridge = "br0";
autoStart = true;
autoStart = false;
bindMounts = {
"/etc/ssh/ssh_host_ed25519_key".isReadOnly = true;
"/var/www" = {
hostPath = "/home/wayne/dev/whd";
isReadOnly = false;
};
};
config = { config, pkgs, ... }:
@ -87,7 +91,7 @@
};
livebook = {
autoStart = true;
autoStart = false;
privateNetwork = true;
hostBridge = "br0";
localAddress = "192.168.12.72/24";
@ -127,7 +131,7 @@
};
grocy = {
autoStart = true;
autoStart = false;
privateNetwork = true;
hostBridge = "br0";
localAddress = "192.168.12.73/24";
@ -182,7 +186,7 @@
};
onlyoffice = {
autoStart = true;
autoStart = false;
privateNetwork = true;
hostBridge = "br0";
localAddress = "192.168.12.74/24";
@ -226,34 +230,345 @@
};
};
# template = {
# autoStart = true;
# privateNetwork = true;
# hostBridge = "br0";
# localAddress = "192.168.12.73/24";
# bindMounts = {
# "/etc/ssh/ssh_host_ed25519_key".isReadOnly = true;
# };
laravel = {
privateNetwork = true;
hostAddress = "192.168.12.40";
localAddress = "192.168.12.75/24";
hostBridge = "br0";
autoStart = false;
bindMounts = {
"/var/www" = {
hostPath = "/home/wayne/dev/laravel";
isReadOnly = false;
};
};
# config = { config, pkgs, ... }:
# {
# networking.firewall.allowedTCPPorts = [ 80 ];
# imports = [ inputs.agenix.nixosModules.default ];
config = { config, pkgs, ... }:
{
networking.firewall = {
enable = false;
allowedTCPPorts = [ 80 5173 ];
allowedTCPPortRanges = [ { from = 8000; to = 9000; } ];
# allowedUDPPorts = [ 53 ];
};
networking = {
enableIPv6 = false;
extraHosts = ''
140.82.116.6 api.github.com
'';
};
# age = {
# identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
# secrets."whayes" = {
# file = ../secrets/whayes.age;
# mode = "770";
# owner = "wayne";
# group = "wayne";
# };
# };
# services.name = { ... };
# imports = [ inputs.agenix.nixosModules.default ];
# system.stateVersion = "24.05";
# };
# };
# age = {
# identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
# secrets."laravel" = {
# file = ../secrets/laravel.age;
# mode = "770";
# owner = "laravel";
# group = "laravel";
# };
# };
services.nginx = {
enable = false;
package = pkgs.nginx;
# user = "www-data";
virtualHosts.localhost = {
root = "/var/www/site";
locations."~ \\.php$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket};
fastcgi_index index.php;
'';
locations."/robots.txt" = {
extraConfig = ''
rewrite ^/(.*) $1;
return 200 "User-agent: *\nDisallow: /";
'';
};
};
};
services.mysql = {
enable = true;
package = pkgs.mariadb;
user = "mysql";
# configFile = '''';
};
services.phpfpm = {
phpPackage = pkgs.php83;
pools.mypool = {
user = "nobody";
settings = {
"pm" = "dynamic";
"listen.owner" = config.services.nginx.user;
"pm.max_children" = 5;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 1;
"pm.max_spare_servers" = 3;
"pm.max_requests" = 500;
};
};
};
# programs.zsh.enable = true;
users = {
groups = {
www-data = {};
mysql = {};
};
users = {
wayne = {
isNormalUser = true;
description = "Wayne Hayes";
extraGroups = [ "networkmanager" "wheel" "wayne" "www-data" "nginx" ];
