thunderbottom
/
flakes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: add latest nixos configuration 

Signed-off-by: Chinmay D. Pai <chinmay.pai@zerodha.com>
This commit is contained in:
Chinmay D. Pai 2023-10-12 00:27:24 +05:30
commit f32772e7f2
Signed by: thunderbottom
GPG Key ID: 75507BE256F40CED
22 changed files with 2005 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
Makefile Normal file
View File

@ -0,0 +1,29 @@
hades:
nixos-rebuild switch --flake .#hades
trench:
nixos-rebuild switch --flake .#trench
up:
nix flake update
upp:
nix flake lock --update-input $(f)
history:
nix profile history --profile /nix/var/nix/profiles/system
gc:
# remove all generations older than 7 days
sudo nix profile wipe-history --profile /nix/var/nix/profiles/system --older-than 7d
# garbage collect all unused nix store entries
sudo nix store gc --debug
fmt:
# format the nix files in the repository
nix fmt
.PHONY: clean
clean:
rm -fr result

943
flake.lock Normal file
View File

@ -0,0 +1,943 @@
{
"nodes": {
"beautysh": {
"inputs": {
"nixpkgs": [
"nixvim",
"nixpkgs"
],
"poetry2nix": "poetry2nix",
"utils": "utils"
},
"locked": {
"lastModified": 1680308980,
"narHash": "sha256-aUEHV0jk2qIFP3jlsWYWhBbm+w/N9gzH3e4I5DcdB5s=",
"owner": "lovesegfault",
"repo": "beautysh",
"rev": "9845efc3ea3e86cc0d41465d720a47f521b2799c",
"type": "github"
},
"original": {
"owner": "lovesegfault",
"repo": "beautysh",
"type": "github"
}
},
"cachix": {
"locked": {
"lastModified": 1635350005,
"narHash": "sha256-tAMJnUwfaDEB2aa31jGcu7R7bzGELM9noc91L2PbVjg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1c1f5649bb9c1b0d98637c8c365228f57126f361",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-20.09",
"repo": "nixpkgs",
"type": "github"
}
},
"devenv": {
"inputs": {
"flake-compat": "flake-compat",
"nix": "nix",
"nixpkgs": "nixpkgs",
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1696609182,
"narHash": "sha256-PzVHnPnm+aceuQOoE3oExjHSxiLFAEiHFyQb3xXCI1c=",
"owner": "cachix",
"repo": "devenv",
"rev": "bd859ef4b207c2071f5bd3cae2a74f4d3e69c2e2",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"emacs-overlay": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_2",
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1697016336,
"narHash": "sha256-LF+pvqueJE9WvqdwAPpRKBMY1jowfEjsbYrSpTWf7EA=",
"owner": "nix-community",
"repo": "emacs-overlay",
"rev": "bfc5d3e3517818755933a73cc736920e06092996",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "emacs-overlay",
"type": "github"
}
},
"firefox-nightly": {
"inputs": {
"cachix": "cachix",
"flake-compat": "flake-compat_2",
"lib-aggregate": "lib-aggregate",
"mozilla": "mozilla",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1697027722,
"narHash": "sha256-PnWB/DmsMF+21ZbWCC5smUs9DybxWCKPP5N6FWz0iOE=",
"owner": "nix-community",
"repo": "flake-firefox-nightly",
"rev": "d29309466b59c88e3685de3e899fad232d76b575",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-firefox-nightly",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"locked": {
"lastModified": 1688025799,
"narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1673956053,
"narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1693611461,
"narHash": "sha256-aPODl8vAgGQ0ZYFIRisxYG5MOGSkIczvu2Cd8Gb9+1Y=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "7f53fdb7bdc5bb237da7fefef12d099e4fd611ca",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1685518550,
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_3": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_4": {
"inputs": {
"systems": "systems_4"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_5": {
"inputs": {
"systems": "systems_5"
},
"locked": {
"lastModified": 1694529238,
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_6": {
"inputs": {
"systems": "systems_6"
},
"locked": {
"lastModified": 1685518550,
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"devenv",
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1660459072,
"narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "a20de23b925fd8264fd7fad6454652e142fd7f73",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_2": {
"inputs": {
"nixpkgs": [
"nixvim",
"pre-commit-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1660459072,
"narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "a20de23b925fd8264fd7fad6454652e142fd7f73",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1696940889,
"narHash": "sha256-p2Wic74A1tZpFcld1wSEbFQQbrZ/tPDuLieCnspamQo=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "6bba64781e4b7c1f91a733583defbd3e46b49408",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"lib-aggregate": {
"inputs": {
"flake-utils": "flake-utils_3",
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1696766909,
"narHash": "sha256-lU1BmCWpQ9cx64YnJKc89lMg9cx4pCokXIbh5J//2t0=",
"owner": "nix-community",
"repo": "lib-aggregate",
"rev": "9f495e4feea66426589cbb59ac8b972993b5d872",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "lib-aggregate",
"type": "github"
}
},
"lowdown-src": {
"flake": false,
"locked": {
"lastModified": 1633514407,
"narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=",
"owner": "kristapsdz",
"repo": "lowdown",
"rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8",
"type": "github"
},
"original": {
"owner": "kristapsdz",
"repo": "lowdown",
"type": "github"
}
},
"mozilla": {
"flake": false,
"locked": {
"lastModified": 1695805681,
"narHash": "sha256-1ElPLD8eFfnuIk0G52HGGpRtQZ4QPCjChRlEOfkZ5ro=",
"owner": "mozilla",
"repo": "nixpkgs-mozilla",
"rev": "6eabade97bc28d707a8b9d82ad13ef143836736e",
"type": "github"
},
"original": {
"owner": "mozilla",
"repo": "nixpkgs-mozilla",
"type": "github"
}
},
"nh": {
"inputs": {
"flake-parts": "flake-parts",
"nix-filter": "nix-filter",
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1696149398,
"narHash": "sha256-RwlAyww4bzeu2ndeQoScelYtlYiSxPdCn70R+xGdZBc=",
"owner": "viperML",
"repo": "nh",
"rev": "2985f5a45d6f3e1a9d8d3ca5c777ef1bc9c7fbd1",
"type": "github"
},
"original": {
"owner": "viperML",
"repo": "nh",
"type": "github"
}
},
"nil": {
"inputs": {
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_5",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1696838607,
"narHash": "sha256-SIqN8d3ke10nWxBYg1gaD0PziPF20+t+eM2h9GBxNtk=",
"owner": "oxalica",
"repo": "nil",
"rev": "ee215a18abf1798dac632f76cad3dea6a8d4418f",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "nil",
"type": "github"
}
},
"nix": {
"inputs": {
"lowdown-src": "lowdown-src",
"nixpkgs": [
"devenv",
"nixpkgs"
],
"nixpkgs-regression": "nixpkgs-regression"
},
"locked": {
"lastModified": 1676545802,
"narHash": "sha256-EK4rZ+Hd5hsvXnzSzk2ikhStJnD63odF7SzsQ8CuSPU=",
"owner": "domenkozar",
"repo": "nix",
"rev": "7c91803598ffbcfe4a55c44ac6d49b2cf07a527f",
"type": "github"
},
"original": {
"owner": "domenkozar",
"ref": "relaxed-flakes",
"repo": "nix",
"type": "github"
}
},
"nix-filter": {
"locked": {
"lastModified": 1694857738,
"narHash": "sha256-bxxNyLHjhu0N8T3REINXQ2ZkJco0ABFPn6PIe2QUfqo=",
"owner": "numtide",
"repo": "nix-filter",
"rev": "41fd48e00c22b4ced525af521ead8792402de0ea",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "nix-filter",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1696975083,
"narHash": "sha256-Wsita+TLmgKq+xE337FJdhzDUbgy8jJIBwUhxjAQegA=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "c2bbfcfc3d12351919f8df7c7d6528f41751d0a3",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixos-hardware",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1678875422,
"narHash": "sha256-T3o6NcQPwXjxJMn2shz86Chch4ljXgZn746c2caGxd8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "126f49a01de5b7e35a43fd43f891ecf6d3a51459",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1696726172,
"narHash": "sha256-89yxFXzTA7JRyWo6hg7SD4DlS/ejYt8Y8IvGZHbSWsg=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "59da6ac0c02c48aa92dee37057f978412797db2a",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-lib_2": {
"locked": {
"dir": "lib",
"lastModified": 1693471703,
"narHash": "sha256-0l03ZBL8P1P6z8MaSDS/MvuU8E75rVxe5eE1N6gxeTo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3e52e76b70d5508f3cec70b882a29199f4d1ee85",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-regression": {
"locked": {
"lastModified": 1643052045,
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1685801374,
"narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c37ca420157f4abc31e26f436c1145f8951ff373",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1696697597,
