erwin/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Wiki Activity Actions

Initial commit

Browse source
This commit is contained in:
Erwin Boskma 2021-10-05 23:45:02 +02:00
commit 956a0e3bbc
Signed by: erwin
GPG key ID: 5D2F7887C661DEBD
16 changed files with 647 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

47
flake.lock Normal file
View file

@ -0,0 +1,47 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1632256651,
"narHash": "sha256-+jbZKohfqTjp/5SwudwIhYzmFqmGDlIG99V5lOE4Yjg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "58aa667e28ca4a6a2159b1f3258ef5d494d5ecb6",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1631962327,
"narHash": "sha256-h2fgtNHozEcB42BQ1QVWAJUpQ1FA3gpgq/RrOKAxbfE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bc9b956714ed6eac5f8888322aac5bc41389defa",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

136
flake.nix Normal file
View file

@ -0,0 +1,136 @@
{
description = "System config";
inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { nixpkgs, home-manager, ... }@inputs:
let
inherit (nixpkgs) lib;
util = import ./lib {
inherit system pkgs home-manager lib;
overlays = (pkgs.overlays);
};
inherit (util) user;
inherit (util) host;
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [ ];
};
system = "x86_64-linux";
nixosConfig = {
boot = {
type = "qemu-bios";
qemu = true;
grubInstallDevice = "/dev/vda";
};
core.enable = true;
};
vm2Config = {
boot = {
type = "uefi";
qemu = true;
};
core.enable = true;
};
nixosUsers = [{
name = "erwin";
groups = [ "wheel" "networkmanager" "video" ];
uid = 1000;
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNoTcRsAxDwpiIj6nhUXwzSQjtcgKCR0RDlzP57wi0W erwin@horusvr-ws2"
];
}];
in {
homeManagerConfigurations = {
erwin = user.mkHMUser {
userConfig = {
git.enable = true;
ssh.enable = true;
applications.enable = true;
gpg.enable = true;
fish.enable = true;
};
username = "erwin";
};
};
nixosConfigurations = {
vm1 = host.mkHost {
name = "vm1";
NICs = [ "enp1s0" ];
kernelPackage = pkgs.linuxPackages;
initrdMods = [
"ahci"
"xhci_pci"
"virtio_pci"
"sr_mod"
"virtio_blk"
"virtio_net"
"virtio_mmio"
"virtio_scsi"
"9p"
"9pnet_virtio"
];
kernelMods =
[ "kvm-amd" "virtio_balloon" "virtio_console" "virtio_rng" ];
kernelParams = [ ];
systemConfig = nixosConfig;
users = nixosUsers;
cpuCores = 6;
};
vm2 = host.mkHost {
name = "vm2";
NICs = [ "enp1s0" ];
kernelPackage = pkgs.linuxPackages;
initrdMods = [
"ahci"
"xhci_pci"
"virtio_pci"
"sr_mod"
"virtio_blk"
"virtio_net"
"virtio_mmio"
"virtio_scsi"
"9p"
"9pnet_virtio"
];
kernelMods =
[ "kvm-amd" "virtio_balloon" "virtio_console" "virtio_rng" ];
kernelParams = [ ];
systemConfig = vm2Config;
users = nixosUsers;
cpuCores = 4;
};
loki = host.mkHost {
name = "loki";
NICs = [ "enp4s0" ];
kernelPackage = pkgs.linuxPackages;
initrdMods = [ "nvme" "xhci_pci" "ahci" ];
kernelMods = [ "kvm-amd" ];
};
};
};
}

5
lib/default.nix Normal file
View file

@ -0,0 +1,5 @@
{ pkgs, home-manager, system, lib, overlays, ... }:
rec {
user = import ./user.nix { inherit pkgs home-manager lib system overlays; };
host = import ./host.nix { inherit system pkgs home-manager lib user; };
}

