summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--exwm.nix25
-rw-r--r--flake.lock46
-rw-r--r--flake.nix34
-rw-r--r--hosts/hanekawa/configuration.nix108
-rw-r--r--hosts/hanekawa/hardware-configuration.nix77
-rw-r--r--hosts/iori.nix37
-rw-r--r--hosts/iori/configuration.nix17
-rw-r--r--hosts/kunagisa.nix52
-rw-r--r--hosts/kunagisa/configuration.nix63
-rw-r--r--hosts/kunagisa/hardware-configuration.nix44
-rw-r--r--hosts/larissa.nix69
-rw-r--r--hosts/larissa/configuration.nix106
-rw-r--r--hosts/larissa/hardware-configuration.nix51
-rw-r--r--modules/basic.nix63
-rw-r--r--modules/ddns.nix16
-rw-r--r--modules/default-user.nix (renamed from users/leonardo.nix)227
-rw-r--r--modules/desktop-environment.nix25
-rw-r--r--modules/emacs/README.org4
-rw-r--r--modules/emacs/default.nix (renamed from modules/emacs/emacs.nix)10
-rw-r--r--modules/fonts.nix24
-rw-r--r--modules/games.nix27
-rw-r--r--modules/gnome.nix75
-rw-r--r--modules/gnome/default.nix47
-rw-r--r--modules/gnome/gnome-config.nix (renamed from modules/gnome-config.nix)8
-rw-r--r--secrets/authinfo.agebin888 -> 998 bytes
-rw-r--r--secrets/cloudflare.age17
-rw-r--r--secrets/host-pub-keys.nix1
-rw-r--r--secrets/personal-mail.age22
-rw-r--r--secrets/secrets.nix1
-rw-r--r--secrets/university-mail.agebin561 -> 671 bytes
-rw-r--r--secrets/user-pass.age23
-rw-r--r--secrets/user-ssh-key.agebin953 -> 1063 bytes
-rw-r--r--secrets/work-mail.age23
33 files changed, 540 insertions, 802 deletions
diff --git a/exwm.nix b/exwm.nix
deleted file mode 100644
index df8e306..0000000
--- a/exwm.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{pkgs, inputs, system, ...}:
-{
- services.xserver = {
- enable = true;
- updateDbusEnvironment = true;
- windowManager.session = pkgs.lib.singleton {
- name = "exwm";
- start = ''
- dbus-launch ${inputs.emacs.packages.x86_64-linux.default}/bin/emacs -mm
- '';
- };
- desktopManager = {
- default = "none";
- };
- displayManager = {
- lightdm = {
- enable = true;
- };
- autoLogin = {
- enable = true;
- user = "leonardo";
- };
- };
- };
-}
diff --git a/flake.lock b/flake.lock
index 53db3e0..a6138d5 100644
--- a/flake.lock
+++ b/flake.lock
@@ -56,11 +56,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
- "lastModified": 1724260428,
- "narHash": "sha256-JRkb9hBBhLV70DRR/D5FnJBypb1Zs5oUThMh3Rkpbu8=",
+ "lastModified": 1725267572,
+ "narHash": "sha256-s5+GUIs8OewO1McYn3bhMz31Q+Xl0WRxUTKp+lPZLno=",
"owner": "nix-community",
"repo": "emacs-overlay",
- "rev": "9d8307d88a60bc4d6223a391b2fb41cc37e6714c",
+ "rev": "2f7c7275d542f59760bd307e5805572cee65ae37",
"type": "github"
},
"original": {
@@ -124,11 +124,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
- "lastModified": 1723986931,
- "narHash": "sha256-Fy+KEvDQ+Hc8lJAV3t6leXhZJ2ncU5/esxkgt3b8DEY=",
+ "lastModified": 1725180166,
+ "narHash": "sha256-fzssXuGR/mCeGbzM1ExaTqDz7QDGta3WA4jJsZyRruo=",
"owner": "nix-community",
"repo": "home-manager",
- "rev": "2598861031b78aadb4da7269df7ca9ddfc3e1671",
+ "rev": "471e3eb0a114265bcd62d11d58ba8d3421ee68eb",
"type": "github"
},
"original": {
@@ -143,27 +143,23 @@
"nixpkgs_old": "nixpkgs_old"
},
"locked": {
- "lastModified": 1722895966,
- "narHash": "sha256-BB8eFyaOT72FB5jya/2VQJzVZzlz3WaJgI0PECDEvhA=",
- "ref": "2024-05-06-hosts-in-nix",
- "rev": "fab3b0da4ef3bbfe9aae47ca13e11ad1660f2e7d",
- "revCount": 64201,
- "type": "git",
- "url": "ssh://[email protected]/mixrank/mixrank"
+ "lastModified": 1725915493,
+ "narHash": "sha256-uT7vO4LyEn2D0PCkQARkJd1T/tR+EfYnFusGK2UxrL4=",
+ "path": "/home/leonardo/mx/mixrank",
+ "type": "path"
},
"original": {
- "ref": "2024-05-06-hosts-in-nix",
- "type": "git",
- "url": "ssh://[email protected]/mixrank/mixrank"
+ "path": "/home/leonardo/mx/mixrank",
+ "type": "path"
}
},
"nixos-hardware": {
"locked": {
- "lastModified": 1724067415,
- "narHash": "sha256-WJBAEFXAtA41RMpK8mvw0cQ62CJkNMBtzcEeNIJV7b0=",
+ "lastModified": 1724878143,
+ "narHash": "sha256-UjpKo92iZ25M05kgSOw/Ti6VZwpgdlOa73zHj8OcaDk=",
"owner": "NixOS",
"repo": "nixos-hardware",
- "rev": "b09c46430ffcf18d575acf5c339b38ac4e1db5d2",
+ "rev": "95c3dfe6ef2e96ddc1ccdd7194e3cda02ca9a8ef",
"type": "github"
},
"original": {
@@ -190,11 +186,11 @@
},
"nixpkgs-stable": {
"locked": {
- "lastModified": 1724098845,
- "narHash": "sha256-D5HwjQw/02fuXbR4LCTo64koglP2j99hkDR79/3yLOE=",
+ "lastModified": 1725001927,
+ "narHash": "sha256-eV+63gK0Mp7ygCR0Oy4yIYSNcum2VQwnZamHxYTNi+M=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "f1bad50880bae73ff2d82fafc22010b4fc097a9c",
+ "rev": "6e99f2a27d600612004fbd2c3282d614bfee6421",
"type": "github"
},
"original": {
@@ -206,11 +202,11 @@
},
"nixpkgs_2": {
"locked": {
- "lastModified": 1723991338,
- "narHash": "sha256-Grh5PF0+gootJfOJFenTTxDTYPidA3V28dqJ/WV7iis=",
+ "lastModified": 1725634671,
+ "narHash": "sha256-v3rIhsJBOMLR8e/RNWxr828tB+WywYIoajrZKFM+0Gg=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "8a3354191c0d7144db9756a74755672387b702ba",
+ "rev": "574d1eac1c200690e27b8eb4e24887f8df7ac27c",
"type": "github"
},
"original": {
diff --git a/flake.nix b/flake.nix
index d983d24..ade795a 100644
--- a/flake.nix
+++ b/flake.nix
@@ -33,35 +33,23 @@
url = "github:rafaelmardojai/firefox-gnome-theme";
flake = false;
};
- mixrank.url = "git+ssh://[email protected]/mixrank/mixrank?ref=2024-05-06-hosts-in-nix";
+ mixrank.url = "path:///home/leonardo/mx/mixrank";
};
outputs = { self, nixpkgs, home-manager, agenix, mixrank, ... } @ inputs :
let
- inherit (builtins) listToAttrs readDir attrNames;
- system = "x86_64-linux";
- hosts = attrNames (readDir ./hosts);
- defaultNixosSystem = host: nixpkgs.lib.nixosSystem {
- inherit system;
- specialArgs = { inherit inputs hosts; };
+ inherit (builtins) readDir attrNames listToAttrs split head;
+ modules = map (p: import ./modules/${p}) (attrNames (readDir ./modules));
+ make-config-named = host: nixpkgs.lib.nixosSystem {
+ specialArgs = { inherit inputs; };
modules = [
- ./hosts/${host}/configuration.nix
- ./users/leonardo.nix
- home-manager.nixosModules.home-manager
- agenix.nixosModules.default
- mixrank.nixosModules.dev-machine
- ];
+ ./hosts/${host}.nix
+ ] ++ modules;
};
+ get-basename = n: head (split "\\." n);
+ hosts-names = map get-basename (attrNames (readDir ./hosts));
+ nixos-configs = map (h: { name= h; value = make-config-named h;}) hosts-names;
in {
- nixosConfigurations =
- (listToAttrs (map (host: {name = host; value = defaultNixosSystem host; }) hosts))
- // { iori = nixpkgs.lib.nixosSystem {
- system = "aarch64-linux";
- specialArgs = { inherit inputs; };
- modules = [
- ./hosts/iori/configuration.nix
- ];
- };
- };
+ nixosConfigurations = listToAttrs nixos-configs;
};
}
diff --git a/hosts/hanekawa/configuration.nix b/hosts/hanekawa/configuration.nix
deleted file mode 100644
index e646c98..0000000
--- a/hosts/hanekawa/configuration.nix
+++ /dev/null
@@ -1,108 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system. Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, lib, inputs, ... }:
-
-{
- imports =
- [ # Include the results of the hardware scan.
