diff --git a/flake.nix b/flake.nix index baed75e..ed7965e 100644 --- a/flake.nix +++ b/flake.nix @@ -43,6 +43,7 @@ imports = [ inputs.home-manager.flakeModules.home-manager ./hosts/comfy-station + ./hosts/monolith (./home + "/jonas@comfy-station") (import-tree ./modules) ]; diff --git a/hosts/monolith/configuration.nix b/hosts/monolith/configuration.nix new file mode 100644 index 0000000..e69e715 --- /dev/null +++ b/hosts/monolith/configuration.nix @@ -0,0 +1,209 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). +{ + config, + pkgs, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # Secret management + sops.age.keyFile = "/var/lib/sops-nix/key.txt"; + sops.secrets.wg-priv = { + sopsFile = ../../secrets/monolith/wg.yaml; + key = "privateKey"; + }; + sops.secrets.spotifyShortcutsClientId = { + sopsFile = ../../secrets/spotify-shortcuts.yaml; + key = "clientId"; + }; + sops.secrets.spotifyShortcutsClientSecret = { + sopsFile = ../../secrets/spotify-shortcuts.yaml; + key = "clientSecret"; + }; + + # Users + users.users.jonas = { + isNormalUser = true; + description = "Jonas"; + hashedPassword = ""; # passwordless login (sudo is now unusable without specifying NOPASSWD) + extraGroups = ["networkmanager" "wheel" "docker" "dialout"]; + }; + security.sudo.wheelNeedsPassword = false; + users.groups.data = { + gid = 1001; + members = ["jonas"]; + }; + users.defaultUserShell = pkgs.zsh; + programs.zsh.enable = true; + + # fonts + fonts.packages = with pkgs; [ + fira + fira-code-symbols + nerd-fonts.fira-code + ]; + + # hive modules + hive.kwallet.forUsers = ["jonas"]; + hive.virt-manager.forUsers = ["jonas"]; + hive.sound.noisetorch = true; + hive.wg.client.privateKeyFile = config.sops.secrets.wg-priv.path; + hive.wg.client.peer = "monolith"; + hive.programs.games.dayz = true; + hive.programs.games.lutris = true; + hive.programs.games.steam = true; + hive.programs.games.wine = true; + hive.programs.creative = { + image-management = true; + image-editing = true; + image-raw-processing = true; + video-editing-light = true; + video-editing-heavy = true; + }; + hive.programs.spotify-shortcuts = { + enable = true; + clientIdSopsKey = config.sops.secrets.spotifyShortcutsClientId.name; + clientSecretSopsKey = config.sops.secrets.spotifyShortcutsClientSecret.name; + }; + + # system packages + environment.systemPackages = with pkgs; [ + age + alejandra + arduino + borgbackup + borgmatic + chromium + discord + docker + docker-compose + feh + firefox + git + gramps + insomnia + libreoffice + mosquitto + mpv + mupdf + nextcloud-client + nh + nix-index + nix-output-monitor + obsidian + qalculate-qt + qdirstat + qtpass + ranger + sops + spotify + vim + vlc + vscode + wget + zoom + zotero + ]; + nixpkgs.config.permittedInsecurePackages = [ + "electron-25.9.0" # required by obsidian + ]; + virtualisation.docker.enable = true; + + # dpi correction + services.xserver.dpi = 91; + environment.variables = { + ## Used by GTK 3 + # `GDK_SCALE` is limited to integer values + GDK_SCALE = "1"; + # Inverse of GDK_SCALE + GDK_DPI_SCALE = "1"; + + # Used by Qt 5 + QT_AUTO_SCREEN_SCALE_FACTOR = "1"; + + _JAVA_OPTIONS = "-Dsun.java2d.uiScale=1"; + }; + # Expose variables to graphical systemd user services + services.xserver.displayManager.importedVariables = [ + "GDK_SCALE" + "GDK_DPI_SCALE" + "QT_AUTO_SCREEN_SCALE_FACTOR" + ]; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.11"; # Did you read the comment? + + # gc