"narHash": "sha256-q26Qv4DQ+h6IeozF2o1secyQG0jt2VUT3V0K58jr3pg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5a237aecb57296f67276ac9ab296a41c23981f56",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_3": {
"locked": {
"lastModified": 1685801374,
"narHash": "sha256-otaSUoFEMM+LjBI1XL/xGB5ao6IwnZOXc47qhIgJe8U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c37ca420157f4abc31e26f436c1145f8951ff373",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1696879762,
"narHash": "sha256-Ud6bH4DMcYHUDKavNMxAhcIpDGgHMyL/yaDEAVSImQY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f99e5f03cc0aa231ab5950a15ed02afec45ed51a",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1696879762,
"narHash": "sha256-Ud6bH4DMcYHUDKavNMxAhcIpDGgHMyL/yaDEAVSImQY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "f99e5f03cc0aa231ab5950a15ed02afec45ed51a",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1695830400,
"narHash": "sha256-gToZXQVr0G/1WriO83olnqrLSHF2Jb8BPcmCt497ro0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8a86b98f0ba1c405358f1b71ff8b5e1d317f5db2",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1696725822,
"narHash": "sha256-B7uAOS7TkLlOg1aX01rQlYbydcyB6ZnLJSfaYbKVww8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "5aabb5780a11c500981993d49ee93cfa6df9307b",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1696879762,
"narHash": "sha256-Ud6bH4DMcYHUDKavNMxAhcIpDGgHMyL/yaDEAVSImQY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "f99e5f03cc0aa231ab5950a15ed02afec45ed51a",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1696019113,
"narHash": "sha256-X3+DKYWJm93DRSdC5M6K5hLqzSya9BjibtBsuARoPco=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f5892ddac112a1e9b3612c39af1b72987ee5783a",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"beautysh": "beautysh",
"flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_7",
"pre-commit-hooks": "pre-commit-hooks_2"
},
"locked": {
"lastModified": 1697021599,
"narHash": "sha256-hyBRPjcGIwMxpL/vw29WRgPzKiBzJa45QLSZ9ja85h0=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "752f0481cecabb104f30aaec1010721a4a5dfb95",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixvim",
"type": "github"
}
},
"poetry2nix": {
"inputs": {
"flake-utils": [
"nixvim",
"beautysh",
"utils"
],
"nixpkgs": [
"nixvim",
"beautysh",
"nixpkgs"
]
},
"locked": {
"lastModified": 1658665240,
"narHash": "sha256-/wkx7D7enyBPRjIkK0w7QxLQhzEkb3UxNQnjyc3FTUI=",
"owner": "nix-community",
"repo": "poetry2nix",
"rev": "8b8edc85d24661d5a6d0d71d6a7011f3e699780f",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "poetry2nix",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": [
"devenv",
"flake-compat"
],
"flake-utils": "flake-utils",
"gitignore": "gitignore",
"nixpkgs": [
"devenv",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1688056373,
"narHash": "sha256-2+SDlNRTKsgo3LBRiMUcoEUb6sDViRNQhzJquZ4koOI=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "5843cf069272d92b60c3ed9e55b7a8989c01d4c7",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"pre-commit-hooks_2": {
"inputs": {
"flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_6",
"gitignore": "gitignore_2",
"nixpkgs": [
"nixvim",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable_3"
},
"locked": {
"lastModified": 1696158581,
"narHash": "sha256-h0vY4E7Lx95lpYQbG2w4QH4yG5wCYOvPJzK93wVQbT0=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "033453f85064ccac434dfd957f95d8457901ecd6",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"devenv": "devenv",
"emacs-overlay": "emacs-overlay",
"firefox-nightly": "firefox-nightly",
"home-manager": "home-manager",
"nh": "nh",
"nil": "nil",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_6",
"nixvim": "nixvim"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": [
"nil",
"flake-utils"
],
"nixpkgs": [
"nil",
"nixpkgs"
]
},
"locked": {
"lastModified": 1696817516,
"narHash": "sha256-Xt9OY4Wnk9/vuUfA0OHFtmSlaen5GyiS9msgwOz3okI=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "c0df7f2a856b5ff27a3ce314f6d7aacf5fda546f",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_6": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1678901627,
"narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