- ./hardware-configuration.nix
- ];
-
- # Bootloader.
- boot.loader.systemd-boot.enable = true;
- boot.loader.efi.canTouchEfiVariables = true;
-
- networking.hostName = "hanekawa"; # Define your hostname.
- # Configure network proxy if necessary
- # networking.proxy.default = "http://user:password@proxy:port/";
- # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
-
- # Enable networking
- networking.networkmanager.enable = true;
-
- # Set your time zone.
- time.timeZone = "America/Sao_Paulo";
-
- # Select internationalisation properties.
- i18n.defaultLocale = "pt_BR.UTF-8";
-
- # Enable the X11 windowing system.
- services.touchegg.enable = true;
- services.xserver = {
- enable = true;
- xkb.layout = "br";
- xkb.variant = "";
- libinput = {
- enable = true;
- touchpad = {
- tapping = true;
- scrollMethod = "twofinger";
- clickMethod = "clickfinger";
- tappingButtonMap = "lrm";
- };
- };
- videoDrivers = [ "nvidia" ];
- };
-
- # Configure console keymap
- console.keyMap = "br-abnt2";
-
- # Enable CUPS to print documents.
- services.printing.enable = true;
-
- services.thermald.enable = true;
-
- # Enable sound with pipewire.
- sound.enable = true;
-
- security.rtkit.enable = true;
- services.fstrim.enable = lib.mkDefault true;
- services.pipewire = {
- enable = true;
- alsa.enable = true;
- alsa.support32Bit = true;
- pulse.enable = true;
- # If you want to use JACK applications, uncomment this
- #jack.enable = true;
-
- # use the example session manager (no others are packaged yet so this is enabled by default,
- # no need to redefine it in your config for now)
- #media-session.enable = true;
- };
-
- # Define a user account. Don't forget to set a password with ‘passwd’.
- users.users.leonardo = {
- isNormalUser = true;
- description = "leonardo";
- extraGroups = [ "networkmanager" "wheel" ];
- };
-
- fonts = {
- fontconfig.enable = true;
- packages = [(pkgs.nerdfonts.override { fonts = [ "Iosevka" "FiraCode" ]; })];
- };
-
- # Allow unfree packages
- services.openssh.enable = true;
- programs.ssh = {
- forwardX11 = true;
- startAgent = true;
- };
-
- # Open ports in the firewall.
- # networking.firewall.allowedTCPPorts = [ ... ];
- # networking.firewall.allowedUDPPorts = [ ... ];
- # Or disable the firewall altogether.
- # networking.firewall.enable = false;
-
- # This value determines the NixOS release from which the default
- # settings for stateful data, like file locations and database versions
- # on your system were taken. It‘s perfectly fine and recommended to leave
- # this value at the release version of the first install of this system.
- # Before changing this value read the documentation for this option
- # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
- system.stateVersion = "23.05"; # Did you read the comment?
-
-}
diff --git a/hosts/hanekawa/hardware-configuration.nix b/hosts/hanekawa/hardware-configuration.nix
deleted file mode 100644
index 2b11bd6..0000000
--- a/hosts/hanekawa/hardware-configuration.nix
+++ /dev/null
@@ -1,77 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
- imports = [
- (modulesPath + "/installer/scan/not-detected.nix")
-
- ];
- boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ];
- boot.initrd.kernelModules = [ ];
-
- boot.kernelModules = [
- "kvm-intel"
- "i915"
- ];
- boot.kernelParams = [
- "acpi_osi=Linux-Dell-Video"
- ];
- boot.extraModulePackages = [ ];
-
- fileSystems."/" =
- { device = "/dev/disk/by-uuid/36536f52-8ca1-4a1e-b418-4016e529ea97";
- fsType = "ext4";
- };
-
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/6021-0AF8";
- fsType = "vfat";
- };
-
- swapDevices =
- [ { device = "/dev/disk/by-uuid/51402149-30c4-475c-af19-c5d600b1ee8e"; }
- ];
-
-
-
- hardware = {
- opengl = {
- enable = true;
- driSupport = true;
- driSupport32Bit = true;
- };
- pulseaudio.enable = false;
- nvidia = {
- modesetting.enable = true;
- powerManagement = { enable = false; finegrained = false; };
- open = false;
- nvidiaSettings = true;
- prime = {
- offload = {
- enable = true;
- enableOffloadCmd = true;
- };
- sync.enable = false;
- reverseSync.enable = false;
- intelBusId = "PCI:0:2:0";
- nvidiaBusId = "PCI:1:0:0";
- };
- };
- opengl.extraPackages = [ pkgs.vaapiVdpau ];
-
- };
-
- # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
- # (the default) this is the recommended approach. When using systemd-networkd it's
- # still possible to use this option, but it's recommended to use it in conjunction
- # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
- networking.useDHCP = lib.mkDefault true;
- # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
- # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
-
- nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
- hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
diff --git a/hosts/iori.nix b/hosts/iori.nix
new file mode 100644
index 0000000..896f836
--- /dev/null
+++ b/hosts/iori.nix
@@ -0,0 +1,37 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{ lib, inputs, modulesPath, ... }:
+
+{
+ imports = [ # Include the results of the hardware scan.
+ inputs.nixos-hardware.nixosModules.raspberry-pi-4
+ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ santi-modules = {
+ default-user.enable = true;
+ basic.enable = true;
+ font-config.enable = false;
+ services.ddns.enable = true;
+ };
+
+ boot = {
+ loader.grub.enable = false;
+ loader.generic-extlinux-compatible.enable = true;
+ initrd.availableKernelModules = [ "xhci_pci" ];
+ };
+
+ fileSystems."/" = {
+ device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
+ fsType = "ext4";
+ };
+
+ networking = {
+ hostName = "iori"; # Define your hostname.
+ useDHCP = lib.mkDefault true;
+ };
+ nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+ system.stateVersion = "24.05"; # Did you read the comment?
+}
diff --git a/hosts/iori/configuration.nix b/hosts/iori/configuration.nix
deleted file mode 100644
index db84c09..0000000
--- a/hosts/iori/configuration.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ pkgs, inputs, ... }:
-{
- imports =
- [ inputs.nixos-hardware.nixosModules.raspberry-pi-4 ];
- # hardware = {
- # raspberry-pi."4".apply-overlays-dtmerge.enable = true;
- # };
- nixpkgs.overlays = [
- (final: super: {
- makeModulesClosure = x:
- super.makeModulesClosure (x // { allowMissing = true; });
- })
- ];
-
- networking.hostName = "iori";
- system.stateVersion = "23.11";
-}
diff --git a/hosts/kunagisa.nix b/hosts/kunagisa.nix
new file mode 100644
index 0000000..60d7d65
--- /dev/null
+++ b/hosts/kunagisa.nix
@@ -0,0 +1,52 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, lib, modulesPath, inputs, ... }: {
+ imports = [
+ inputs.mixrank.nixosModules.dev-machine
+ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+ santi-modules.desktop-environment.enable = true;
+ # Bootloader.