settings and binary caches + nix = { + settings = { + substituters = [ + "https://aseipp-nix-cache.freetls.fastly.net" + "https://nix-community.cachix.org" + "https://cache.nixos.org/" + ]; + experimental-features = ["nix-command" "flakes"]; + auto-optimise-store = true; + }; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + # boot + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.plymouth.enable = true; + boot.initrd.systemd.enable = true; + boot.supportedFilesystems = ["ntfs"]; + + # Configure console keymap + console.keyMap = "de"; + + # Set your time zone. + time.timeZone = "Europe/Berlin"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + i18n.extraLocaleSettings = { + LC_ADDRESS = "de_DE.UTF-8"; + LC_IDENTIFICATION = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "de_DE.UTF-8"; + LC_PAPER = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + }; + + networking.firewall.enable = true; + networking.hostName = "monolith"; # Define your hostname. + networking.extraHosts = '' + 127.0.0.1 monolith + ''; + + # Enable networking + networking.networkmanager.enable = true; + + # printing + services.printing.enable = true; + + # ld-fix + programs.nix-ld.enable = true; + programs.nix-ld.libraries = [ + # Add any missing dynamic libraries for unpackaged programs + # here, NOT in environment.systemPackages + ]; +} diff --git a/hosts/monolith/default.nix b/hosts/monolith/default.nix new file mode 100644 index 0000000..5a4bffd --- /dev/null +++ b/hosts/monolith/default.nix @@ -0,0 +1,36 @@ +{ + inputs, + self, + ... +}: { + flake.nixosConfigurations.monolith = inputs.nixpkgs.lib.nixosSystem { + modules = [ + ({...}: { + nixpkgs.config.allowUnfree = true; + nixpkgs.config.nvidia.acceptLicense = true; + }) + + ./configuration.nix + + inputs.nixos-hardware.nixosModules.msi-b550-a-pro + inputs.sops-nix.nixosModules.sops + self.nixosModules.nvidia + self.nixosModules.ckb-next + self.nixosModules.plasma + self.nixosModules.layan + self.nixosModules.nix-scripts + self.nixosModules.kwallet + self.nixosModules.virt-manager + self.nixosModules.bluetooth + self.nixosModules.sound + self.nixosModules.yubikey + self.nixosModules.wireguard-client + self.nixosModules.games + self.nixosModules.creative + self.nixosModules.openhantek + self.nixosModules.firefox + self.nixosModules.kdeconnect + self.nixosModules.spotify-shortcuts + ]; + }; +} diff --git a/hosts/monolith/hardware-configuration.nix b/hosts/monolith/hardware-configuration.nix new file mode 100644 index 0000000..0a595e0 --- /dev/null +++ b/hosts/monolith/hardware-configuration.nix @@ -0,0 +1,57 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/11d59216-2e76-499f-853f-9801486e330a"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/0892-649B"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; + + fileSystems."/data1" = { + device = "/dev/disk/by-uuid/8426515e-2be1-4c51-8b5f-d1850aa17270"; + fsType = "ext4"; + }; + + fileSystems."/data2" = { + device = "/dev/disk/by-uuid/4f39ed6d-74ed-420b-b542-89d432459f79"; + fsType = "ext4"; + }; + + swapDevices = [ + { + device = "/.swapfile"; + size = 24 * 1024; + } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp42s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/desktop/plasma.nix b/modules/desktop/plasma.nix new file mode 100644 index 0000000..8a1547b --- /dev/null +++ b/modules/desktop/plasma.nix @@ -0,0 +1,22 @@ +{ + flake.nixosModules.plasma = {pkgs, ...