111
flake.nix Normal file
View File

@ -0,0 +1,111 @@
{
outputs = {
self,
home-manager,
nixos-hardware,
nixpkgs,
...
} @ inputs: let
system = "x86_64-linux";
nixosSystem = import ./lib/nixosSystem.nix;
# Add package overlays and enable unfree
pkgs = import nixpkgs {
inherit system;
config = {allowUnfree = true;};
overlays = [
inputs.emacs-overlay.overlay
(_: prev: {
inherit (inputs.devenv.packages.${prev.system}) devenv;
inherit (inputs.firefox-nightly.packages.${prev.system}) firefox-nightly-bin;
inherit (inputs.nil.packages.${prev.system}) nil;
})
];
};
# Laptop, X1 Carbon 9th Gen.
hades = {
nixos-modules = [
./machines/hades
inputs.nh.nixosModules.default
inputs.nixvim.nixosModules.nixvim
nixos-hardware.nixosModules.lenovo-thinkpad-x1-9th-gen
];
home-module = import ./home/desktop;
specialArgs =
{
username = "chnmy";
passwdHash = "$y$j9T$G75cisWVMV27C2TLIqk0P/$GsICzokHJs.FQ2Yr2rLga9iawMrY3g1SAwe8wYZNY6/";
sshKeys = [];
}
// inputs;
};
# Server, AMD A8 APU.
trench = {
nixos-modules = [
./machines/trench
];
home-module = import ./home/base;
specialArgs =
{
username = "blurryface";
passwdHash = "$y$j9T$ab7R9O2uUPI.ctGSVWgMg0$eA2Eh2lP7XxJpslkxSIy8AJQvpkvwJKwSqK9B5TOXS3";
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJQWA+bAwpm9ca5IhC6q2BsxeQH4WAiKyaht48b7/xkN cc@predator"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJnFvU6nBXEuZF08zRLFfPpxYjV3o0UayX0zTPbDb7C cc@eden"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG3PeMbehJBkmv8Ee7xJimTzXoSdmAnxhBatHSdS+saM chnmy@bastion"
];
}
// inputs;
};
in {
nixosConfigurations = let
base = {
inherit home-manager pkgs;
nixpkgs = nixpkgs;
system = system;
};
in {
hades = nixosSystem (hades // base);
trench = nixosSystem (trench // base);
};
formatter = {
"${system}" = nixpkgs.legacyPackages.${system}.alejandra;
};
};
inputs = {
devenv.url = "github:cachix/devenv";
emacs-overlay.url = "github:nix-community/emacs-overlay";
firefox-nightly.url = "github:nix-community/flake-firefox-nightly";
home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
nh.url = "github:viperML/nh";
nil.url = "github:oxalica/nil";
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixos-hardware.url = "github:nixos/nixos-hardware";
nixvim.url = "github:nix-community/nixvim";
};
nixConfig = {
# Use 4 cores to build, defaults to 1
cores = 4;
max-jobs = "auto";
# Add extra substituters for caching.
# This prevents building from source and instead fetches from
# the specified cache.
extra-substituters = [
"https://nix-community.cachix.org"
"https://devenv.cachix.org"
"https://viperml.cachix.org"
];
extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
"viperml.cachix.org-1:qZhKBMTfmcLL+OG6fj/hzsMEedgKvZVFRRAhq7j8Vh8="
];
};
}

103
home/base/default.nix Normal file
View File

@ -0,0 +1,103 @@
{
pkgs,
username,
...
}: {
home = {
username = username;
homeDirectory = "/home/${username}";
stateVersion = "23.05";
};
programs = {
home-manager.enable = true;
# A modern `ls` alternative
eza.enable = true;
# Fuzzy finder
fzf.enable = true;
# Fish shell
fish = {
enable = true;
interactiveShellInit = ''
set fish_greeting
${pkgs.starship}/bin/starship init fish | source
${pkgs.zoxide}/bin/zoxide init fish | source
'';
plugins = [
{
name = "autopair";
src = pkgs.fishPlugins.autopair.src;
}
];
shellAliases = {
ls = "${pkgs.eza}/bin/eza --color=auto --sort=size --group-directories-first";
};
};
# Git configuration
git = {
enable = true;
ignores = ["*~" ".#*"];
lfs.enable = true;
extraConfig = {
core.editor = "vim";
gc.writeCommitGraph = true;
pull.rebase = false;
};
delta = {
enable = true;
options = {
diff-so-fancy = true;
line-numbers = true;
true-color = "always";
};
};
};
# Shell Prompt
starship = {
enable = true;
settings = {
gcloud.disabled = true;
shlvl.disabled = false;
username.show_always = true;
nix_shell = {
format = "via [ $state( \($name\))](bold blue) ";
impure_msg = "[impure shell](bold red)";
pure_msg = "[pure shell](bold green)";
symbol = "";
unknown_msg = "[unknown shell](bold yellow)";
};
};
};
# Terminal multiplexer
tmux = {
enable = true;
shortcut = "a";
aggressiveResize = true;
baseIndex = 1;
newSession = true;
# Stop tmux+escape craziness.
escapeTime = 0;
# Force tmux to use /tmp for sockets (WSL2 compat)
secureSocket = false;
extraConfig = ''
# Mouse works as expected
set-option -g mouse on
# easy-to-remember split pane commands
bind | split-window -h -c "#{pane_current_path}"
bind - split-window -v -c "#{pane_current_path}"
bind c new-window -c "#{pane_current_path}"
'';
};
# Faster, smarter `cd`
zoxide.enable = true;
};
}