+ boot = {
+ loader = {
+ systemd-boot.enable = true;
+ efi.canTouchEfiVariables = true;
+ };
+ initrd = {
+ availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" ];
+ kernelModules = [ "amdgpu" ];
+ };
+ binfmt.emulatedSystems = [ "aarch64-linux" ];
+ kernelModules = [ "kvm-amd" ];
+ kernelPackages = pkgs.linuxPackages_latest;
+ extraModulePackages = [ ];
+ };
+
+ networking = {
+ hostName = "kunagisa"; # Define your hostname.
+ networkmanager.enable = true;
+ firewall.enable = false;
+ useDHCP = lib.mkDefault true;
+ };
+
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+
+ fileSystems = {
+ "/" = {
+ device = "/dev/disk/by-uuid/96c114a2-ffd7-476d-80fa-51e670c27e4b";
+ fsType = "ext4";
+ };
+ "/boot" = {
+ device = "/dev/disk/by-uuid/AA22-4A81";
+ fsType = "vfat";
+ };
+ };
+
+ swapDevices = [
+ { device = "/dev/disk/by-uuid/1a204e5c-05cb-4e7f-b859-927fb024fb12"; }
+ ];
+ hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+ system.stateVersion = "23.05";
+}
diff --git a/hosts/kunagisa/configuration.nix b/hosts/kunagisa/configuration.nix
deleted file mode 100644
index 9965d92..0000000
--- a/hosts/kunagisa/configuration.nix
+++ /dev/null
@@ -1,63 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system. Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, inputs, ... }:
-
-{
- imports =
- [ # Include the results of the hardware scan.
- ./hardware-configuration.nix
- ];
-
- # Bootloader.
- boot.loader.systemd-boot.enable = true;
- boot.loader.efi.canTouchEfiVariables = true;
- boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
-
- networking.hostName = "kunagisa"; # Define your hostname.
-
- # Configure network proxy if necessary
- # networking.proxy.default = "http://user:password@proxy:port/";
- # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
-
- networking.networkmanager.enable = true;
-
- time.timeZone = "America/Sao_Paulo";
-
- i18n.defaultLocale = "pt_BR.UTF-8";
-
- services.xserver = {
- enable = true;
- xkb = {
- variant = "";
- layout = "br";
- };
- };
-
- console.keyMap = "br-abnt2";
-
- services.printing.enable = true;
-
- hardware.pulseaudio.enable = false;
- security.rtkit.enable = true;
- services.pipewire = {
- enable = true;
- alsa.enable = true;
- alsa.support32Bit = true;
- pulse.enable = true;
- };
-
- networking.firewall = {
- enable = false;
- # allowedTCPPorts = [ 12345 ];
- };
-
- # This value determines the NixOS release from which the default
- # settings for stateful data, like file locations and database versions
- # on your system were taken. It‘s perfectly fine and recommended to leave
- # this value at the release version of the first install of this system.
- # Before changing this value read the documentation for this option
- # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
- system.stateVersion = "23.05"; # Did you read the comment?
-}
diff --git a/hosts/kunagisa/hardware-configuration.nix b/hosts/kunagisa/hardware-configuration.nix
deleted file mode 100644
index f98cb38..0000000
--- a/hosts/kunagisa/hardware-configuration.nix
+++ /dev/null
@@ -1,44 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
- imports =
- [ (modulesPath + "/installer/scan/not-detected.nix")
- ];
-
- boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" ];
- boot.initrd.kernelModules = [ "amdgpu" ];
- boot.kernelModules = [ "kvm-amd" ];
- boot.kernelPackages = pkgs.linuxPackages_latest;
- # boot.kernelParams = [
- # "video=HDMI-1:1920x1080@60"
- # "video=DP-2:2560x1080@75"
- # ];
- boot.extraModulePackages = [ ];
-
- fileSystems."/" =
- { device = "/dev/disk/by-uuid/96c114a2-ffd7-476d-80fa-51e670c27e4b";
- fsType = "ext4";
- };
-
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/AA22-4A81";
- fsType = "vfat";
- };
-
- swapDevices =
- [ { device = "/dev/disk/by-uuid/1a204e5c-05cb-4e7f-b859-927fb024fb12"; }
- ];
-
- # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
- # (the default) this is the recommended approach. When using systemd-networkd it's
- # still possible to use this option, but it's recommended to use it in conjunction
- # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
- networking.useDHCP = lib.mkDefault true;
- # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
-
- nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
diff --git a/hosts/larissa.nix b/hosts/larissa.nix
new file mode 100644
index 0000000..80f496b
--- /dev/null
+++ b/hosts/larissa.nix
@@ -0,0 +1,69 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, lib, inputs, modulesPath, ... }: {
+ imports = [
+ inputs.mixrank.nixosModules.dev-machine
+ inputs.nixos-hardware.nixosModules.framework-13-7040-amd
+ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ santi-modules = {
+ desktop-environment.enable = true;
+ services.ddns.enable = true;
+ };
+ # Bootloader.
+ boot = {
+ loader.systemd-boot.enable = true;
+ loader.efi.canTouchEfiVariables = true;
+ initrd = {
+ luks.devices."luks-fc474bfb-2d0a-4a8a-99db-a55e15d8a836".device = "/dev/disk/by-uuid/fc474bfb-2d0a-4a8a-99db-a55e15d8a836";
+ availableKernelModules = [
+ "nvme"
+ "xhci_pci"
+ "thunderbolt"
+ "usb_storage"
+ "sd_mod"
+ ];
+ };
+ kernelPackages = pkgs.linuxPackages_latest;
+ kernelModules = [ "kvm-amd" ];
+ kernelParams = lib.optionals (lib.versionOlder config.boot.kernelPackages.kernel.version "6.8") ["rtc_cmos.use_acpi_alarm=1"] ;
+ };
+
+ networking = {
+ hostName = "larissa";
+ networkmanager.enable = true;
+ useDHCP = lib.mkDefault true;
+ };
+ # Custom services for laptop
+ services = {
+ power-profiles-daemon.enable = lib.mkDefault true;
+ touchegg.enable = true;
+ fwupd.enable = true;
+ libinput = {
+ enable = true;
+ touchpad = {
+ tapping = true;
+ scrollMethod = "twofinger";
+ clickMethod = "clickfinger";
+ tappingButtonMap = "lrm";
+ };
+ };
+ };
+ fileSystems = {
+ "/" = {
+ device = "/dev/disk/by-uuid/bd4da861-db3f-4efd-82e1-ca925f8ef873";
+ fsType = "ext4";
+ };
+ "/boot" = {
+ device = "/dev/disk/by-uuid/D40E-FE35";
+ fsType = "vfat";
+ options = [ "fmask=0022" "dmask=0022" ];
+ };
+ };
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+ hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+ system.stateVersion = "23.11";
+}
diff --git a/hosts/larissa/configuration.nix b/hosts/larissa/configuration.nix
deleted file mode 100644
index 9057de4..0000000
--- a/hosts/larissa/configuration.nix
+++ /dev/null
@@ -1,106 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system. Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, ... }:
-
-{
- imports =
- [ # Include the results of the hardware scan.
- ./hardware-configuration.nix
- ];
-
- services.fwupd.enable = true;
-
- # Bootloader.
- boot.loader.systemd-boot.enable = true;
- boot.loader.efi.canTouchEfiVariables = true;
-
- networking.hostName = "larissa"; # Define your hostname.
- # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
-
- # Configure network proxy if necessary
- # networking.proxy.default = "http://user:password@proxy:port/";
- # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
-
- # Enable networking
- networking.networkmanager.enable = true;
-
- # Set your time zone.
- time.timeZone = "America/Sao_Paulo";
-
- # Select internationalisation properties.
- i18n.defaultLocale = "en_US.UTF-8";
-
- i18n.extraLocaleSettings = {
- LC_ADDRESS = "pt_BR.UTF-8";
- LC_IDENTIFICATION = "pt_BR.UTF-8";
- LC_MEASUREMENT = "pt_BR.UTF-8";
- LC_MONETARY = "pt_BR.UTF-8";
- LC_NAME = "pt_BR.UTF-8";
- LC_NUMERIC = "pt_BR.UTF-8";
- LC_PAPER = "pt_BR.UTF-8";
- LC_TELEPHONE = "pt_BR.UTF-8";
- LC_TIME = "pt_BR.UTF-8";
- };
-
- services.touchegg.enable = true;
- # Configure keymap in X11
- services.xserver = {
- enable = true;
- xkb = {
- variant = "abnt2";
- layout = "br";
- };
- };
- services.libinput = {
- enable = true;
- touchpad = {
- tapping = true;
- scrollMethod = "twofinger";
- clickMethod = "clickfinger";
- tappingButtonMap = "lrm";
- };
- };
-
- console.keyMap = "br-abnt2";
- # Enable CUPS to print documents.
- services.printing.enable = true;
-
- hardware.pulseaudio.enable = false;
- security.rtkit.enable = true;
- services.pipewire = {
- enable = true;
- alsa.enable = true;
- alsa.support32Bit = true;
- pulse.enable = true;
- # If you want to use JACK applications, uncomment this
- #jack.enable = true;
-
- # use the example session manager (no others are packaged yet so this is enabled by default,
- # no need to redefine it in your config for now)
- #media-session.enable = true;
- };
-
- # Enable touchpad support (enabled default in most desktopManager).
- # services.xserver.libinput.enable = true;
- # List services that you want to enable:
-
- # Enable the OpenSSH daemon.
- # services.openssh.enable = true;
-
- # Open ports in the firewall.
- # networking.firewall.allowedTCPPorts = [ ... ];
- # networking.firewall.allowedUDPPorts = [ ... ];
- # Or disable the firewall altogether.
- # networking.firewall.enable = false;
-
- # This value determines the NixOS release from which the default
- # settings for stateful data, like file locations and database versions
- # on your system were taken. It‘s perfectly fine and recommended to leave
- # this value at the release version of the first install of this system.
- # Before changing this value read the documentation for this option
- # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
- system.stateVersion = "23.11"; # Did you read the comment?
-
-}
diff --git a/hosts/larissa/hardware-configuration.nix b/hosts/larissa/hardware-configuration.nix
deleted file mode 100644
index 4a17244..0000000
--- a/hosts/larissa/hardware-configuration.nix
+++ /dev/null
@@ -1,51 +0,0 @@
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, modulesPath, inputs, pkgs, ... }:
-
-{
- imports =
- [ (modulesPath + "/installer/scan/not-detected.nix")
- inputs.nixos-hardware.nixosModules.framework-13-7040-amd
- ];
-
- boot.initrd.availableKernelModules = [
- "nvme"
- "xhci_pci"
- "thunderbolt"
- "usb_storage"
- "sd_mod"
- ];
- boot.initrd.kernelModules = [ ];
- boot.kernelPackages = pkgs.linuxPackages_latest;
- boot.kernelModules = [ "kvm-amd" ];
- boot.kernelParams = lib.optionals (lib.versionOlder config.boot.kernelPackages.kernel.version "6.8") ["rtc_cmos.use_acpi_alarm=1"] ;
- boot.extraModulePackages = [ ];
-
- services.power-profiles-daemon.enable = lib.mkDefault true;
-
- fileSystems."/" =
- { device = "/dev/disk/by-uuid/bd4da861-db3f-4efd-82e1-ca925f8ef873";
- fsType = "ext4";
- };
-
- boot.initrd.luks.devices."luks-fc474bfb-2d0a-4a8a-99db-a55e15d8a836".device = "/dev/disk/by-uuid/fc474bfb-2d0a-4a8a-99db-a55e15d8a836";
-
- fileSystems."/boot" =
- { device = "/dev/disk/by-uuid/D40E-FE35";
- fsType = "vfat";
- options = [ "fmask=0022" "dmask=0022" ];
- };
-
- swapDevices = [ ];
-
- # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
- # (the default) this is the recommended approach. When using systemd-networkd it's
- # still possible to use this option, but it's recommended to use it in conjunction
- # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
- networking.useDHCP = lib.mkDefault true;
- # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
-
- nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
- hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
diff --git a/modules/basic.nix b/modules/basic.nix
new file mode 100644
index 0000000..e2c68c1
--- /dev/null
+++ b/modules/basic.nix
@@ -0,0 +1,63 @@
+{ config, lib, pkgs, ...}: with lib; {
+ options.santi-modules.basic.enable = mkOption {
+ type = types.bool;
+ default = true;
+ description = "Enables basic configuration on nix, nixpkgs and bash prompt.";
+ };
+ config = mkIf config.santi-modules.basic.enable {
+ nix = {
+ package = pkgs.lib.mkForce pkgs.nixVersions.nix_2_23;
+ settings = {
+ trusted-users = [ "root" "leonardo" ];
+ auto-optimise-store = true;
+ };
+ gc = {
+ automatic = true;
+ dates = "weekly";
+ options = "--delete-older-than 30d";
+ };
+ };
+
+ nixpkgs = {
+ config.allowUnfree = true;
+ config.allowUnfreePredicate = _: true;
+ };
+
+ programs.bash = {
+ vteIntegration = true;
+ enableLsColors = true;
+ completion.enable = true;
+ promptInit =
+ ''
+ PS1="\[\033[1;95m\][\h]\[\033[0m\] \[\033[0;32m\]\w\[\033[0m\] :: "
+ [ -n "$EAT_SHELL_INTEGRATION_DIR" ] && source "$EAT_SHELL_INTEGRATION_DIR/bash"
+ '';
+ };
+ programs.direnv = {
+ enable = true;
+ nix-direnv.enable = true;
+ };
+ time.timeZone = "America/Sao_Paulo";
+ i18n.defaultLocale = "en_US.UTF-8";
+ i18n.extraLocaleSettings = {
+ LC_ADDRESS = "pt_BR.UTF-8";