}: { + services.xserver.enable = true; + services.xserver = { + xkb.layout = "de"; + xkb.variant = ""; + xkb.options = "caps:ctrl_modifier"; + }; + services.displayManager.sddm = { + enable = true; + wayland.enable = true; + }; + services.desktopManager.plasma6.enable = true; + xdg.portal = { + enable = true; + extraPortals = with pkgs; [ + kdePackages.xdg-desktop-portal-kde + xdg-desktop-portal-gtk + ]; + }; + }; +} diff --git a/modules/hardware/ckb-next.nix b/modules/hardware/ckb-next.nix new file mode 100644 index 0000000..550d74d --- /dev/null +++ b/modules/hardware/ckb-next.nix @@ -0,0 +1,17 @@ +{ + flake.nixosModules.ckb-next = {pkgs, ...}: { + # Corsair drivers + hardware.ckb-next = { + enable = true; + # Workarount until https://github.com/NixOS/nixpkgs/issues/444209 + # is fixed + package = pkgs.ckb-next.overrideAttrs (prev: { + cmakeFlags = + (prev.cmakeFlags or []) + ++ [ + "-DUSE_DBUS_MENU=0" + ]; + }); + }; + }; +} diff --git a/modules/hardware/nvidia.nix b/modules/hardware/nvidia.nix new file mode 100644 index 0000000..b121136 --- /dev/null +++ b/modules/hardware/nvidia.nix @@ -0,0 +1,47 @@ +{ + flake.nixosModules.nvidia = { + config, + pkgs, + ... + }: { + # Enable OpenGL + hardware.graphics = { + enable = true; + enable32Bit = true; + extraPackages = [pkgs.rocmPackages.clr]; + }; + + # Load nvidia driver for Xorg and Wayland + services.xserver.videoDrivers = ["nvidia"]; + + hardware.nvidia = { + # Modesetting is required. + modesetting.enable = true; + + # Nvidia power management. Experimental, and can cause sleep/suspend to fail. + # Enable this if you have graphical corruption issues or application crashes after waking + # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead + # of just the bare essentials. + powerManagement.enable = false; + + # Fine-grained power management. Turns off GPU when not in use. + # Experimental and only works on modern Nvidia GPUs (Turing or newer). + powerManagement.finegrained = false; + + # Use the NVidia open source kernel module (not to be confused with the + # independent third-party "nouveau" open source driver). + # Support is limited to the Turing and later architectures. Full list of + # supported GPUs is at: + # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus + # Only available from driver 515.43.04+ + open = false; + + # Enable the Nvidia settings menu, + # accessible via `nvidia-settings`. + nvidiaSettings = true; + + # Optionally, you may need to select the appropriate driver version for your specific GPU. + package = config.boot.kernelPackages.nvidiaPackages.stable; + }; + }; +} diff --git a/modules/packages/crossover/default.nix b/modules/packages/crossover/default.nix index cc67f89..209cf6e 100644 --- a/modules/packages/crossover/default.nix +++ b/modules/packages/crossover/default.nix @@ -1,7 +1,10 @@ -{ +{self, ...}: { flake.overlays.crossover = final: prev: { crossover = final.callPackage ./_derivation.nix {}; }; + flake.nixosModules.crossover-overlay = { + nixpkgs.overlays = [self.overlays.crossover]; + }; perSystem = {pkgs, ...}: { packages.crossover = pkgs.callPackage ./_derivation.nix {}; }; diff --git a/modules/packages/spotify-shortcuts/default.nix b/modules/packages/spotify-shortcuts/default.nix index 651f31d..863ffdc 100644 --- a/modules/packages/spotify-shortcuts/default.nix +++ b/modules/packages/spotify-shortcuts/default.nix @@ -1,9 +1,56 @@ -{ +{self, ...