nrabulinski/settei
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

hosts/miyagi: init

Browse source
This commit is contained in:
Nikodem Rabuliński 2024-06-28 10:28:15 +02:00 committed by Nikodem Rabuliński
parent 2f16de8f02
commit 78124dba37
6 changed files with 319 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/default.nix
View file

@ -14,6 +14,7 @@
# ./installer # ./installer
./ude ./ude
./kogata ./kogata
./miyagi
]; ];
builders = builders =

91
hosts/miyagi/default.nix Normal file
View file

@ -0,0 +1,91 @@
{
configurations.nixos.miyagi =
{
config,
pkgs,
username,
...
}:
{
imports = [
./sway.nix
./disks.nix
];
nixpkgs.hostPlatform = "x86_64-linux";
boot.kernelModules = [
"kvm-intel"
"i2c-dev"
];
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
};
powerManagement.cpuFreqGovernor = "performance";
networking.networkmanager.enable = true;
zramSwap.enable = true;
boot.kernel.sysctl."kernel.sysrq" = 1;
age.secrets.niko-pass.file = ../../secrets/miyagi-niko-pass.age;
users.users.${username} = {
hashedPasswordFile = config.age.secrets.niko-pass.path;
extraGroups = [
"libvirtd"
"i2c"
"networkmanager"
];
};
settei.user.config = {
common.desktop.enable = true;
home.packages = [ pkgs.slack ];
programs.git.userEmail = "nrabulinski@antmicro.com";
# TODO: Move to common?
xdg.mimeApps = {
enable = true;
defaultApplications = {
"x-scheme-handler/http" = "org.qutebrowser.qutebrowser.desktop";
"x-scheme-handler/https" = "org.qutebrowser.qutebrowser.desktop";
"x-scheme-handler/chrome" = "org.qutebrowser.qutebrowser.desktop";
"text/html" = "org.qutebrowser.qutebrowser.desktop";
"application/x-extension-htm" = "org.qutebrowser.qutebrowser.desktop";
"application/x-extension-html" = "org.qutebrowser.qutebrowser.desktop";
"application/x-extension-shtml" = "org.qutebrowser.qutebrowser.desktop";
"application/xhtml+xml" = "org.qutebrowser.qutebrowser.desktop";
"application/x-extension-xhtml" = "org.qutebrowser.qutebrowser.desktop";
"application/x-extension-xht" = "org.qutebrowser.qutebrowser.desktop";
"application/pdf" = "org.qutebrowser.qutebrowser.desktop";
};
};
};
common.incus.enable = true;
services.udisks2.enable = true;
services.printing = {
enable = true;
drivers = [ pkgs.brlaser ];
};
services.avahi = {
enable = true;
nssmdns4 = true;
};
hardware.bluetooth = {
enable = true;
settings.General.ControllerMode = "bredr";
};
hardware.keyboard.qmk.enable = true;
systemd.coredump.enable = true;
# Needed for enableAllFirmware
nixpkgs.config.allowUnfree = true;
hardware = {
enableAllFirmware = true;
cpu.intel.updateMicrocode = true;
};
};
}

83
hosts/miyagi/disks.nix Normal file
View file

@ -0,0 +1,83 @@
args:
let
bootDevice = args.bootDevice or "/dev/nvme0n1";
in
{
disko.devices.disk.bootDisk = {
type = "disk";
device = bootDevice;
content = {
type = "gpt";
partitions = {
esp = {
label = "ESP";
priority = 3;
type = "EF00";
start = "1MiB";
end = "512MiB";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
nixos = {
label = "primary";
priority = 1;
start = "512MiB";
end = "-8G";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes =
let
mountOptions = [
"compress=zstd"
"noatime"
];
in
{
"/root" = {
inherit mountOptions;
mountpoint = "/";
};
"/home" = {
inherit mountOptions;
mountpoint = "/home";
};
"/nix" = {
inherit mountOptions;
mountpoint = "/nix";
};
"/persist" = {
inherit mountOptions;
mountpoint = "/persist";
};
"/log" = {
inherit mountOptions;
mountpoint = "/var/log";
};
};
};
};
swap = {
label = "swap";
priority = 2;
size = "100%";
content.type = "swap";
};
};
};
};
fileSystems."/var/log".neededForBoot = true;
fileSystems."/bulk" = {
device = "/dev/disk/by-label/bulk";
fsType = "btrfs";
options = [
"compress=zstd"
"noatime"
];
};
}