57
home/desktop/default.nix Normal file
View File

@ -0,0 +1,57 @@
{pkgs, ...}: {
imports = [../base];
home.packages = with pkgs; [
firefox-nightly-bin
];
programs = {
# Fish shell
# Git configuration
git = {
userEmail = "chinmay.pai@zerodha.com";
userName = "Chinmay D. Pai";
signing = {
key = "75507BE256F40CED";
signByDefault = true;
};
extraConfig = {
url."ssh://git@gitlab.zerodha.tech:2280".insteadOf = "https://gitlab.zerodha.tech";
url."ssh://git@gitlab.zerodha.tech:2280/".insteadOf = "git@gitlab.zerodha.tech:";
};
};
# Terminal emulator for wayland
wezterm = {
enable = true;
extraConfig = ''
local wezterm = require 'wezterm'
local function BaseName(s)
return string.gsub(s, '(.*[/\\])(.*)', '%2')
end
wezterm.on('format-tab-title', function(tab)
local title = BaseName(tab.active_pane.foreground_process_name)
if title and #title > 0 then
return ' ' .. BaseName(tab.active_pane.foreground_process_name) .. ' '
end
return tab_info.active_pane.title
end)
return {
font = wezterm.font 'IBM Plex Mono',
font_size = 12.0,
cursor_blink_rate = 800,
color_scheme = "Ayu Dark (Gogh)",
use_fancy_tab_bar = false,
window_decorations = "RESIZE",
xcursor_theme = "Adwaita"
}
'';
};
};
}

35
lib/nixosSystem.nix Normal file
View File

@ -0,0 +1,35 @@
{
pkgs,
nixpkgs,
home-manager,
system,
specialArgs,
nixos-modules,
home-module,
}: let
username = specialArgs.username;
in
nixpkgs.lib.nixosSystem {
inherit pkgs system specialArgs;
modules =
nixos-modules
++ [
{
# use flake's nixpkgs for `nix run nixpkgs#nixpkgs`
# and `nix repl '<nixpkgs>'`
nix.registry.nixpkgs.flake = nixpkgs;
environment.etc."nix/inputs/nixpkgs".source = "${nixpkgs}";
nix.nixPath = ["/etc/nix/inputs"];
}
home-manager.nixosModules.home-manager
{
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = specialArgs;
users."${username}" = home-module;
};
}
];
}

48
machines/hades/default.nix Normal file
View File

@ -0,0 +1,48 @@
{
lib,
pkgs,
...
}: {
imports = [
./hardware.nix
../../modules/nixos/core-desktop.nix
../../modules/nixos/user-group.nix
../../modules/gnome
../../modules/programs/nixvim
../../modules/programs/emacs
];
environment.systemPackages = with pkgs; [
editorconfig-core-c
netbird-ui
pulumi-bin
terraform
terraform-ls
];
networking = {
hostName = "hades";
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
useDHCP = lib.mkDefault false;
interfaces.wlan0.useDHCP = lib.mkDefault false;
networkmanager = {
enable = true;
wifi.backend = "iwd"; # Use iwd instead of wpa_supplicant
};
wireless.iwd.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
firewall.enable = false;
};
services = {
netbird.enable = true;
};
system.stateVersion = "23.05";
}