}: { flake.overlays.spotify-shortcuts = final: prev: { - bulk-transcode = final.callPackage ./_derivation.nix {}; + spotify-shortcuts = final.callPackage ./_derivation.nix {}; }; perSystem = {pkgs, ...}: { packages.spotify-shortcuts = pkgs.callPackage ./_derivation.nix {}; devShells.spotify-shortcuts = import ./_shell.nix {inherit pkgs;}; }; + + flake.nixosModules.spotify-shortcuts-overlay = { + nixpkgs.overlays = [ + self.overlays.spotify-shortcuts + ]; + }; + + flake.nixosModules.spotify-shortcuts = { + config, + lib, + pkgs, + ... + }: let + cfg = config.hive.programs.spotify-shortcuts; + in { + options.hive.programs.spotify-shortcuts = { + enable = lib.mkEnableOption "Enable Spotify Shortcuts"; + clientIdSopsKey = lib.mkOption { + type = lib.types.singleLineStr; + description = "Spotify API Client ID sops secret name"; + }; + clientSecretSopsKey = lib.mkOption { + type = lib.types.singleLineStr; + description = "Spotify API Client Secret Path sops secret name"; + }; + }; + + imports = [ + self.nixosModules.spotify-shortcuts-overlay + ]; + + config = lib.mkIf cfg.enable { + environment.systemPackages = [pkgs.spotify-shortcuts]; + environment.variables = { + SPOTIFY_SHORTCUTS_CONFIG = config.sops.templates."spotify-shortcuts-client.json".path; + }; + sops.templates."spotify-shortcuts-client.json" = { + mode = "444"; + content = '' + { + "clientId": "${config.sops.placeholder.${cfg.clientIdSopsKey}}", + "clientSecret": "${config.sops.placeholder.${cfg.clientSecretSopsKey}}" + } + ''; + }; + }; + }; } diff --git a/modules/programs/creative.nix b/modules/programs/creative.nix index 57dc315..0387d80 100644 --- a/modules/programs/creative.nix +++ b/modules/programs/creative.nix @@ -1,4 +1,4 @@ -{ +{self, ...}: { flake.nixosModules.creative = { config, lib, @@ -52,15 +52,12 @@ Enable heavy video editing tools. ''; }; - daws = lib.mkOption { - type = lib.types.bool; - default = false; - description = '' - Enable DAWs (currently bitwig beta) - ''; - }; }; + imports = [ + self.nixosModules.bulk-transcode-overlay + ]; + config = { environment.systemPackages = with pkgs; lib.optionals cfg.image-editing [gimp krita drawio] @@ -83,8 +80,7 @@ davinci-resolve kdePackages.kdenlive obs-studio - ] - ++ lib.optional cfg.daws bitwig-studio-latest; + ]; }; }; } diff --git a/modules/programs/games.nix b/modules/programs/games.nix index db48b01..b1cfccf 100644 --- a/modules/programs/games.nix +++ b/modules/programs/games.nix @@ -1,7 +1,10 @@ { + self, + inputs, + ... +}: { flake.nixosModules.games = { config, - inputs, lib, pkgs, ... @@ -46,6 +49,10 @@ }; }; + imports = [ + self.nixosModules.crossover-overlay + ]; + config = { environment.systemPackages = lib.optional cfg.lutris @@ -57,7 +64,7 @@ }) ++ lib.optional cfg.r2modman pkgs.r2modman ++ lib.optionals cfg.dayz [ - pkgs.hive.crossover + pkgs.crossover inputs.dzgui-nix.packages.${pkgs.stdenv.system}.default ] ++ lib.optionals cfg.wine [ diff --git a/modules/themes/layan/layan.nix b/modules/themes/layan/layan.nix index bbdcb54..f7bc481 100644 --- a/modules/themes/layan/layan.nix +++ b/modules/themes/layan/layan.nix @@ -1,4 +1,18 @@ {self, ...}: { + flake.nixosModules.layan = {pkgs, ...}: { + imports = [ + self.nixosModules.unstable-overlay + self.nixosModules.layan-qt6-overlay + ]; + environment.systemPackages = [ + pkgs.layan-qt6 + pkgs.kdePackages.qtstyleplugin-kvantum + pkgs.unstable.layan-cursors + pkgs.layan-gtk-theme + pkgs.tela-circle-icon-theme + ]; + }; + flake.homeModules.layan = { lib, pkgs,