diff --git a/flake.lock b/flake.lock index 42963555..c795cb2a 100644 --- a/flake.lock +++ b/flake.lock @@ -57,7 +57,7 @@ "disko": { "inputs": { "nixpkgs": [ - "nixpkgs" + "stable" ] }, "locked": { @@ -222,10 +222,10 @@ "type": "github" } }, - "home-manager": { + "hm": { "inputs": { "nixpkgs": [ - "nixpkgs" + "stable" ] }, "locked": { @@ -265,7 +265,7 @@ "flake-parts": "flake-parts", "flake-utils": "flake-utils", "nixpkgs": [ - "nixpkgs" + "stable" ], "pre-commit-hooks-nix": "pre-commit-hooks-nix", "rust-overlay": "rust-overlay" @@ -406,26 +406,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1742751704, - "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "ref": "nixos-24.11", - "type": "indirect" - } - }, - "nixpkgs_5": { - "locked": { - "lastModified": 1742669843, - "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", + "lastModified": 1742889210, + "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1e5b653dff12029333a6546c11e108ede13052eb", + "rev": "698214a32beb4f4c8e3942372c694f40848b360d", "type": "github" }, "original": { @@ -438,15 +423,15 @@ "nur": { "inputs": { "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_4", "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1742962100, - "narHash": "sha256-uXXhBELlgUawUAVSNDtnKzoFo4lNoCOYS4JrQwFqnyI=", + "lastModified": 1743025561, + "narHash": "sha256-wbszHA2bJaA9TSLkiU1Gqby4noRNhhWi9CNoFqxSPj0=", "owner": "nix-community", "repo": "NUR", - "rev": "028c4f0ccf35ede826a3eff910cb4fe6b8e6cfb5", + "rev": "dcc6f70a7f8c69b50a266de40ca6228f01a50c88", "type": "github" }, "original": { @@ -486,13 +471,13 @@ "inputs": { "blender": "blender", "disko": "disko", - "home-manager": "home-manager", + "hm": "hm", "impermanence": "impermanence", "lanzaboote": "lanzaboote", "mailserver": "mailserver", "minecraft": "minecraft", - "nixpkgs": "nixpkgs_4", "nur": "nur", + "stable": "stable", "unstable": "unstable" } }, @@ -521,6 +506,21 @@ "type": "github" } }, + "stable": { + "locked": { + "lastModified": 1742751704, + "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-24.11", + "type": "indirect" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -574,11 +574,11 @@ }, "unstable": { "locked": { - "lastModified": 1742669843, - "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", + "lastModified": 1742889210, + "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1e5b653dff12029333a6546c11e108ede13052eb", + "rev": "698214a32beb4f4c8e3942372c694f40848b360d", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index ed581b90..6aec021c 100644 --- a/flake.nix +++ b/flake.nix @@ -1,17 +1,17 @@ { inputs = { # System inputs - nixpkgs.url = "nixpkgs/nixos-24.11"; + stable.url = "nixpkgs/nixos-24.11"; unstable.url = "nixpkgs/nixos-unstable"; lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.1"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs.follows = "stable"; }; disko = { url = "github:nix-community/disko"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs.follows = "stable"; }; impermanence.url = "github:nix-community/impermanence"; @@ -19,9 +19,9 @@ minecraft.url = "github:Infinidoge/nix-minecraft"; # Home inputs - home-manager = { + hm = { url = "github:nix-community/home-manager/release-24.11"; - inputs.nixpkgs.follows = "nixpkgs"; + inputs.nixpkgs.follows = "stable"; }; nur.url = "github:nix-community/NUR"; @@ -29,30 +29,30 @@ }; outputs = { - nixpkgs, + stable, unstable, lanzaboote, disko, impermanence, mailserver, minecraft, - home-manager, + hm, nur, blender, ... }@inputs: let - mkNix = modules: nixpkgs.lib.nixosSystem { + mkNix = modules: stable.lib.nixosSystem { inherit modules; specialArgs = inputs; }; - mkHome = modules: pkgs: home-manager.lib.homeManagerConfiguration { + mkHome = modules: pkgs: hm.lib.homeManagerConfiguration { inherit modules pkgs; extraSpecialArgs = inputs; }; in { - # nixos-rebuild switch --flake /etc/nixos#hostname + # nh os switch /path --hostname=host nixosConfigurations = { tower = mkNix [ ./hosts/tower ]; # Main Desktop qemu = mkNix [ ./hosts/qemu ]; # Virtualization Testing @@ -67,10 +67,10 @@ prophet = mkNix [ ./hosts/prophet ]; # Oracle Neoverse-N1 }; - # home-manager switch --flake /etc/nixos#arch + # nh home switch /path -c arch homeConfigurations = { - x86 = mkHome [ ./modules/home ] nixpkgs.legacyPackages.x86_64-linux; - aarch = mkHome [ ./modules/home ] nixpkgs.legacyPackages.aarch64-linux; + x86 = mkHome [ ./modules/home ] stable.legacyPackages.x86_64-linux; + aarch = mkHome [ ./modules/home ] stable.legacyPackages.aarch64-linux; }; }; } diff --git a/hosts/intuos/default.nix b/hosts/intuos/default.nix index 9bef8066..98497e5d 100644 --- a/hosts/intuos/default.nix +++ b/hosts/intuos/default.nix @@ -11,7 +11,6 @@ networking = { hostName = "intuos"; - useDHCP = false; wireless.enable = true; interfaces."wlp1s0".ipv4.addresses = [{ address = "10.2.0.102"; diff --git a/hosts/intuos/hardware/default.nix b/hosts/intuos/hardware/default.nix index 2029c75a..3fadc05e 100644 --- a/hosts/intuos/hardware/default.nix +++ b/hosts/intuos/hardware/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; diff --git a/hosts/kitty/hardware/default.nix b/hosts/kitty/hardware/default.nix index 0613b00c..15da16bc 100644 --- a/hosts/kitty/hardware/default.nix +++ b/hosts/kitty/hardware/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; diff --git a/hosts/midas/firewall/default.nix b/hosts/midas/firewall/default.nix index 4d56670f..88f9cffa 100644 --- a/hosts/midas/firewall/default.nix +++ b/hosts/midas/firewall/default.nix @@ -3,7 +3,7 @@ networking.nftables.tables.forwarding = { family = "inet"; content = '' - chain PREROUTING { + chain incoming { type nat hook prerouting priority dstnat; policy accept; tcp dport 2211 dnat ip to 10.2.0.100:22 comment "SSH to Tower" tcp dport 2222 dnat ip to 10.2.0.2:22 comment "SSH to Kitty" @@ -17,7 +17,7 @@ udp dport { 37998, 37999, 38000 } dnat ip to 10.3.0.1 comment "VM Sunshine UDP" } - chain POSTROUTING { + chain forward { type nat hook postrouting priority 100; policy accept; oifname "enp0s31f6" masquerade } diff --git a/hosts/pear/hardware/default.nix b/hosts/pear/hardware/default.nix index a5ce031a..cfaeb2f8 100644 --- a/hosts/pear/hardware/default.nix +++ b/hosts/pear/hardware/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, modulesPath, ... }: { imports = [ (modulesPath + "/hardware/network/broadcom-43xx.nix") diff --git a/hosts/tower/boot/default.nix b/hosts/tower/boot/default.nix index d0a135c9..48abc32d 100644 --- a/hosts/tower/boot/default.nix +++ b/hosts/tower/boot/default.nix @@ -6,9 +6,6 @@ let "iommu=pt" "nested=1" - # Virtualization nonsense - "transparent_hugepage=never" - # Isolate devices into IOMMU groups "pcie_acs_override=downstream,multifunction" "pci=routeirq" @@ -19,13 +16,14 @@ in { kernelPackages = pkgsUnstable.linuxPackages_xanmod_stable; kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:1f82,10de:10fa" ]; - # Load into GPU before NVIDIA driver + # Load into GPU before video driver initrd.kernelModules = [ "vfio" "vfio_pci" "vfio_iommu_type1" ]; + # Secure boot lanzaboote.enable = true; }; diff --git a/modules/home/programs/gui/rofi/scripts/default.nix b/modules/home/programs/gui/rofi/scripts/default.nix index 7934cd00..09ee6b77 100644 --- a/modules/home/programs/gui/rofi/scripts/default.nix +++ b/modules/home/programs/gui/rofi/scripts/default.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: { home.packages = with pkgs; lib.mkIf config.programs.rofi.enable [ - (pkgs.writeScriptBin "rofiscratch" '' + (writeScriptBin "rofiscratch" '' SCRATCHPADS=$(echo -e "Btop\nMusic\nSound\nEasyEffects" | rofi -dmenu -i -p "Scratchpads") case $SCRATCHPADS in Btop) foot -a btop -T Btop btop;; @@ -9,7 +9,7 @@ Sound) foot -a sound -T Sound pulsemixer;; esac '') - (pkgs.writeScriptBin "rofipower" '' + (writeScriptBin "rofipower" '' POWER=$(echo -e "Shutdown\nReboot\nLock\nSleep\nKill" | rofi -dmenu -i -p "Power") case $POWER in Shutdown) poweroff;; diff --git a/modules/home/programs/terminal/bat/default.nix b/modules/home/programs/terminal/bat/default.nix new file mode 100644 index 00000000..8d0b4b61 --- /dev/null +++ b/modules/home/programs/terminal/bat/default.