133
hosts/miyagi/sway.nix Normal file
View file

@ -0,0 +1,133 @@
{
config,
lib,
pkgs,
...
}:
{
services.greetd = {
enable = true;
settings.default_session = {
command = "${lib.getExe pkgs.greetd.tuigreet} --time --cmd ${lib.getExe config.programs.sway.package}";
user = "niko";
};
};
programs.sway = {
enable = true;
wrapperFeatures.base = true;
wrapperFeatures.gtk = true;
};
security.pam.services.swaylock = { };
xdg.portal.config.common.default = "*";
settei.user.config =
{ config, ... }:
{
home.packages = with pkgs; [
(writeShellApplication {
name = "lock";
text = ''
swaymsg output '*' power off
swaylock -c 000000
swaymsg output '*' power on
'';
})
(writeShellApplication {
name = "screenshot";
runtimeInputs = [
slurp
grim
wl-clipboard
];
text = ''
grim -g "$(slurp)" - | \
wl-copy -t image/png
'';
})
# Bitwarden stuff, move to separate module or properly package?
# Maybe use some other input method?
(rofi-rbw.override { waylandSupport = true; })
rbw
pinentry.curses
];
wayland.windowManager.sway =
let
mod = config.wayland.windowManager.sway.config.modifier;
in
{
enable = true;
package = null;
config.terminal = "wezterm";
config.modifier = "Mod4";
config.fonts.names = [ "Iosevka Nerd Font" ];
config.keybindings = lib.mkOptionDefault {
"${mod}+b" = "exec rofi-rbw --selector rofi";
"${mod}+d" = "exec rofi -show drun";
"${mod}+Shift+s" = "exec screenshot";
};
config.keycodebindings = {
"${mod}+Shift+60" = "exec lock";
};
config.window.commands =
let
alwaysFloating = [
{ window_role = "pop-up"; }
{ window_role = "bubble"; }
{ window_role = "dialog"; }
{ window_type = "dialog"; }
{ window_role = "task_dialog"; }
{ window_type = "menu"; }
{ app_id = "floating"; }
{ app_id = "floating_update"; }
{ class = "(?i)pinentry"; }
{ title = "Administrator privileges required"; }
{ title = "About Mozilla Firefox"; }
{ window_role = "About"; }
{
app_id = "firefox";
title = "Library";
}
];
in
map (criteria: {
inherit criteria;
command = "floating enable";
}) alwaysFloating;
config.output = {
"HDMI-A-1" = {
pos = "0 472";
};
"DP-1" = {
pos = "2560 0";
transform = "90";
};
};
config.input = {
"type:pointer" = {
accel_profile = "flat";
pointer_accel = "0.2";
};
"type:keyboard" = {
xkb_layout = "pl";
};
};
config.workspaceOutputAssign = [
{
workspace = "1";
output = "HDMI-A-1";
}
{
workspace = "2";
output = "DP-1";
}
];
};
programs.rofi = {
enable = true;
package = pkgs.rofi-wayland;
};
};
}

7
secrets/miyagi-niko-pass.age Normal file
View file

@ -0,0 +1,7 @@
age-encryption.org/v1
-> ssh-ed25519 g2vRWw 3mHAcu63Cw+hKbRkAQMlddIg071e+ggdU7lGWF3Lmmw
K3NBGhpyON3JLa8kb46dJD6mY+4ZHYDO5v78uYUY96s
-> ssh-ed25519 GKhvwg hm8EAsFbWe1OykH/uovSvmPJdVIQd91rcWvgjfIEPwg
Wn1ywatZ7KCfxOhvoLXUGAA15nAobR6Qs+5xuOb51rM
--- NS6E6N7YAmP+kTht3ZiqVEuyNsJzIumut4sppS7L6dQ
a9ë¼3ÌØjm¶á;0pýûlÀ;¨nçŽc CJÐë³HÔúH×ñ ìëʴÄ/ôM¶0¬¾º,kJo<5A>!¢‹¢´­µ?:^°D72ñÚZ5ao¡'Í4óžÙT09Â

4
secrets/secrets.nix
View file

@ -72,4 +72,8 @@ in
keys.other.bootstrap keys.other.bootstrap
]; ];
"ntfy-alert-pass.age".publicKeys = (builtins.attrValues keys.system) ++ [ keys.other.bootstrap ]; "ntfy-alert-pass.age".publicKeys = (builtins.attrValues keys.system) ++ [ keys.other.bootstrap ];
"miyagi-niko-pass.age".publicKeys = [
keys.system.miyagi
keys.other.bootstrap
];
} }