+ LC_IDENTIFICATION = "pt_BR.UTF-8";
+ LC_MEASUREMENT = "pt_BR.UTF-8";
+ LC_MONETARY = "pt_BR.UTF-8";
+ LC_NAME = "pt_BR.UTF-8";
+ LC_NUMERIC = "pt_BR.UTF-8";
+ LC_PAPER = "pt_BR.UTF-8";
+ LC_TELEPHONE = "pt_BR.UTF-8";
+ LC_TIME = "pt_BR.UTF-8";
+ };
+
+ services.xserver = {
+ enable = true;
+ xkb = {
+ variant = "abnt2";
+ layout = "br";
+ };
+ };
+ console.keyMap = "br-abnt2";
+ };
+}
diff --git a/modules/ddns.nix b/modules/ddns.nix
new file mode 100644
index 0000000..53dcb0f
--- /dev/null
+++ b/modules/ddns.nix
@@ -0,0 +1,16 @@
+{ config, lib, pkgs, ...}: with lib; {
+ options.santi-modules.services.ddns.enable = mkEnableOption "Enable ddns service";
+ config = mkIf config.santi-modules.services.ddns.enable {
+ services.inadyn = {
+ enable = true;
+ user = "leonardo";
+ group = "users";
+ settings.provider."cloudflare.com" = {
+ hostname="santi.net.br";
+ username="santi.net.br";
+ proxied = false;
+ include = config.age.secrets.cloudflare.path;
+ };
+ };
+ };
+}
diff --git a/users/leonardo.nix b/modules/default-user.nix
index ed59bf2..189c354 100644
--- a/users/leonardo.nix
+++ b/modules/default-user.nix
@@ -1,78 +1,52 @@
-{ pkgs, config, inputs, ... }:
-let
- hosts-pub-keys = import ../secrets/host-pub-keys.nix;
-in
-{
+{ config, lib, inputs, pkgs, ...}: with lib; let
+ cfg = config.santi-modules;
+in {
imports = [
- ../modules/gnome.nix
- ../modules/emacs/emacs.nix
+ inputs.agenix.nixosModules.default
+ inputs.home-manager.nixosModules.home-manager
];
- config = {
- nix = {
- package = pkgs.lib.mkForce pkgs.nixVersions.nix_2_23;
- settings = {
- trusted-users = [ "root" "leonardo" ];
- auto-optimise-store = true;
- };
- gc = {
- automatic = true;
- dates = "weekly";
- options = "--delete-older-than 30d";
- };
+ options.santi-modules = {
+ default-user.enable = mkOption {
+ type = types.bool;
+ default = true;
+ description = "Enables default user configuration and ssh access";
};
-
- environment.systemPackages = with pkgs;[
- prismlauncher
- rage
- ];
-
-
- nixpkgs = {
- config.allowUnfree = true;
- config.allowUnfreePredicate = _: true;
- };
- programs.bash = {
- vteIntegration = true;
- enableLsColors = true;
- completion.enable = true;
- promptInit =
- ''
- PS1="\[\033[1;95m\][\h]\[\033[0m\] \[\033[0;32m\]\w\[\033[0m\] :: "
- [ -n "$EAT_SHELL_INTEGRATION_DIR" ] && source "$EAT_SHELL_INTEGRATION_DIR/bash"
- '';
+ mu.enable = mkEnableOption "Enables mu, mbsync and msmtp";
+ firefox.enable = mkEnableOption "Enables firefox";
+ };
+ config = mkIf config.santi-modules.default-user.enable {
+ environment.systemPackages = [
+ pkgs.rage
+ ] ++ (if cfg.mu.enable then [ pkgs.parallel ] else []);
+ users.mutableUsers = false;
+ users.users.leonardo = {
+ isNormalUser = true;
+ description = "leonardo";
+ extraGroups = [ "networkmanager" "wheel" ];
+ shell = pkgs.bashInteractive;
+ hashedPasswordFile = config.age.secrets.user-pass.path;
+ openssh.authorizedKeys.keys = [ (builtins.readFile ../secrets/user-ssh-key.pub)] ++ builtins.attrValues (import ../secrets/host-pub-keys.nix);
};
- fonts = {
- fontconfig = {
- enable = true;
- defaultFonts = {
- monospace = [ "Iosevka" "IPAGothic" ];
- serif = [ "DejaVu Serif" "IPAPMincho" ];
- };
+ age.secrets = let
+ with-perms = name: {
+ file = ../secrets/${name}.age;
+ owner = "leonardo";
+ group = "users";
};
- packages = with pkgs; [
- (nerdfonts.override { fonts = [ "Iosevka" "FiraCode" ]; })
- ipafont
- kochi-substitute
- dejavu_fonts
- ];
- };
-
- programs.steam = {
- enable = true;
- remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
- dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
- };
- programs.direnv = {
- enable = true;
- nix-direnv.enable = true;
- };
- programs.ssh.startAgent = true;
- services.pipewire = {
- enable = true;
- extraConfig.pipewire = {
- "context.properties"."module.x11.bell" = false;
+ in {
+ user-pass = with-perms "user-pass";
+ user-ssh-key = (with-perms "user-ssh-key") // {
+ path = "/home/leonardo/.ssh/id_ed25519";
};
- };
+ } // (optionalAttrs cfg.mu.enable (let
+ mails = ["work-mail" "personal-mail" "university-mail"];
+ mail-cfg = map (n: {name = n; value = with-perms n;}) mails;
+ in
+ listToAttrs mail-cfg))
+ // (optionalAttrs cfg.services.ddns.enable ({
+ cloudflare = with-perms "cloudflare";
+ }));
+ programs.ssh.startAgent = true;
services.openssh = {
enable = true;
settings = {
@@ -80,59 +54,58 @@ in
PasswordAuthentication = false;
};
};
- users.mutableUsers = false;
- users.users.leonardo = {
- isNormalUser = true;
- description = "leonardo";
- extraGroups = [ "networkmanager" "wheel" ];
- shell = pkgs.bashInteractive;
- hashedPasswordFile = config.age.secrets.user-pass.path;
- openssh.authorizedKeys.keys = [ (builtins.readFile ../secrets/user-ssh-key.pub)] ++ builtins.attrValues (hosts-pub-keys);
- };
-
- age = {
- secrets = {
- user-ssh-key = {
- file = ../secrets/user-ssh-key.age;
- path = "/home/leonardo/.ssh/id_ed25519";
- owner = "leonardo";
- group = "users";
- };
- } // (builtins.foldl' (acc: filename: acc // {
- ${filename} = {
- file = ../secrets/${filename}.age;
- owner = "leonardo";
- group = "users";
- };
- }) {} [ "personal-mail" "work-mail" "university-mail" "authinfo" "user-pass" ]);
- };
- services.gnome.gnome-browser-connector.enable = true;
home-manager = {
backupFileExtension = "backup";
useGlobalPkgs = true;
useUserPackages = true;
- users.leonardo = { pkgs, ... } : {
- imports = [ ./../modules/gnome-config.nix ];
+ users.leonardo = {
+ imports = [ (import ./gnome/gnome-config.nix config.santi-modules) ];
home = {
- file.".ssh/id_ed25519.pub".source = ../secrets/user-ssh-key.pub;
- file.".mozilla/firefox/leonardo/chrome/firefox-gnome-theme".source = inputs.firefox-gnome-theme;