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + programs.bat = { + enable = true; + config.paging = "never"; + }; +} diff --git a/modules/home/programs/terminal/default.nix b/modules/home/programs/terminal/default.nix index 7122a888..aa043055 100644 --- a/modules/home/programs/terminal/default.nix +++ b/modules/home/programs/terminal/default.nix @@ -1,6 +1,7 @@ { ... }: { imports = [ + ./bat ./btop ./eza ./fastfetch diff --git a/modules/home/programs/terminal/fastfetch/small/default.nix b/modules/home/programs/terminal/fastfetch/small/default.nix index d48f1341..fb6dac51 100644 --- a/modules/home/programs/terminal/fastfetch/small/default.nix +++ b/modules/home/programs/terminal/fastfetch/small/default.nix @@ -1,5 +1,5 @@ { pkgs, ... }: { - home.packages = with pkgs; [ (pkgs.writeScriptBin "pfetch" "fastfetch --config ~/.config/fastfetch/small.jsonc") ]; + home.packages = with pkgs; [ (writeScriptBin "pfetch" "fastfetch --config ~/.config/fastfetch/small.jsonc") ]; xdg.configFile."fastfetch/small.jsonc".source = ./small.jsonc; } diff --git a/modules/home/programs/terminal/zsh/default.nix b/modules/home/programs/terminal/zsh/default.nix index 15ed467a..049f5318 100644 --- a/modules/home/programs/terminal/zsh/default.nix +++ b/modules/home/programs/terminal/zsh/default.nix @@ -14,7 +14,6 @@ }; initExtra = '' pfetch - source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh source ${pkgs.zsh-you-should-use}/share/zsh/plugins/you-should-use/you-should-use.plugin.zsh setopt HIST_IGNORE_SPACE setopt RM_STAR_WAIT diff --git a/modules/home/settings/aliases/default.nix b/modules/home/settings/aliases/default.nix index a769d56e..e106bfa5 100644 --- a/modules/home/settings/aliases/default.nix +++ b/modules/home/settings/aliases/default.nix @@ -9,7 +9,6 @@ # Shortcuts ff = "clear && fastfetch"; ip = "ip -c"; - cat = "${pkgs.bat}/bin/bat --paging never"; spotdl = "spotdl --m3u --format opus"; copycat = "wl-copy <"; myip = "curl ifconfig.co"; diff --git a/modules/home/settings/gtk/theme/default.nix b/modules/home/settings/gtk/theme/default.nix index 17c6f518..34918d00 100644 --- a/modules/home/settings/gtk/theme/default.nix +++ b/modules/home/settings/gtk/theme/default.nix @@ -1,13 +1,13 @@ { config, pkgs, ... }: { - gtk = { + gtk = with pkgs; { font = { - name = "${config.look.fonts.main}"; + name = config.look.fonts.main; size = 11; }; theme = { name = "Colloid-Dark"; - package = pkgs.colloid-gtk-theme.override { + package = colloid-gtk-theme.override { themeVariants = [ "default" ]; colorVariants = [ "dark" ]; sizeVariants = [ "standard" ]; @@ -20,8 +20,8 @@ }; iconTheme = { name = "Papirus-Dark"; - package = pkgs.papirus-icon-theme.override { - color = "${config.look.colors.folder}"; + package = papirus-icon-theme.override { + color = config.look.colors.folder; }; }; }; diff --git a/modules/home/settings/nix/channels/default.nix b/modules/home/settings/nix/channels/default.nix new file mode 100644 index 00000000..c5fe6b78 --- /dev/null +++ b/modules/home/settings/nix/channels/default.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, stable, unstable, ... }: +{ + nix.registry.stable.flake = stable; + nix.registry.unstable.flake = unstable; + + _module.args.pkgsStable = import stable { + inherit (pkgs.stdenv.hostPlatform) system; + inherit (config.nixpkgs) config; + }; + _module.args.pkgsUnstable = import unstable { + inherit (pkgs.stdenv.hostPlatform) system; + inherit (config.nixpkgs) config; + }; +} diff --git a/modules/home/settings/nix/default.nix b/modules/home/settings/nix/default.nix index 02cd9488..4e6d567a 100644 --- a/modules/home/settings/nix/default.nix +++ b/modules/home/settings/nix/default.nix @@ -1,6 +1,9 @@ -{ config, lib, pkgs, unstable, ... }: +{ config, lib, pkgs, ... }: { - imports = [ ./unfree ]; + imports = [ + ./channels + ./unfree + ]; nix = { package = lib.mkForce pkgs.nix; @@ -8,11 +11,5 @@ "nix-command" "flakes" ]; - registry.unstable.flake = unstable; - }; - - _module.args.pkgsUnstable = import unstable { - inherit (pkgs.stdenv.hostPlatform) system; - inherit (config.nixpkgs) config; }; } diff --git a/modules/system/devices/networking/default.nix b/modules/system/devices/networking/default.nix index 2290fd05..b2157f42 100644 --- a/modules/system/devices/networking/default.nix +++ b/modules/system/devices/networking/default.nix @@ -8,16 +8,17 @@ nftables.enable = true; firewall.allowPing = false; nameservers = [ - "1.1.1.1#one.one.one.one" - "1.0.0.1#one.one.one.one" + "9.9.9.11#dns11.quad9.net" + "149.112.112.11#dns11.quad9.net" + "2620:fe::11#dns11.quad9.net" + "2620:fe::fe:11#dns11.quad9.net" ]; }; services.resolved = { enable = true; dnssec = "true"; - domains = [ "~." ]; - fallbackDns = config.networking.nameservers; dnsovertls = "true"; + fallbackDns = config.networking.nameservers; }; } diff --git a/modules/system/devices/video/nvidia/default.nix b/modules/system/devices/video/nvidia/default.nix index 99615dd6..30fcf8c1 100644 --- a/modules/system/devices/video/nvidia/default.nix +++ b/modules/system/devices/video/nvidia/default.nix @@ -4,21 +4,17 @@ config = lib.mkIf config.system.nvidia.enable { hardware.nvidia = { - package = config.boot.kernelPackages.nvidiaPackages.beta; modesetting.enable = true; nvidiaSettings = false; - open = false; + open = true; }; services.xserver.videoDrivers = [ "nvidia" ]; - boot.kernelParams = [ "nvidia_drm.fbdev=1" ]; - nixpkgs.allowUnfreePackages = [ "nvidia-x11" ]; - specialisation.nouveau.configuration.config = { - system.nvidia.enable = lib.mkForce false; - environment.sessionVariables.NIXOS_OZONE_WL = lib.mkForce ""; - }; + boot.kernelParams = [ "nvidia_drm.fbdev=1" ]; + + specialisation.nouveau.configuration.config.system.nvidia.enable = lib.mkForce false; }; } diff --git a/modules/system/programs/home-manager/default.nix b/modules/system/programs/home-manager/default.nix index e3aaf5e5..9430a530 100644 --- a/modules/system/programs/home-manager/default.nix +++ b/modules/system/programs/home-manager/default.nix @@ -1,10 +1,11 @@ -{ unstable, nur, blender, ... }: +{ stable, unstable, nur, blender, ... }: { home-manager = { useUserPackages = true; backupFileExtension = "bak"; extraSpecialArgs = { inherit + stable unstable nur blender diff --git a/modules/system/settings/nix/channels/default.nix b/modules/system/settings/nix/channels/default.nix new file mode 100644 index 00000000..f1d4b4c8 --- /dev/null +++ b/modules/system/settings/nix/channels/default.nix @@ -0,0 +1,11 @@ +{ config, lib, pkgs, stable, unstable, ... }: +{ + _module.args.pkgsStable = import stable { + inherit (pkgs.stdenv.hostPlatform) system; + inherit (config.nixpkgs) config; + }; + _module.args.pkgsUnstable = import unstable { + inherit (pkgs.stdenv.hostPlatform) system; + inherit (config.nixpkgs) config; + }; +} diff --git a/modules/system/settings/nix/default.nix b/modules/system/settings/nix/default.nix index 04218665..c1115185 100644 --- a/modules/system/settings/nix/default.nix +++ b/modules/system/settings/nix/default.nix @@ -1,6 +1,7 @@ -{ config, lib, pkgs, unstable, ... }: +{ pkgs, ... }: { imports = [ + ./channels ./gc ./unfree ]; @@ -16,9 +17,4 @@ trusted-users = [ "@wheel" ]; }; }; - - _module.args.pkgsUnstable = import unstable { - inherit (pkgs.stdenv.hostPlatform) system; - inherit (config.nixpkgs) config; - }; } diff --git a/modules/system/users/default.nix b/modules/system/users/default.nix index d2600a9b..4a588388 100644 --- a/modules/system/users/default.nix +++ b/modules/system/users/default.nix @@ -1,7 +1,7 @@ -{ home-manager, ... }: +{ hm, ... }: { imports = [ ./main - home-manager.nixosModules.home-manager + hm.nixosModules.home-manager ]; }