88
machines/hades/hardware.nix Normal file
View File

@ -0,0 +1,88 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
extraModulePackages = [];
initrd = {
availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod"];
kernelModules = [];
luks.devices."cryptroot".device = "/dev/disk/by-uuid/312b4d84-64dc-4721-9be3-bb0148199b16";
};
kernelModules = ["kvm-intel" "iwlwifi"];
# Use the systemd-boot EFI boot loader.
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = true;
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/d5c21883-f0e6-4e7a-b9a5-ee0bf4780ec5";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@"];
neededForBoot = true;
};
"/home" = {
device = "/dev/disk/by-uuid/d5c21883-f0e6-4e7a-b9a5-ee0bf4780ec5";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@home"];
};
"/.snapshots" = {
device = "/dev/disk/by-uuid/d5c21883-f0e6-4e7a-b9a5-ee0bf4780ec5";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@snapshots"];
};
"/var/log" = {
device = "/dev/disk/by-uuid/d5c21883-f0e6-4e7a-b9a5-ee0bf4780ec5";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@log"];
};
"/var/cache" = {
device = "/dev/disk/by-uuid/d5c21883-f0e6-4e7a-b9a5-ee0bf4780ec5";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@cache"];
};
"/etc/nixos" = {
device = "/dev/disk/by-uuid/d5c21883-f0e6-4e7a-b9a5-ee0bf4780ec5";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@nix-config"];
};
"/nix" = {
device = "/dev/disk/by-uuid/d5c21883-f0e6-4e7a-b9a5-ee0bf4780ec5";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@nix-store"];
};
"/boot" = {
device = "/dev/disk/by-uuid/90A5-35FF";
fsType = "vfat";
};
};
swapDevices = [];
hardware = {
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
bluetooth.enable = true;
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
virtualisation.docker.storageDriver = "btrfs";
}

20
machines/trench/default.nix Normal file
View File

@ -0,0 +1,20 @@
{pkgs, ...}: {
imports = [
./hardware.nix
../../modules/commons
../../modules/nixos/core-server.nix
../../modules/nixos/user-group.nix
../../modules/programs/nixvim
];
services = {
unifi = {
enable = true;
unifiPackage = pkgs.unifi7;
maximumJavaHeapSize = 256;
openFirewall = true;
};
};
system.stateVersion = "23.05";
}

115
machines/trench/hardware.nix Normal file
View File

@ -0,0 +1,115 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
initrd = {
availableKernelModules = ["xhci_pci" "ahci" "ehci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "r8169"];
kernelModules = [];
luks.devices."root".device = "/dev/disk/by-uuid/e70bfc3c-1147-4af7-9bae-69f70146953f";
network = {
enable = true;
ssh = {
enable = true;
port = 22;
shell = "/bin/cryptsetup-askpass";
hostKeys = ["/etc/ssh/ssh_host_ed25519_key"];
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJQWA+bAwpm9ca5IhC6q2BsxeQH4WAiKyaht48b7/xkN cc@predator"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJnFvU6nBXEuZF08zRLFfPpxYjV3o0UayX0zTPbDb7C cc@eden"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG3PeMbehJBkmv8Ee7xJimTzXoSdmAnxhBatHSdS+saM chnmy@bastion"
];
};
};
};
extraModulePackages = [];
kernelModules = ["kvm-amd"];
kernelParams = ["ip=dhcp"];
# Use the systemd-boot EFI boot loader.
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = true;
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/5cabc339-898c-4604-9bfc-0a2cf17e44ca";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@"];
neededForBoot = true; # required
};
"/home" = {
device = "/dev/disk/by-uuid/5cabc339-898c-4604-9bfc-0a2cf17e44ca";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@home"];
};
"/.snapshots" = {
device = "/dev/disk/by-uuid/5cabc339-898c-4604-9bfc-0a2cf17e44ca";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@snapshots"];
};
"/var/log" = {
device = "/dev/disk/by-uuid/5cabc339-898c-4604-9bfc-0a2cf17e44ca";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@log"];
};
"/etc/nixos" = {
device = "/dev/disk/by-uuid/5cabc339-898c-4604-9bfc-0a2cf17e44ca";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@nixos-config"];
};
"/var/cache" = {
device = "/dev/disk/by-uuid/5cabc339-898c-4604-9bfc-0a2cf17e44ca";
fsType = "btrfs";
options = ["defaults" "compress-force=zstd" "noatime" "ssd" "subvol=@cache"];
};
"/boot" = {
device = "/dev/disk/by-uuid/1C6C-122C";
fsType = "vfat";
};
};
swapDevices = [];
networking = {
hostName = "trench";
nameservers = ["1.1.1.1"];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
useDHCP = lib.mkDefault false;
interfaces.enp6s0 = {
useDHCP = lib.mkDefault true;
wakeOnLan.enable = true;
};
networkmanager.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
firewall.enable = false;
};
hardware = {
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