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6q75AXShVjzWerPFU3l0YXIKViNF4eyragL+RQIRwdNDMzW34GgxFhtyLsmRB2jsykf4gx76zSyJoii0K4uhS761w5oDXz9mqHnBzJutDTyltLyfgLsFKY8V2sOtSracWx4y6QrtmBR3MKV642kg5mufVEmCMVxBU9oVpIOJUSW+XNYBawaSkl5SjDMLI7flj0v9Hb2dZqjQigDM1+UHxTzcMoZnR6hAzoZpPNMGyZXtrgEotNywNdpxCqRV9T/KvKHSIVYc1umiDXc+5fyRo9v7CzvYY3MvRKWbgUfTVQRmR2kqwsGAsV5W+PEUb8qqmTjPVXusKxKlpGgYfsvIZOv0LgOvQMemga8psFIS9F4YQ1xuc092bKi1LteC+ZlabMLRMux6Wbhjci+v9wnLfTyBQc6wr3wDFJoELKyaLnI7Cn0KHn0k+BiYCCr2TjKrz9XztL490vprYtvVumNFZ3rxewGnZSn/2czaFfQgnXt+9xQGWWo9TJGE5jq1jThnsIbH3G9JIQ1WhomMq6DDRhGMX2ZKDk/M9/fk0XN5nvQyJNmbiHy5srW/VANx8R9jjsVkvX29MXeK6dzpR4ImywXggpYMeHB6moy06cJUu5WoR8aLS/rO5LbZM2j14AMQ2ZK79QfUJSdloA1/HHlmnx7YtzZOebD6BCR7xgasGRw== wayne"];
packages = with pkgs; [];
# shell = pkgs.zsh;
};
};
};
environment.systemPackages = with pkgs; [
php83 php83Packages.composer nodejs_22 vim git
];
system.stateVersion = "24.05";
};
};
mailpit = {
privateNetwork = true;
hostAddress = "192.168.12.40";
localAddress = "192.168.12.76/24";
hostBridge = "br0";
autoStart = false;
# bindMounts = {
# "/var/www" = {
# hostPath = "/home/wayne/dev/laravel";
# isReadOnly = false;
# };
# };
config = { config, pkgs, pkgs-unstable, ... }:
{
networking.firewall = {
enable = false;
allowedTCPPorts = [ 1025 8025 ];
};
networking = {
enableIPv6 = false;
};
# imports = [ inputs.agenix.nixosModules.default ];
# age = {
# identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
# secrets."laravel" = {
# file = ../secrets/laravel.age;
# mode = "770";
# owner = "laravel";
# group = "laravel";
# };
# };
services.nginx = {
enable = false;
package = pkgs.nginx;
# user = "www-data";
virtualHosts.localhost = {
root = "/var/www/site";
locations."~ \\.php$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket};
fastcgi_index index.php;
'';
locations."/robots.txt" = {
extraConfig = ''
rewrite ^/(.*) $1;
return 200 "User-agent: *\nDisallow: /";
'';
};
};
};
# services.mailpit = {
# instances = {
# vmail = {
# max = 100;
# smtp = "127.0.0.1:1025";
# listen = "127.0.0.1:8025";
# database = "mailpit.db";
# };
# };
# };
_module.args.pkgs-unstable = import inputs.nixpkgs-unstable {
inherit (pkgs.stdenv.hostPlatform) system;
inherit (config.nixpkgs) config;
};
environment.systemPackages =
(with pkgs; [
vim
])
++
(with pkgs-unstable; [
mailpit
]);
system.stateVersion = "24.11";
};
};
webserver = {
privateNetwork = true;
hostAddress = "192.168.12.40";
localAddress = "192.168.12.76/24";
hostBridge = "br0";
autoStart = false;
bindMounts = {
"/var/www" = {
hostPath = "/home/wayne/dev/whd/live";
isReadOnly = false;
};
};
# Testing to see if this even works
# forwardPorts = [
# { hostPort = 8080; containerPort = 80; protocol = "tcp";}
# { hostPort = 2222; containerPort = 22; protocol = "tcp";}
# ];
config = { config, pkgs, pkgs-unstable, ... }:
{
networking.firewall = {
enable = true;
allowedTCPPorts = [ 22 80 443 1025 3000 3001 8025 8080 2222 3306 ];
};
networking = {
enableIPv6 = false;
};
users = {
groups = {
www-data = {};
mysql = {};
php = {};
};
users = {
wayne = {
isNormalUser = true;
description = "Wayne Hayes";
extraGroups = [ "networkmanager" "wheel" "wayne" "www-data" "nginx" "php" ];