- username = "leonardo";
- homeDirectory = "/home/leonardo";
stateVersion = "23.05";
- sessionVariables.GTK_THEME = "Adwaita-dark";
- packages = with pkgs; [
+ file.".ssh/id_ed25519.pub".source = ../secrets/user-ssh-key.pub;
+ file.".mozilla/firefox/leonardo/chrome/firefox-gnome-theme" = mkIf cfg.firefox.enable { source = inputs.firefox-gnome-theme; };
+ packages = lib.optionals cfg.desktop-environment.enable (with pkgs; [
discord
slack
whatsapp-for-linux
telegram-desktop
- ];
+ ]);
};
-
programs = {
- firefox = {
+ bash = {
+ enable = true;
+ enableCompletion = true;
+ initExtra = ''
+ shopt -s -q autocd
+ shopt -s no_empty_cmd_completion
+ '';
+ };
+ fzf = {
enable = true;
+ enableBashIntegration = true;
+ };
+ git = {
+ enable = true;
+ lfs.enable = true;
+ diff-so-fancy.enable = true;
+ extraConfig = {
+ user = {
+ name = "Leonardo Santiago";
+ email = "[email protected]";
+ signingkey = "~/.ssh/id_ed25519";
+ };
+ color.ui = true;
+ gpg.format = "ssh";
+ commit.gpgsign = true;
+ };
+ };
+ mu.enable = cfg.mu.enable;
+ msmtp.enable = cfg.mu.enable;
+ mbsync.enable = cfg.mu.enable;
+ firefox = {
+ enable = cfg.firefox.enable;
package = pkgs.firefox.override { # nixpkgs' firefox/wrapper.nix
- nativeMessagingHosts = [
+ nativeMessagingHosts = optional cfg.gnome.enable [
pkgs.gnome-browser-connector
];
};
@@ -180,45 +153,12 @@ in
};
};
};
- bash = {
- enable = true;
- enableVteIntegration = true;
- enableCompletion = true;
- initExtra = ''
- shopt -s -q autocd
- shopt -s no_empty_cmd_completion
- '';
- };
- fzf = {
- enable = true;
- enableBashIntegration = true;
- };
- git = {
- enable = true;
- lfs.enable = true;
- diff-so-fancy.enable = true;
- extraConfig = {
- user = {
- name = "Leonardo Santiago";
- email = "[email protected]";
- signingkey = "~/.ssh/id_ed25519";
- };
- color.ui = true;
- gpg.format = "ssh";
- commit.gpgsign = true;
- };
- };
- mu.enable = true;
- msmtp.enable = true;
- mbsync.enable = true;
};
-
- services.mbsync = {
+ services.mbsync = mkIf cfg.mu.enable {
enable = true;
frequency = "*:0/5";
};
-
- accounts.email.accounts = {
+ accounts.email.accounts = mkIf cfg.mu.enable {
personal = {
address = "[email protected]";
userName = "[email protected]";
@@ -268,6 +208,5 @@ in
};
};
};
-
};
}
diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix
new file mode 100644
index 0000000..c9408d9
--- /dev/null
+++ b/modules/desktop-environment.nix
@@ -0,0 +1,25 @@
+{ config, lib, pkgs, ... }: with lib; {
+ options.santi-modules.desktop-environment.enable = mkEnableOption "Enable default desktop-environment";
+ config = mkIf config.santi-modules.desktop-environment.enable {
+ santi-modules = {
+ font-config.enable = true;
+ emacs.enable = true;
+ gnome.enable = true;
+ games.enable = true;
+ mu.enable = true;
+ default-user.enable = true;
+ firefox.enable = true;
+ basic.enable = true;
+ };
+
+ services.printing.enable = true;
+ hardware.pulseaudio.enable = false;
+ security.rtkit.enable = true;
+ services.pipewire = {
+ enable = true;
+ alsa.enable = true;
+ alsa.support32Bit = true;
+ pulse.enable = true;
+ };
+ };
+}
diff --git a/modules/emacs/README.org b/modules/emacs/README.org
index 0b8ff54..81c0775 100644
--- a/modules/emacs/README.org
+++ b/modules/emacs/README.org
@@ -388,12 +388,12 @@ Actual mu4e definition
(use-package mu4e
:bind ("C-c m" . mu4e)
:custom
- (mu4e-notification-support t)
(read-mail-command 'mu4e)
(mu4e-index-cleanup nil)
(mu4e-index-lazy-check t)
(mu4e-use-fancy-chars (display-graphic-p))
(mu4e-confirm-quit nil)
+ (mu4e-eldoc-support t)
(mu4e-change-filenames-when-moving t)
(mu4e-update-interval (* 5 60))
(mu4e-get-mail-command "parallel mbsync ::: personal work university")
@@ -417,7 +417,7 @@ Actual mu4e definition
(cond
((personal-p msg) "/personal/[Gmail]/Todos\ os\ e-mails")
((university-p msg) "/university/[Gmail]/Todos\ os\ e-mails")
- ((work-p msg) "/work/[Gmail]/'All mail'"))))
+ ((work-p msg) "/work/[Gmail]/All\ mail"))))
(mu4e-trash-folder (lambda (msg)
(cond
((personal-p msg) "/personal/[Gmail]/Lixeira")
diff --git a/modules/emacs/emacs.nix b/modules/emacs/default.nix
index bc73977..ceba97e 100644
--- a/modules/emacs/emacs.nix
+++ b/modules/emacs/default.nix
@@ -1,13 +1,11 @@
-{ pkgs, inputs, ...}:
+{ pkgs, inputs, lib, config, ...}:
let
outside-emacs = with pkgs; [
(python3.withPackages (p: (with p; [
python-lsp-server
python-lsp-ruff
- pylsp-mypy
])))
nil
- parallel
ripgrep
emacs-lsp-booster
];
@@ -42,9 +40,9 @@ let
]))
] ++ outside-emacs;
};
-in
-{
- config = {
+in with lib; {
+ options.santi-modules.emacs.enable = mkEnableOption "Enable emacs configuration";
+ config = mkIf config.santi-modules.emacs.enable {
nixpkgs.overlays = [ inputs.emacs-overlay.overlays.default ];
environment.systemPackages = [
emacs
diff --git a/modules/fonts.nix b/modules/fonts.nix
new file mode 100644
index 0000000..286f670
--- /dev/null
+++ b/modules/fonts.nix
@@ -0,0 +1,24 @@
+{ config, lib, pkgs, ...} : with lib; {
+ options.santi-modules.font-config.enable = mkOption {
+ type = types.bool;
+ default = true;
+ description = "Installs default fonts.";
+ };
+ config = mkIf config.santi-modules.font-config.enable {
+ fonts = {
+ fontconfig = {
+ enable = true;
+ defaultFonts = {
+ monospace = [ "Iosevka" "IPAGothic" ];
+ serif = [ "DejaVu Serif" "IPAPMincho" ];
+ };
+ };
+ packages = with pkgs; [
+ (nerdfonts.override { fonts = [ "Iosevka" "FiraCode" ]; })
+ ipafont
+ kochi-substitute
+ dejavu_fonts
+ ];
+ };
+ };
+}
diff --git a/modules/games.nix b/modules/games.nix
new file mode 100644
index 0000000..d47254d
--- /dev/null
+++ b/modules/games.nix
@@ -0,0 +1,27 @@
+{ config, lib, pkgs, ... }: let
+ cfg = config.santi-modules;
