DerGrumpf/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changed: Modules

Browse Source
This commit is contained in:
DerGrumpf
2025-04-03 12:50:08 +02:00
parent 775737fd18
commit b84ca8ac24
13 changed files with 218 additions and 173 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
hosts/m920q/default.nix
View File

@@ -7,12 +7,21 @@
{
imports =
[
../../modules/system.nix
../../modules/regreet/regreet.nix
../../modules/plymouth.nix
../../modules/system.nix
../../modules/vpn.nix
../../modules/fonts.nix
../../modules/firewall.nix
../../modules/localisation.nix
../../modules/openssh.nix
../../modules/pipewire.nix
../../modules/podman.nix
../../modules/services.nix
../../modules/regreet/regreet.nix
../../modules/plymouth.nix
../../modules/file_managers/spacefm.nix
# Include the results of the hardware scan.
./hardware-configuration.nix
# Include the results of the hardware scan.
./hardware-configuration.nix
];
# Bootloader.

4
modules/file_managers/spacefm.nix Normal file
View File

@@ -0,0 +1,4 @@
{ pkgs, ... }:
{
programs.spacefm.enable = true;
}

13
modules/file_managers/thunar.nix Normal file
View File

@@ -0,0 +1,13 @@
{ pkgs, ... }:
{
programs.xfconf.enable = true;
services.gvfs.enable = true;
services.tumbler.enable = true;
programs.thunar = {
enable = true;
plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
};
}

7
modules/firewall.nix Normal file
View File

@@ -0,0 +1,7 @@
{ pkgs, ... }:
{
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = false;
}

31
modules/fonts.nix Normal file
View File

@@ -0,0 +1,31 @@
{ pkgs, ... }:
{
fonts = {
packages = with pkgs; [
# icon fonts
material-icons
material-black-colors
material-design-icons
# normal fonts
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
nerdfonts
];
# use fonts specified by user rather than default ones
enableDefaultPackages = false;
# user defined fonts
# the reason there's Noto Color Emoji everywhere is to override DejaVu's
# B&W emojis that would sometimes show instead of some Color emojis
fontconfig.defaultFonts = {
serif = ["Noto Serif" "Noto Color Emoji"];
sansSerif = ["Noto Sans" "Noto Color Emoji"];
monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"];
emoji = ["Noto Color Emoji"];
};
};
}

20
modules/localisation.nix Normal file
View File

@@ -0,0 +1,20 @@
{ pkgs, ... }:
{
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
}

36
modules/nix-settings.nix Normal file
View File

@@ -0,0 +1,36 @@
{ pkgs, username, ... }:
{
# given the users in this list the right to specify additional substituters via:
# 1. `nixConfig.substituers` in `flake.nix`
# 2. command line args `--options substituers http://xxx`
nix.settings.trusted-users = [username];
# customise /etc/nix/nix.conf declaratively via `nix.settings`
nix.settings = {
# enable flakes globally
experimental-features = ["nix-command" "flakes"];
auto-optimise-store = true;
substituters = [
"https://cache.nixos.org"
"https://hyprland.cachix.org"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
builders-use-substitutes = true;
};
# do garbage collection weekly to keep disk usage low
nix.gc = {
automatic = lib.mkDefault true;
dates = lib.mkDefault "1h";
options = lib.mkDefault "--delete-older-than +3";
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
nixpkgs.config.allowBroken = true;
}

13
modules/openssh.nix Normal file
View File

@@ -0,0 +1,13 @@
{ pkgs, ... }:
{
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
settings = {
X11Forwarding = true;
PermitRootLogin = "no"; # disable root login
PasswordAuthentication = false; # disable password login
};
openFirewall = true;
};
}

20
modules/pipewire.nix Normal file
View File

@@ -0,0 +1,20 @@
{ pkgs, ... }:
{
# Enable sound with pipewire.
#sound.enable = true;
hardware.pulseaudio.enable = false;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
}