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6q75AXShVjzWerPFU3l0YXIKViNF4eyragL+RQIRwdNDMzW34GgxFhtyLsmRB2jsykf4gx76zSyJoii0K4uhS761w5oDXz9mqHnBzJutDTyltLyfgLsFKY8V2sOtSracWx4y6QrtmBR3MKV642kg5mufVEmCMVxBU9oVpIOJUSW+XNYBawaSkl5SjDMLI7flj0v9Hb2dZqjQigDM1+UHxTzcMoZnR6hAzoZpPNMGyZXtrgEotNywNdpxCqRV9T/KvKHSIVYc1umiDXc+5fyRo9v7CzvYY3MvRKWbgUfTVQRmR2kqwsGAsV5W+PEUb8qqmTjPVXusKxKlpGgYfsvIZOv0LgOvQMemga8psFIS9F4YQ1xuc092bKi1LteC+ZlabMLRMux6Wbhjci+v9wnLfTyBQc6wr3wDFJoELKyaLnI7Cn0KHn0k+BiYCCr2TjKrz9XztL490vprYtvVumNFZ3rxewGnZSn/2czaFfQgnXt+9xQGWWo9TJGE5jq1jThnsIbH3G9JIQ1WhomMq6DDRhGMX2ZKDk/M9/fk0XN5nvQyJNmbiHy5srW/VANx8R9jjsVkvX29MXeK6dzpR4ImywXggpYMeHB6moy06cJUu5WoR8aLS/rO5LbZM2j14AMQ2ZK79QfUJSdloA1/HHlmnx7YtzZOebD6BCR7xgasGRw== wayne"];
packages = with pkgs; [];
};
php = {
isSystemUser = true;
group = "php";
};
};
};
services.openssh = {
enable = true;
ports = [ 22 ];
settings = {
PasswordAuthentication = true;
AllowUsers = [ "wayne" ]; # Allows all users by default. Can be [ "user1" "user2" ]
UseDns = true;
X11Forwarding = false;
PermitRootLogin = "no"; # "yes", "without-password", "prohibit-password", "forced-commands-only", "no"
};
};
# services.mysql = {
# enable = false;
# package = pkgs.mariadb;
# user = "mysql";
# # configFile = '''';
# };
services.nginx = {
enable = true;
package = pkgs.nginx;
virtualHosts.localhost = {
root = "/var/www/public";
extraConfig = ''
index index.php, index.html;
'';
#
locations."/".extraConfig = ''
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
add_header 'Access-Control-Allow-Methods' 'GET, POST, HEAD, OPTIONS';
add_header 'Accept' 'application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8';
index index.php index.html;
try_files $uri $uri/ /index.php;
'';
locations."~ \\.php$".extraConfig = ''
fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket};
fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param APPLICATION_ENV development;
# fastcgi_intercept_errors off;
# fastcgi_buffer_size 16k;
# fastcgi_buffers 4 16k;
'';
locations."~ \\.(?:css|js|svg|gif|png|jpg|ico|wasm|tflite|map|woff|woff2)$".extraConfig = ''
try_files $uri /index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
'';
locations."/robots.txt" = {
extraConfig = ''
rewrite ^/(.*) $1;
return 200 "User-agent: *\nDisallow: /";
'';
};
};
};
services.phpfpm = {
phpPackage = pkgs.php83;
pools.mypool = {
user = "nobody";
settings = {
"pm" = "dynamic";
"listen.owner" = config.services.nginx.user;
"pm.max_children" = 32;
"pm.start_servers" = 2;
"pm.min_spare_servers" = 1;
"pm.max_spare_servers" = 3;
"pm.max_requests" = 500;
};
};
phpOptions = ''
extension=${pkgs.php83Extensions.xdebug}/lib/php/extensions/xdebug.so
'';
extraConfig = ''
'';
};
_module.args.pkgs-unstable = import inputs.nixpkgs-unstable {
inherit (pkgs.stdenv.hostPlatform) system;
inherit (config.nixpkgs) config;
};
environment.systemPackages = ( with pkgs; [
vim git
php83 php83Extensions.xdebug
nodejs_22 nodePackages.npm nodePackages.browser-sync
])
++
(with pkgs-unstable; [
mailpit
]);
system.stateVersion = "24.05";
};
};
};
}