47
lib/host.nix Normal file
View file

@ -0,0 +1,47 @@
{ system, pkgs, home-manager, lib, user, ... }:
with builtins;
{
mkHost = { name, NICs, initrdMods, kernelMods, kernelParams, kernelPackage,
systemConfig, cpuCores, users, wifi ? [],
gpuTempSensor ? null, cpuTempSensor ? null
}:
let
networkCfg = listToAttrs (map (n: {
name = "${n}"; value = { useDHCP = true; };
}) NICs);
userCfg = {
inherit name NICs systemConfig cpuCores gpuTempSensor cpuTempSensor;
};
sys_users = (map (u: user.mkSystemUser u) users);
in lib.nixosSystem {
inherit system;
modules = [
{
imports = [ ../modules/system ] ++ sys_users;
eb = systemConfig;
environment.etc = {
"hmsystemdata.json".text = toJSON userCfg;
};
networking.hostName = "${name}";
networking.interfaces = networkCfg;
networking.wireless.interfaces = wifi;
boot.initrd.availableKernelModules = initrdMods;
boot.kernelModules = kernelMods;
boot.kernelParams = kernelParams;
boot.kernelPackages = kernelPackage;
nixpkgs.pkgs = pkgs;
nix.maxJobs = lib.mkDefault cpuCores;
system.stateVersion = "21.05";
}
];
};
}

49
lib/user.nix Normal file
View file

@ -0,0 +1,49 @@
{ pkgs, home-manager, lib, system, overlays, ... }:
with builtins;
{
mkHMUser = { userConfig, username }:
home-manager.lib.homeManagerConfiguration {
inherit system username pkgs;
stateVersion = "21.05";
configuration =
let
trySettings = tryEval (fromJSON (readFile /etc/hmsystemdata.json));
machineData = if trySettings.success then trySettings.value else {};
machineModule = { pkgs, config, lib, ... }: {
options.machineData = lib.mkOption {
default = {};
description = "Settings passed from nixos system config. If not present it will be empty.";
};
config.machineData = machineData;
};
in {
erwin = userConfig;
nixpkgs.overlays = overlays;
nixpkgs.config.allowUnfree = true;
systemd.user.startServices = true;
home.stateVersion = "21.05";
home.username = username;
home.homeDirectory = "/home/${username}";
imports = [ ../modules/users machineModule ];
};
homeDirectory = "/home/${username}";
};
mkSystemUser = { name, groups, uid, shell, ... }:
{
users.users."${name}" = {
name = name;
isNormalUser = true;
isSystemUser = false;
extraGroups = groups;
uid = uid;
initialPassword = "helloworld";
shell = shell;
};
};
}

83
modules/system/boot/default.nix Normal file
View file

@ -0,0 +1,83 @@
{ pkgs, config, lib, ... }:
with lib;
let cfg = config.eb.boot;
in {
options.eb.boot = {
type = mkOption {
description = "Type of boot. Default bios.";
default = null;
type = types.enum [ "bios" "uefi" ];
};
qemu = mkOption {
description = "Set to true if running in qemu";
default = false;
type = types.bool;
};
grubInstallDevice = mkOption {
description = "The disk to install Grub to";
type = types.nullOr types.str;
default = null;
};
};
config = mkMerge [
{
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
swapDevices = [{ device = "/dev/disk/by-label/swap"; }];
}
(mkIf (cfg.type == "bios") {
boot.loader = {
grub = {
enable = true;
version = 2;
device = cfg.grubInstallDevice;
efiSupport = false;
useOSProber = true;
extraEntries = ''
menuentry "Reboot" {
reboot
}
menuentry "Power off" {
halt
}
'';
};
};
})
(mkIf (cfg.type == "uefi") {
boot.loader = {
systemd-boot = {
enable = true;
editor = false;
configurationLimit = 10;
};
efi.canTouchEfiVariables = true;
};
fileSystems."/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
})
(mkIf (cfg.qemu) {
boot.initrd.postDeviceCommands = ''
# Set the system time from the hardware clock to work around a
# bug in qemu-kvm > 1.5.2 where the VM clock is initialized
# to the *boot time* of the host.
hwclock -s
'';
services.qemuGuest.enable = true;
})
];
}

69
modules/system/core/default.nix Normal file
View file

@ -0,0 +1,69 @@
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.eb.core;
in {
options.eb.core = {
enable = mkOption {
description = "Enable core options";
type = types.bool;
default = true;
};
};
config = mkIf (cfg.enable) {
nix = {
package = pkgs.nixUnstable;
extraOptions = "experimental-features = nix-command flakes";
gc = {
automatic = true;
options = "--delete-older-than 10d";
};
};
environment.shells = [ pkgs.fish pkgs.zsh pkgs.bash ];
console = {
font = "Lat2-Terminus16";
keyMap = "colemak";
};
i18n.defaultLocale = "en_US.UTF-8";
time.timeZone = "Europe/Amsterdam";
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
hardware.enableRedistributableFirmware = lib.mkDefault true;
environment.systemPackages = with pkgs; [
unzip
zsh
fish
gawk
gnused
curl
xh
bottom
acpi
pstree
git
patchelf
nix-index
manix
neovim
];
security.sudo.extraConfig = ''Defaults env_reset,timestamp_timeout=5,insults,lecture="always"'';
security.sudo.execWheelOnly = true;
services.openssh.enable = true;
};
}