34
modules/podman.nix Normal file
View File

@@ -0,0 +1,34 @@
{ pkgs, ...}:
{
environment.packages = with pkgs; [
# Virtualisation
podman-compose # docker-compose alternative
dive # docker layer viewer
podman-tui # status of containers in terminal
podman-desktop # Desktop client
tailscale # Vpn
];
# Virtualisation
virtualisation = {
containers.enable = true;
podman = {
enable = true;
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
oci-containers = {
backend = "podman";
containers = {
/*container-name = {
image = "image";
autoStart = true;
ports = [ "127.0.0.1:1234:1234" ];
};*/
};
};
};
}

15
modules/services.nix Normal file
View File

@@ -0,0 +1,15 @@
{ pkgs, ... }:
{
services = {
dbus.packages = [pkgs.gcr];
geoclue2.enable = true;
udev.packages = with pkgs; [gnome.gnome-settings-daemon];
# Enable CUPS to print documents.
printing.enable = true;
power-profiles-daemon.enable = true;
};
}

171
modules/system.nix
View File

@@ -12,142 +12,9 @@
description = username;
extraGroups = ["networkmanager" "wheel" "podman"];
};
# given the users in this list the right to specify additional substituters via:
# 1. `nixConfig.substituers` in `flake.nix`
# 2. command line args `--options substituers http://xxx`
nix.settings.trusted-users = [username];
# customise /etc/nix/nix.conf declaratively via `nix.settings`
nix.settings = {
# enable flakes globally
experimental-features = ["nix-command" "flakes"];
auto-optimise-store = true;
substituters = [
"https://cache.nixos.org"
"https://hyprland.cachix.org"
];
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
builders-use-substitutes = true;
};
# do garbage collection weekly to keep disk usage low
nix.gc = {
automatic = lib.mkDefault true;
dates = lib.mkDefault "weekly";
options = lib.mkDefault "--delete-older-than +3";
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
nixpkgs.config.allowBroken = true;
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
# Enable CUPS to print documents.
services.printing.enable = true;
fonts = {
packages = with pkgs; [
# icon fonts
material-icons
material-black-colors
material-design-icons
# normal fonts
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
nerdfonts
];
# use fonts specified by user rather than default ones
enableDefaultPackages = false;
# user defined fonts
# the reason there's Noto Color Emoji everywhere is to override DejaVu's
# B&W emojis that would sometimes show instead of some Color emojis
fontconfig.defaultFonts = {
serif = ["Noto Serif" "Noto Color Emoji"];
sansSerif = ["Noto Sans" "Noto Color Emoji"];
monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"];
emoji = ["Noto Color Emoji"];
};
};
programs.dconf.enable = true;
programs.spacefm.enable = true;
/*programs.xfconf.enable = true;
services.gvfs.enable = true;
services.tumbler.enable = true;
programs.thunar = {
enable = true;
plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
};*/
# Virtualisation
virtualisation = {
containers.enable = true;
podman = {
enable = true;
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
oci-containers = {
backend = "podman";
containers = {
/*container-name = {
image = "image";
autoStart = true;
ports = [ "127.0.0.1:1234:1234" ];
};*/
};
};
};
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = false;
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
settings = {
X11Forwarding = true;
PermitRootLogin = "no"; # disable root login
PasswordAuthentication = false; # disable password login
};
openFirewall = true;
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
@@ -203,42 +70,10 @@
p7zip
xz
# Virtualisation
podman-compose # docker-compose alternative
dive # docker layer viewer
podman-tui # status of containers in terminal
podman-desktop # Desktop client
tailscale # Vpn
];
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
services.power-profiles-daemon = {
enable = true;
};
security.polkit.enable = true;
services = {
dbus.packages = [pkgs.gcr];
geoclue2.enable = true;
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
tailscale.enable = true;
udev.packages = with pkgs; [gnome.gnome-settings-daemon];
};
}
}

8
modules/vpn.nix Normal file
View File

@@ -0,0 +1,8 @@
{ pkgs, ... }:
{
services.tailscale = {
enable = true;
openFirewall = true;
};
}