+in with lib; {
+ options.santi-modules = {
+ games.enable = mkEnableOption "Enable all games";
+ steam.enable = mkOption {
+ description = "Enable steam installation";
+ default = cfg.games.enable;
+ type = types.bool;
+ };
+ minecraft.enable = mkOption {
+ description = "Enable minecraft launcher";
+ default = cfg.games.enable;
+ type = types.bool;
+ };
+ };
+ config = {
+ programs.steam = mkIf cfg.steam.enable {
+ enable = true;
+ remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
+ dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
+ };
+ environment.systemPackages = mkIf cfg.minecraft.enable [
+ pkgs.prismlauncher
+ ];
+ };
+}
diff --git a/modules/gnome.nix b/modules/gnome.nix
deleted file mode 100644
index a80001f..0000000
--- a/modules/gnome.nix
+++ /dev/null
@@ -1,75 +0,0 @@
-{inputs, pkgs, ...}:
-{
- config = {
- # enable buffering for better perfomance
- programs.dconf.enable = true;
- # nixpkgs.overlays = [
- # (final: prev: {
- # gnome = prev.gnome.overrideScope' (gnomeFinal: gnomePrev: {
- # mutter = gnomePrev.mutter.overrideAttrs ( old: {
- # src = pkgs.fetchgit {
- # url = "https://gitlab.gnome.org/vanvugt/mutter.git";
- # # GNOME 45: triple-buffering-v4-45
- # rev = "0b896518b2028d9c4d6ea44806d093fd33793689";
- # sha256 = "sha256-mzNy5GPlB2qkI2KEAErJQzO//uo8yO0kPQUwvGDwR4w=";
- # };
- # } );
- # });
- # })
- # ];
- environment.systemPackages = with pkgs; [
- gnome-tweaks
- tela-icon-theme
- ] ++ (with gnomeExtensions; [
- appindicator
- vitals
- user-themes
- graphite-gtk-theme
- x11-gestures
- gsconnect
- ]);
-
-
- # gsconnect specific
- programs.firefox.nativeMessagingHosts.gsconnect.enable = true;
- networking.firewall.allowedTCPPortRanges = [
- # KDE Connect
- { from = 1714; to = 1764; }
- ];
- networking.firewall.allowedUDPPortRanges = [
- # KDE Connect
- { from = 1714; to = 1764; }
- ];
-
- environment.gnome.excludePackages = (with pkgs; [
- gnome-photos
- gnome-tour
- gedit
- cheese
- gnome-terminal
- epiphany # web browser
- geary # email reader
- evince # document viewer
- totem # video player
- ]) ++ (with pkgs.gnome; [
- gnome-music
- gnome-characters
- tali # poker game
- iagno # go game
- hitori # sudoku game
- atomix # puzzle game
- ]);
- services.xserver = {
- displayManager.gdm = {
- enable = true;
- wayland = false;
- };
- desktopManager.gnome.enable = true;
- };
- services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ];
- services.gnome = {
- gnome-browser-connector.enable = true;
- gnome-keyring.enable = true;
- };
- };
-}
diff --git a/modules/gnome/default.nix b/modules/gnome/default.nix
new file mode 100644
index 0000000..f0e7939
--- /dev/null
+++ b/modules/gnome/default.nix
@@ -0,0 +1,47 @@
+{ config, lib, pkgs, ...}: with lib; {
+ options.santi-modules.gnome.enable = mkEnableOption "Enable gnome";
+ config = mkIf config.santi-modules.gnome.enable {
+ programs.dconf.enable = true;
+ environment.systemPackages = with pkgs; [
+ gnome-tweaks
+ tela-icon-theme
+ ] ++ (with gnomeExtensions; [
+ appindicator
+ vitals
+ user-themes
+ graphite-gtk-theme
+ x11-gestures
+ gsconnect
+ ]);
+
+ environment.gnome.excludePackages = with pkgs; [
+ gnome-photos
+ gnome-tour
+ gedit
+ cheese
+ gnome-terminal
+ epiphany # web browser
+ geary # email reader
+ evince # document viewer
+ totem # video player
+ gnome-music
+ gnome-characters
+ tali # poker game
+ iagno # go game
+ hitori # sudoku game
+ atomix # puzzle game
+ ];
+ services.xserver = {
+ displayManager.gdm = {
+ enable = true;
+ wayland = false;
+ };
+ desktopManager.gnome.enable = true;
+ };
+ services.udev.packages = [ pkgs.gnome-settings-daemon ];
+ services.gnome = {
+ gnome-browser-connector.enable = true;
+ gnome-keyring.enable = true;
+ };
+ };
+}
diff --git a/modules/gnome-config.nix b/modules/gnome/gnome-config.nix
index 38a812d..099a692 100644
--- a/modules/gnome-config.nix
+++ b/modules/gnome/gnome-config.nix
@@ -1,9 +1,9 @@
-{ ... }:
-{
+santi-modules:
+{ lib, ... }: lib.optionalAttrs santi-modules.gnome.enable {
dconf.settings = {
"org/gnome/desktop/background" = {
- picture-uri = "${../wallpaper.png}";
- picture-uri-dark = "${../wallpaper.png}";
+ picture-uri = "${../../wallpaper.png}";
+ picture-uri-dark = "${../../wallpaper.png}";
picture-options = "zoom";
};
"org/gnome/desktop/interface" = {
diff --git a/secrets/authinfo.age b/secrets/authinfo.age
index 223c1b4..1460551 100644
--- a/secrets/authinfo.age
+++ b/secrets/authinfo.age
Binary files differ
diff --git a/secrets/cloudflare.age b/secrets/cloudflare.age
new file mode 100644
index 0000000..1ffafa6
--- /dev/null
+++ b/secrets/cloudflare.age
@@ -0,0 +1,17 @@
+-----BEGIN AGE ENCRYPTED FILE-----
+YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IDZiYmg0ZyBseGds
+WnpmL2pORWRqYjBKc1A4cFhHWG9TWDVUS0UyVk00dnRtb3pMUTI4Ckp0dGdUNmxs
+TEhsdzhySms2SkpEaENpbUFxL0dTaURkMkJGQ3hrNlBBV3MKLT4gc3NoLWVkMjU1
+MTkgSE1OV253IC9lRkFpZFdISUd0Sm1GMkJPanpKODBwOU40eXovRmpVb0lLNzRE
+QWxVeHcKcC9Od01vY0JDckpVK0gza2hBdjY4TE50SkZYSHhYSm5TMkZPMkd3bDQ1
+OAotPiBzc2gtZWQyNTUxOSBBY2VnWUEgcW5JS1F5Q3p1TG1neDNxVHh0YlBWU2ds
+Z2lVOUs3WTlUOTd6djk3dDMwcwplR1FYdVpucFZsU2Z1WURVUkhqUEs4dURXbnlp
+MWp3UGxST3ZCcFNCMW1rCi0+IHNzaC1lZDI1NTE5IFZzREtydyBtNXFnakhQL2Zy
+TlRqZ0tReVNvMVF3cjN1RDF6SG1VK1dSWjdvdXhoTlhvCmt6cUpSYkJEOFYrZjhm
+VFg1cUs4WTR3SWpNWmFNQUN3UUY3L292WE5CZ0EKLT4gb0s0JU86YS1ncmVhc2UK
+amt6aUl4VjdRaHFzNDRLWExiS0h3dmdiL1FZRUJRSERKUVB6OHpLbXFkc1FCOXcr
+MHVrd1lqYVlraXRiN2ltVApaVnJiZG5IeFo3ZEc0aGNzNFlib21GbmRHbU0KLS0t
+IENyVDdZM0hEdTc5YkNEZWxhdVI1YnFJd3ZJUDNJU2JWVEdNcjFVa3ltbUEK8KJV
+kOUb25Nckbty31K6PULyfU6O/tPxRqPKLou6L16hCD28FfJQ05JSIeKL35vJzHhj
+zGl+BVLUMxpoR1KH3PEPNXFuVfjFaQnGyxhUHBClbORXUcw=
+-----END AGE ENCRYPTED FILE-----