7
modules/commons/default.nix Normal file
View File

@ -0,0 +1,7 @@
{
imports = [
./fonts.nix
./graphics.nix
./sound.nix
];
}

52
modules/commons/fonts.nix Normal file
View File

@ -0,0 +1,52 @@
{
lib,
pkgs,
...
}: {
fonts = {
fontDir.enable = true;
packages = with pkgs; [
aileron
corefonts
dejavu_fonts
dina-font
fira
fira-code
fira-code-symbols
google-fonts
hack-font
ibm-plex
inconsolata
inter
iosevka
liberation_ttf
libertine
libre-baskerville
material-design-icons
mplus-outline-fonts.githubRelease
nerdfonts
noto-fonts
noto-fonts-extra
noto-fonts-cjk
noto-fonts-emoji
powerline-fonts
proggyfonts
roboto
vistafonts
];
fontconfig.defaultFonts = {
serif = ["Noto Serif" "Noto Color Emoji"];
sansSerif = ["Noto Sans" "Noto Color Emoji"];
monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"];
emoji = ["Noto Color Emoji"];
};
};
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = lib.mkDefault "us";
useXkbConfig = true; # use xkbOptions in tty.
};
}

20
modules/commons/graphics.nix Normal file
View File

@ -0,0 +1,20 @@
{pkgs, ...}: {
# Intel graphics support
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
};
hardware = {
opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [
intel-media-driver
vaapiIntel
vaapiVdpau
libvdpau-va-gl
];
};
};
}

14
modules/commons/sound.nix Normal file
View File

@ -0,0 +1,14 @@
{
# Enable sound.
# Use pipewire for sound and disable pulseaudio
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
wireplumber.enable = true;
};
}

6
modules/gnome/default.nix Normal file
View File

@ -0,0 +1,6 @@
{
imports = [
./gnome.nix
./fingerprint.nix
];
}

47
modules/gnome/fingerprint.nix Normal file
View File

@ -0,0 +1,47 @@
{
config,
lib,
pkgs,
...
}: {
# Enable fingerprint using fprintd
services.fprintd = {
enable = true;
package = pkgs.fprintd-tod;
tod = {
enable = true;
driver = pkgs.libfprint-2-tod1-vfs0090;
};
};
services.gnome.gnome-online-accounts.enable = lib.mkForce false;
services.gnome.gnome-keyring.enable = lib.mkForce false;
# PAM login hacks to allow password + fingerprint login
# ref: https://github.com/NixOS/nixpkgs/issues/171136#issuecomment-1627779037
security.pam.services.login.fprintAuth = false;
security.pam.services.gdm-fingerprint = lib.mkIf (config.services.fprintd.enable) {
text = ''
auth required pam_shells.so
auth requisite pam_nologin.so
auth requisite pam_faillock.so preauth
auth required ${pkgs.fprintd}/lib/security/pam_fprintd.so
auth optional pam_permit.so
auth required pam_env.so
auth [success=ok default=1] ${pkgs.gnome.gdm}/lib/security/pam_gdm.so
auth optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so
account include login
password required pam_deny.so
session include login
session optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start
'';
};
security.sudo.extraConfig = ''
Defaults timestamp_timeout=500
Defaults timestamp_type=global
'';
security.pam.services.gdm.enableGnomeKeyring = true;
}

50
modules/gnome/gnome.nix Normal file
View File

@ -0,0 +1,50 @@
{pkgs, ...}: {
# Install a few enchancements for gnome
environment.systemPackages = with pkgs; [
gnome.gnome-tweaks
gnomeExtensions.appindicator
gnomeExtensions.blur-my-shell
gnomeExtensions.just-perfection
gnomeExtensions.vitals
pinentry-gnome
];
# Add udev rules for gnome-settings-daemon
# to allow changes to the gnome shell
services.udev.packages = with pkgs; [gnome.gnome-settings-daemon];
# Remove some gnome bloatware that we don't require
environment.gnome.excludePackages = with pkgs.gnome; [
cheese
eog
epiphany
evince
geary
seahorse
simple-scan
totem
yelp
gnome-calendar
gnome-characters
gnome-clocks
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
gnome-weather
pkgs.gnome-console
pkgs.gnome-tour
];
# Enable the GNOME Desktop Environment.
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
excludePackages = with pkgs; [xterm];
# Enable touchpad support (enabled default in most desktopManager).
libinput.enable = true;
};
}

29
modules/nixos/core-desktop.nix Normal file
View File

@ -0,0 +1,29 @@
{
lib,
pkgs,
...
}: {
imports = [
./core-server.nix
../commons
];
nixpkgs.config.allowUnfree = lib.mkForce true;
environment.shells = with pkgs; [
bash
fish
];
environment.systemPackages = with pkgs; [
devenv
];
programs = {
adb.enable = true;
ssh.startAgent = true;
dconf.enable = true;
};
services.udev.packages = with pkgs; [android-udev-rules];
}