8
modules/system/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ pkgs, config, lib, ... }:
{
imports = [
./boot
./core
./nixos
];
}

19
modules/system/nixos/default.nix Normal file
View file

@ -0,0 +1,19 @@
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.eb.nixos;
in {
options.eb.nixos = {
enable = mkOption {
description = "Whether to enable nixos settings";
type = types.bool;
default = false;
};
};
config = mkIf (cfg.enable) {
environment.systemPackages = [
];
};
}

26
modules/users/applications/default.nix Normal file
View file

@ -0,0 +1,26 @@
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.erwin.applications;
in {
options.erwin.applications = {
enable = mkOption {
description = "Enable a set of common applications";
type = types.bool;
default = false;
};
};
config = mkIf (cfg.enable) {
home.sessionVariables = {
EDITOR = "vim";
};
home.packages = with pkgs; [
neovim
];
fonts.fontconfig.enable = true;
};
}

11
modules/users/default.nix Normal file
View file

@ -0,0 +1,11 @@
{ pkgs, config, lib, ... }:
{
imports = [
./applications
./fish
./git
./gpg
./ssh
];
}

29
modules/users/fish/default.nix Normal file
View file

@ -0,0 +1,29 @@
{ pkgs, config, lib, ... }:
with lib;
let cfg = config.erwin.fish;
in {
options.erwin.fish = {
enable = mkOption {
description = "Enable fish shell";
type = types.bool;
default = false;
};
};
config = mkIf (cfg.enable) (let starship = pkgs.starship;
in {
programs.starship = {
enable = true;
enableFishIntegration = true;
};
programs.fish = {
enable = true;
# interactiveShellInit = ''
# source ("${starship}/bin/starship" init fish --print-full-init | psub)
# '';
};
});
}

41
modules/users/git/default.nix Normal file
View file

@ -0,0 +1,41 @@
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.erwin.git;
in {
options.erwin.git = {
enable = mkOption {
description = "Enable git";
type = types.bool;
default = false;
};
userName = mkOption {
description = "Name for git";
type = types.str;
default = "Erwin Boskma";
};
userEmail = mkOption {
description = "Email for git";
type = types.str;
default = "erwin@datarift.nl";
};
};
config = mkIf (cfg.enable) {
programs.git = {
enable = true;
userName = cfg.userName;
userEmail = cfg.userEmail;
extraConfig = {
credential.helper = "${pkgs.git.override { withLibsecret = true; }}/bin/git-credential-libsecret";
};
};
home.packages = with pkgs; [
];
};
}

32
modules/users/gpg/default.nix Normal file
View file

@ -0,0 +1,32 @@
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.erwin.gpg;
in {
options.erwin.gpg = {
enable = mkOption {
description = "Enable GPG";
type = types.bool;
default = false;
};
};
config = mkIf (cfg.enable) {
home.packages = with pkgs; [
pinentry-curses
];
programs.gpg = {
enable = true;
};
services.gpg-agent = {
enable = true;
pinentryFlavor = "curses";
enableSshSupport = true;
defaultCacheTtlSsh = 14400;
maxCacheTtlSsh = 14400;
};
};
}

22
modules/users/input/default.nix Normal file
View file

@ -0,0 +1,22 @@
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.erwin.input;
in {
options.erwin.input = {
enable = mkOption {
description = "Enable input configuration";
type = types.bool;
default = false;
};
};
config = mkIf (cfg.enable) {
home.keyboard = {
layout = "us";
variant = "colemak";
options = [];
};
};
}

23
modules/users/ssh/default.nix Normal file
View file

@ -0,0 +1,23 @@
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.erwin.ssh;
in {
options.erwin.ssh = {
enable = mkOption {
description = "Enable ssh";
type = types.bool;
default = false;
};
};
config = mkIf (cfg.enable) {
home.packages = with pkgs; [
];
programs.ssh = {
enable = true;
};
};
}