diff --git a/secrets/host-pub-keys.nix b/secrets/host-pub-keys.nix
index 5d4521e..2c5446f 100644
--- a/secrets/host-pub-keys.nix
+++ b/secrets/host-pub-keys.nix
@@ -2,4 +2,5 @@
larissa = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINKjyS7vbCxr7oDqBpnhHQQzolAW6Fqt1FTOo+hT+lSC";
kunagisa = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDrMCLu3VvQVmd2cqreAJsVKkrtKXqgzO8i8NDm06ysm";
hanekawa = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKuIjOE3xi/frXJHXQuIBntuXP8XyboCWRx48o3sYeub";
+ iori = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFp0hrtRbJ6KTf7gH+TDEaTlyzAE9IiEoknEFcrXKdos";
}
diff --git a/secrets/personal-mail.age b/secrets/personal-mail.age
index 33fb9e4..dfe63be 100644
--- a/secrets/personal-mail.age
+++ b/secrets/personal-mail.age
@@ -1,11 +1,13 @@
age-encryption.org/v1
--> ssh-ed25519 6bbh4g Co1q1Z2PlGmuBR/rRK+Vsqzh+9wFKBZtvJQWsa8YBhg
-9H9UosRZwuhuAruVC/F0xC048BLU6lZSv2R5k1OIo3Q
--> ssh-ed25519 VsDKrw VfIAnkhQL0JGAKMet+DNPAi2VIdTxUov8qQasws7lBE
-bedej/OxKTQSVcHX8s/qudPRMylVEkKk5NpiGLKjI8s
--> ssh-ed25519 AcegYA 5w3nAxWTf7JauebRnBVTpmQhT1rWDcIJqxviN/s0qCA
-TFze7JmR2b7RrlXTxX++AFGg3xtg+zJbtkecDJWMXv8
--> ssh-ed25519 HMNWnw 576lXVz0d6rePcdUO74AlY/1WeZgxdISIK6dDMBuO0k
-X2RsmdFD1SS6/5dx6U5GFz5jY0rGd1gsCyG2rKGsb7o
---- YADctsGaoJy18o6LP2ocSMs9NG2QCv2UhkCHd249x0U
-7����?L��l���P�����#�"����4�9������{�$ \ No newline at end of file
+-> ssh-ed25519 6bbh4g s8GZCqmVMXba8spKaee82ejblHCiwsaTjcA7BvuMkFU
+56+jfZexU8kVF6vWGAhB+QMIj0XGlaqSAXaMmSkdP9s
+-> ssh-ed25519 VsDKrw 3ISxM0gMyKmKv5IyBqwFBxeActacKXvsac3VSry7LTM
+2Slf8frYlBTAOBtImXohhqgIzOyXnzlIZ6Qyzm70hWk
+-> ssh-ed25519 6rQlWQ TaVwF7vF2Sx4S66/8iVVWoXhe5yb2hXfz2NyUKNQaQg
+4CuXqHzJbOElIdtOyjUHo+1EVGQ+9w6X/V3ot2ZF8SU
+-> ssh-ed25519 AcegYA ucnWOc1As3Kvxip8+7ijJLlAK5Zr3FV6fs2Yh9KBHww
+8rfuA+kGpssLVbKZpNDqc7PFqAYXYel2CTLJtEPz63o
+-> ssh-ed25519 HMNWnw sTEofSsU4BnHqr7lzdaXrxGAFolqOcutfHwPHnO143M
+Owpm6/83ltdpUea6ioTfStKxCvR45xT1oUHviIyhY8E
+--- sxfpfsa2pN+oyyJ1PLaP0/nZplTzJOPNP//GRLnDj4s
+�E)k���)���4M��E@�|��)�=�-�::IN֗^T�-�~D���� \ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 57cce87..838dd3c 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -10,4 +10,5 @@ in
"university-mail.age".publicKeys = keys;
"authinfo.age".publicKeys = keys;
"user-pass.age".publicKeys = keys;
+ "cloudflare.age".publicKeys = keys;
}
diff --git a/secrets/university-mail.age b/secrets/university-mail.age
index 7265206..c08a6e6 100644
--- a/secrets/university-mail.age
+++ b/secrets/university-mail.age
Binary files differ
diff --git a/secrets/user-pass.age b/secrets/user-pass.age
index fbff2b1..598c27f 100644
--- a/secrets/user-pass.age
+++ b/secrets/user-pass.age
@@ -1,12 +1,13 @@
age-encryption.org/v1
--> ssh-ed25519 6bbh4g RLzMUdJo4fNl5Pt3Bfrc1h6f/g7ZnbXCVZYzKtCdc0E
-msXwOrGwApKJ1wPB2IwtJb/8KmWQWTWmXHkmwCJgywY
--> ssh-ed25519 VsDKrw F3FoKxZx5zQfRkDOUwwpMYgLxT409t92cD8lZDQkDAc
-cN0ckxaLdoKEj47LhlVMYCXrZJPn5rBe/eYqwi1YG/Y
--> ssh-ed25519 AcegYA /b901V1aFQRau4gkFZCZI1iaMUMRVAH+IgV9amZldxE
-cLS9vh5nCYR59Sw0f7oqbgqEqgEXvZJsipWrAtROGPU
--> ssh-ed25519 HMNWnw 14p8qhRCpr+uPlk4e0TdYI2TZCKiaEjbh2bz6dqhRkk
-jrPOTSdGQlgQZ/VbOQVPMCrSU2o0/TBJwcSbzz/7DgU
---- sAYECrOx62PupGuHIGTcXPLcC64SmlWEXzWrqzeVJRg
-�o[87e�,
-�}i�G�&�e�g6���~$�3�A�n����ל5��$dr#�P�n�ސ򅺨^����p�\���ƇK��a�r!zk�'bRa�'WMX� \ No newline at end of file
+-> ssh-ed25519 6bbh4g lDvj7yboKJLG3qB74bFw09qTDCzu5KGUhzVLjZSDYxc
+7szgniathBhlgJwnZeb1jehVGI4Ku0mv6UvGNLCaWZE
+-> ssh-ed25519 VsDKrw SyYw0WqRmwYZbYVAAVCuLnWF6jiKy8ceSXTwOn1ubnY
+NQCBXkDtXtnPOSNXH7fG+CvJ72Fd0nMzEqi+e9HOE1s
+-> ssh-ed25519 6rQlWQ EgxldGA6qyuaOkI1FqPIEyt0svORWlU1amLpbsYiw38
+nPzQ4d2Kg+THRciYy3jMJchtyIvIk5fUH6gyXDuwA/w
+-> ssh-ed25519 AcegYA tyBWRfwPeRGSKo7E//v9J9z/ElrtVQNvYZgGiPy7RyM
+u8cZaQb3yz74n+VOqJUGFGzdwPvKPxzcUL1sL20S6j0
+-> ssh-ed25519 HMNWnw GMFuHhtXa1EF5hvfMZ39uLdimyjF7YLngL8+3//RxQM
+3cZLt2thg2Skb88ZzqEat8os3d2FKuLrdHgFfWoU0Cc
+--- 5rq6g0jqUfdGLPvmnS/GvYC7Vh+IyOKXQGYVo1RigcQ
+��d�X\?��h�L�s���j��v�R��[T�2N8��̶X}�ka�QG�@�5��R��7�/����% ��!B�.�M���g�Z��Z���� mֱI�7�JK \ No newline at end of file
diff --git a/secrets/user-ssh-key.age b/secrets/user-ssh-key.age
index 355cf10..877e687 100644
--- a/secrets/user-ssh-key.age
+++ b/secrets/user-ssh-key.age
Binary files differ
diff --git a/secrets/work-mail.age b/secrets/work-mail.age
index 75f396f..3005d73 100644
--- a/secrets/work-mail.age
+++ b/secrets/work-mail.age
@@ -1,12 +1,13 @@
age-encryption.org/v1
--> ssh-ed25519 6bbh4g m0pOnu0NNuv2qcq24i4c1+Pk7sTcBnTvg64CWVoPpi4
-bud+AyspzVbwDiuhK5GtT3XvCh3GbPmazSfxoq4QegA
--> ssh-ed25519 VsDKrw YDE4+4IJYiE8jBpTM+bUsKuR8vBVLQiNi6UeAeheghA
-QiTiPfNiT7SikKi8XklTyOOj4KaQpYVD0U/tUqP9fUU
--> ssh-ed25519 AcegYA TlWm9o9RxFp6VQZ6o29xCNJA/eI2Bo+cDpwPQ/AySxs
-Vp/dvB1NCqHjdh+xjHDJGkx2Zz2872JWMI13j0CiFG0
--> ssh-ed25519 HMNWnw nn5hJucwg2Z0oy5CM9/rsfS0vpvxOxTZF2ljnP3ETzo
-HS6JzCyOtXxQPYbg9s3tXh38VyedBYpiW1VkkopD0Ts
---- p05A6cDASoTJwlaeazJyvwMNhCDq4xHEVR7105DJ19M
-;��ܒẇ����HD�
-�� )�?%��f��tl�e����>l]�JS� \ No newline at end of file
+-> ssh-ed25519 6bbh4g B58pVNMnxei45dbeGx/Wx3RQm/mra8y0tikUNmSuMUw
+NiuDbda8SyCmDDrDxjbTp8OPZRvyF2yKUxO35SOyrns
+-> ssh-ed25519 VsDKrw qL8t146DKRBddDPIeI7Vo/uDdmJ6+94xReypJLQiGTk
+uJvwTxbGg2eas9J7dkjTtBsL8rng6/qdPXJvUgbNycs
+-> ssh-ed25519 6rQlWQ hmwryLXQl/5/kjLiSNP9nIUSanaFWBglgMyDSJ6nPx8
+YzAdR/5gkcXoOHeMkJiiOTC+xRj69V6kexjFQKHoDlA
+-> ssh-ed25519 AcegYA EW0jfguCGqYWMu4D8dQ9I6bujOhsOBYlxn/rq+KWsyQ
+YRcZCcQYtmQa8ZH9aoiM2dKJYHQZM7M5VHt5T/ptGnI
+-> ssh-ed25519 HMNWnw 7KuRwRQXKXyH9Cyi+SRoUqFRHBWL8VPB2wlgzTBuryQ
+AekDJJeFSETMDguHAOKShuBJxNi4/S6zKp0BC+Z9A6E
+--- hC+KoA8D5HmrgV8QhediAb6XNoAXgOg2wijsb7WrtmQ
+�ò�t���]���M�@�gW<��&��Yl#k�Ug�D�,���ʆI�1W�+�� \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-23 09:42:03 +0000