26
modules/musnix.nix Normal file
View File

@ -0,0 +1,26 @@
{ pkgs, musnix, ... }:
{
musnix = {
enable = true;
alsaSeq.enable = true; # this only loads the snd_seq and snd_rawmidi modules.
rtcqs.enable = true; # install the rtcqs command-line utulity, which analyzes the system and makes suggestions about what to change to make it more audio-friendly.
# soundcardPciId = ""; # lspci | grep -i audio
kernel = {
realtime = true; # Enabling this option will rebuild your kernel.
packages = pkgs.linuxPackages_rt;
};
# rtirq Options
# NOTES:
# The following rtirq options can be used without setting musnix.enable = true;
# musnix.kernel.realtime must be set to true to use these options.
# musnix can also install and run the rtirq script as a systemd service.
# To see a list of options for using this feature, use the following command:
# nixos-option musnix.rtirq
# To see a description of one of the listed options (in this case enable):
# nixos-option musnix.rtirq.enable
rtirq.enable = true;
das_watchdog.enable = true;
};
}

9
modules/network.nix
View File

@ -13,8 +13,10 @@
192.168.12.40 launchpad.local
192.168.12.41 xeon.local
192.168.12.41 rover.local
192.168.12.50 wayne-s-pixel-5
192.168.12.55 fire-tablet
192.168.12.60 toons.local
192.168.12.61 tv.local
@ -28,6 +30,8 @@
192.168.12.72 livebook
192.168.12.73 grocy
192.168.12.74 openoffice
192.168.12.75 laravel
192.168.12.76 nginx - PHP
45.58.52.52 www
172.245.111.249 est
@ -60,6 +64,7 @@
extraCommands = ''
iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns
'';
trustedInterfaces = [ "br0" ];
};
bridges = {
br0 = {
@ -69,14 +74,14 @@
# Required to access containers
nat = {
enable = true;
internalInterfaces = [ "eth0" "enp4s0" "ve-+" "vb-+" ];
internalInterfaces = [ "enp4s0" "ve-+" "vb-+" ];
externalInterface = "br0";
enableIPv6 = false;
};
# Dissable to prevent from managing containers
networkmanager = {
enable = true;
unmanaged = [ "eth0" "interface-name:ve-*" "interface-name:vb-*" ];
unmanaged = [ "enp4s0" "interface-name:ve-*" "interface-name:vb-*" ];
};
# wireless.enable = true; # Enables wireless support via wpa_supplicant.

4
modules/security.nix
View File

@ -48,7 +48,7 @@
login.enableKwallet = true;
login.kwallet = {
enable = true;
package = pkgs.plasma5Packages.kwallet-pam;
package = pkgs.plasma5Packages.kwallet-pam; # Comment for plasma6
};
sddm = {
enableKwallet = true;
@ -95,4 +95,4 @@
};
};
};
}
}

12
modules/users.nix
View File

@ -14,7 +14,17 @@
wayne = {
isNormalUser = true;
description = "Wayne Hayes";
extraGroups = [ "networkmanager" "wheel" "docker" "wayne" "vmail" "uinput" "storage" "www-data" ];
extraGroups = [
"networkmanager"
"wheel"
"docker"
"wayne"
"vmail"
"uinput"
"storage"
"www-data"
"audio"
];
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC6q75AXShVjzWerPFU3l0YXIKViNF4eyragL+RQIRwdNDMzW34GgxFhtyLsmRB2jsykf4gx76zSyJoii0K4uhS761w5oDXz9mqHnBzJutDTyltLyfgLsFKY8V2sOtSracWx4y6QrtmBR3MKV642kg5mufVEmCMVxBU9oVpIOJUSW+XNYBawaSkl5SjDMLI7flj0v9Hb2dZqjQigDM1+UHxTzcMoZnR6hAzoZpPNMGyZXtrgEotNywNdpxCqRV9T/KvKHSIVYc1umiDXc+5fyRo9v7CzvYY3MvRKWbgUfTVQRmR2kqwsGAsV5W+PEUb8qqmTjPVXusKxKlpGgYfsvIZOv0LgOvQMemga8psFIS9F4YQ1xuc092bKi1LteC+ZlabMLRMux6Wbhjci+v9wnLfTyBQc6wr3wDFJoELKyaLnI7Cn0KHn0k+BiYCCr2TjKrz9XztL490vprYtvVumNFZ3rxewGnZSn/2czaFfQgnXt+9xQGWWo9TJGE5jq1jThnsIbH3G9JIQ1WhomMq6DDRhGMX2ZKDk/M9/fk0XN5nvQyJNmbiHy5srW/VANx8R9jjsVkvX29MXeK6dzpR4ImywXggpYMeHB6moy06cJUu5WoR8aLS/rO5LbZM2j14AMQ2ZK79QfUJSdloA1/HHlmnx7YtzZOebD6BCR7xgasGRw== wayne"];
packages = with pkgs; [
kdePackages.kate

2
modules/wm.nix
View File

@ -49,7 +49,7 @@
enable = true;
};
theme = "catppuccin-mocha";
package = pkgs.kdePackages.sddm;
# package = pkgs.kdePackages.sddm; # Comment for plasma6
};
};
}