85
modules/nixos/core-server.nix Normal file
View File

@ -0,0 +1,85 @@
{
lib,
pkgs,
...
}: {
# Keep only last 10 generations
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
environment.systemPackages = with pkgs; [
bottom
busybox
curl
dnsutils
ethtool
fd
git
gnumake
nil
python3
ripgrep
tree
wget
];
# nix-helper configuration
nh = {
enable = true;
clean = {
enable = true;
extraArgs = "--keep-since 30d";
};
};
nix = {
package = pkgs.nixUnstable;
# run garbage collector dailt
gc = {
automatic = true;
dates = "daily";
options = "--delete-older-than 1w";
};
settings = {
auto-optimise-store = true;
builders-use-substitutes = true;
experimental-features = ["nix-command" "flakes"];
sandbox = true;
trusted-users = ["root" "@wheel"];
};
};
programs = {
fish.enable = true;
gnupg.agent.enable = true;
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
mtr.enable = true;
nix-ld.enable = true;
};
services = {
# Firmware updates for the system
fwupd.enable = true;
# Enable the OpenSSH daemon.
openssh = {
enable = true;
# Disable PasswordAuthentication for Sekurity
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
X11Forwarding = true;
};
openFirewall = true;
};
};
i18n.defaultLocale = "en_US.UTF-8";
time.timeZone = "Asia/Kolkata";
virtualisation.docker = {
enable = true;
# Required for containers with `--restart=always`
enableOnBoot = true;
};
}

21
modules/nixos/user-group.nix Normal file
View File

@ -0,0 +1,21 @@
{
pkgs,
specialArgs,
username,
...
}: {
nix.settings.trusted-users = [username];
users = {
mutableUsers = false;
users = {
"${username}" = {
hashedPassword = "${specialArgs.passwdHash}";
isNormalUser = true;
shell = pkgs.fish;
extraGroups = ["docker" "networkmanager" "wheel"]; # Enable sudo for the user.
openssh.authorizedKeys.keys = specialArgs.sshKeys;
};
};
};
}

14
modules/programs/emacs/default.nix Normal file
View File

@ -0,0 +1,14 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
emacsPackages.adwaita-dark-theme
emacsPackages.vterm
(aspellWithDicts (ds: with ds; [en en-computers en-science]))
];
services = {
emacs = {
enable = true;
package = pkgs.emacs29-pgtk;
};
};
}

111
modules/programs/nixvim/default.nix Normal file
View File

@ -0,0 +1,111 @@
{pkgs, ...}: {
programs = {
nixvim = {
enable = true;
defaultEditor = true;
viAlias = true;
vimAlias = true;
extraPlugins = with pkgs.vimPlugins; [telescope-ui-select-nvim];
colorschemes.ayu = {
enable = true;
# mirage = true;
};
keymaps = [
{
key = "<c-p>";
action = "<cmd>Telescope fd<cr>";
}
];
plugins = {
lsp = {
enable = true;
onAttach = ''
vim.cmd [[autocmd BufWritePre <buffer> lua vim.lsp.buf.format { async = false }]]
'';
servers = {
gopls.enable = true;
nixd.enable = true;
};
};
lualine = {
enable = true;
iconsEnabled = true;
};
telescope = {
enable = true;
enabledExtensions = ["ui-select"];
extensionConfig.ui-select = {};
extensions.frecency.enable = true;
};
comment-nvim.enable = true;
treesitter.enable = true;
gitsigns.enable = true;
nix.enable = true;
nvim-autopairs.enable = true;
illuminate.enable = true;
};
# TODO: get rid of hacks
highlight = {
SignColumn.bg = "none";
GitSignsAdd.bg = "none";
GitSignsChange.bg = "none";
GitSignsDelete.bg = "none";
DiffAdd.bg = "none";
DiffChange.bg = "none";
DiffDelete.bg = "none";
};
options = {
# colorcolumn = "80";
# cursorline = true;
number = true;
numberwidth = 4;
relativenumber = true;
signcolumn = "number";
synmaxcol = 1024;
sidescrolloff = 8;
scrolloff = 8;
wrap = false;
autoindent = true;
smartindent = true;
splitbelow = true;
splitright = true;
expandtab = true;
shiftwidth = 4;
showtabline = 4;
softtabstop = 4;
tabstop = 4;
hlsearch = true;
ignorecase = true;
smartcase = true;
timeout = true;
timeoutlen = 500;
updatetime = 300;
ttimeoutlen = 10;
backup = false;
swapfile = false;
clipboard = "unnamedplus";
mouse = "a";
showmode = false;
pumheight = 10;
background = "dark";
# termguicolors = true;
};
};
};
}