2
modules/xdg.nix
View File

@ -6,7 +6,7 @@
portal = {
enable = true;
configPackages = [ pkgs.xdg-desktop-portal-hyprland ];
extraPortals = [ pkgs.xdg-desktop-portal-hyprland pkgs.xdg-desktop-portal-wlr ];
extraPortals = [ pkgs.xdg-desktop-portal-hyprland pkgs.xdg-desktop-portal-wlr pkgs.xdg-desktop-portal-gtk ];
xdgOpenUsePortal = true;
wlr.enable = true;
};

6
pkgs/app/terminal/yazi.nix
View File

@ -2,10 +2,10 @@
{
programs.yazi = {
enable = true;
package = pkgs.yazi;
enableZshIntegration = true;
enableBashIntegration
= true;
settings = {
enableBashIntegration = true;
settings = {
log = {
enabled = false;
};

15
pkgs/wm/hyprland/hyprland.nix
View File

@ -28,7 +28,7 @@
# "QT_QPA_PLATFORMTHEME,qt6ct"
# "GDK_SCALE,1"
# "GDK_BACKEND,wayland,x11,*"
"GDK_BACKEND,wayland,x11,*"
# "GTK_THEME,FlatColor:dark"
# "GTK2_RC_FILES,/home/hadi/.local/share/themes/FlatColor/gtk-2.0/gtkrc"
@ -76,6 +76,7 @@
# kb_rules =;
follow_mouse = 1;
mouse_refocus = false;
touchpad = {
natural_scroll = "no";
@ -140,7 +141,7 @@
",XF86Explorer, exec, doublecmd"
",XF86Search, exec, pkill rofi || rofi -show drun -modi drun,filebrowser,run,window,ssh"
",XF86Calculator, exec, qalculate-qt"
"$mod, V, exec, cliphist list | wofi --dmenu | cliphist decode | wl-copy"
"$mod, V, exec, cliphist list | rofi --dmenu | cliphist decode | wl-copy"
"ALT, Tab, exec, hyprctl dispatch cyclenext"
"ALTSHIFT, Tab, exec, hyprctl dispatch cyclenext prev"
@ -244,11 +245,11 @@
"${config.home.homeDirectory}/.config/hypr/scripts/start-keybase-gui.sh"
# "[workspace 4 silent] remmina -c rdp://wayne@xeon.local"
"[workspace 5 silentl] keepassxc"
"[workspace 5 silent] /home/wayne/.nix-profile/bin/nextcloud --background"
"[workspace 5 silent] /nix/store/104jb5a21d1d338zkl1f07si6brsmrk2-keybase-gui-6.2.4/bin/keybase-gui %u &"
"[workspace 7 silent] sublime3"
"[workspace 9 silentl] keepassxc"
"[workspace 9 silent] /home/wayne/.nix-profile/bin/nextcloud --background"
"[workspace 9 silent] /nix/store/104jb5a21d1d338zkl1f07si6brsmrk2-keybase-gui-6.2.4/bin/keybase-gui %u &"
# "/nix/store/r3fdp5rlxcihmqhpcgy91sj918wnrmrc-pyprland-2.3.4/bin/pypr --debug ~/tmp/pypr.log"
];
@ -298,7 +299,7 @@
"opacity 1 override 0.9 override 0.9 override, ^(zen-alpha)$" # set opacity to 1.0 active, 0.5 inactive and 0.8 fullscreen for kitty
# "opacity 1.0 override 0.5 override 0.8 override, ^(kitty)$" # set opacity to 1.0 active, 0.5 inactive and 0.8 fullscreen for kitty
"move -50% -50%, float, ^(org.keepassxc.KeePassXC)$"
"move -50% -50%, float, ^(Nextcloud)$"
", float, ^(Nextcloud)$"
# common modals
"center,title:^(Open).*$"
# "center,title:^(Choose Files)$"
@ -321,7 +322,7 @@
# Apply stayfocused only to transient (temporary) windows in Reaper
# "stayfocused, title:^(.*)$, class:REAPER"
# "stayfocused, parent:REAPER"
# "noswallow, class:REAPER"
"noswallow, class:REAPER"
# "stayfocused, title:^(.*)$, class:REAPER"
# "float, title:^(Open|Choose Files|Save As|Confirm to replace files|File Operation Progress)$, class:REAPER"
# "stayfocused, title:^(Open|Choose Files|Save As|Confirm to replace files|File Operation Progress)$, class:REAPER"