Bun/nixos-config
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Minimize pkgs use, add stable channel for unstable systems, more separation and such

Browse source
This commit is contained in:
Bun 2025-03-27 08:53:35 -04:00
parent e2c86171a5
commit 9190e09c93
23 changed files with 112 additions and 93 deletions
Download patch file Download diff file Expand all files Collapse all files

62
flake.lock generated
View file

@ -57,7 +57,7 @@
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "stable"
] ]
}, },
"locked": { "locked": {
@ -222,10 +222,10 @@
"type": "github" "type": "github"
} }
}, },
"home-manager": { "hm": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "stable"
] ]
}, },
"locked": { "locked": {
@ -265,7 +265,7 @@
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "stable"
], ],
"pre-commit-hooks-nix": "pre-commit-hooks-nix", "pre-commit-hooks-nix": "pre-commit-hooks-nix",
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
@ -406,26 +406,11 @@
}, },
"nixpkgs_4": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1742751704, "lastModified": 1742889210,
"narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-24.11",
"type": "indirect"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1742669843,
"narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1e5b653dff12029333a6546c11e108ede13052eb", "rev": "698214a32beb4f4c8e3942372c694f40848b360d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -438,15 +423,15 @@
"nur": { "nur": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_5", "nixpkgs": "nixpkgs_4",
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1742962100, "lastModified": 1743025561,
"narHash": "sha256-uXXhBELlgUawUAVSNDtnKzoFo4lNoCOYS4JrQwFqnyI=", "narHash": "sha256-wbszHA2bJaA9TSLkiU1Gqby4noRNhhWi9CNoFqxSPj0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "028c4f0ccf35ede826a3eff910cb4fe6b8e6cfb5", "rev": "dcc6f70a7f8c69b50a266de40ca6228f01a50c88",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -486,13 +471,13 @@
"inputs": { "inputs": {
"blender": "blender", "blender": "blender",
"disko": "disko", "disko": "disko",
"home-manager": "home-manager", "hm": "hm",
"impermanence": "impermanence", "impermanence": "impermanence",
"lanzaboote": "lanzaboote", "lanzaboote": "lanzaboote",
"mailserver": "mailserver", "mailserver": "mailserver",
"minecraft": "minecraft", "minecraft": "minecraft",
"nixpkgs": "nixpkgs_4",
"nur": "nur", "nur": "nur",
"stable": "stable",
"unstable": "unstable" "unstable": "unstable"
} }
}, },
@ -521,6 +506,21 @@
"type": "github" "type": "github"
} }
}, },
"stable": {
"locked": {
"lastModified": 1742751704,
"narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-24.11",
"type": "indirect"
}
},
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
@ -574,11 +574,11 @@
}, },
"unstable": { "unstable": {
"locked": { "locked": {
"lastModified": 1742669843, "lastModified": 1742889210,
"narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1e5b653dff12029333a6546c11e108ede13052eb", "rev": "698214a32beb4f4c8e3942372c694f40848b360d",
"type": "github" "type": "github"
}, },
"original": { "original": {

26
flake.nix
View file

@ -1,17 +1,17 @@
{ {
inputs = { inputs = {
# System inputs # System inputs
nixpkgs.url = "nixpkgs/nixos-24.11"; stable.url = "nixpkgs/nixos-24.11";
unstable.url = "nixpkgs/nixos-unstable"; unstable.url = "nixpkgs/nixos-unstable";
lanzaboote = { lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.1"; url = "github:nix-community/lanzaboote/v0.4.1";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "stable";
}; };
disko = { disko = {
url = "github:nix-community/disko"; url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "stable";
}; };
impermanence.url = "github:nix-community/impermanence"; impermanence.url = "github:nix-community/impermanence";
@ -19,9 +19,9 @@
minecraft.url = "github:Infinidoge/nix-minecraft"; minecraft.url = "github:Infinidoge/nix-minecraft";
# Home inputs # Home inputs
home-manager = { hm = {
url = "github:nix-community/home-manager/release-24.11"; url = "github:nix-community/home-manager/release-24.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "stable";
}; };
nur.url = "github:nix-community/NUR"; nur.url = "github:nix-community/NUR";
@ -29,30 +29,30 @@
}; };
outputs = { outputs = {
nixpkgs, stable,
unstable, unstable,
lanzaboote, lanzaboote,
disko, disko,
impermanence, impermanence,
mailserver, mailserver,
minecraft, minecraft,
home-manager, hm,
nur, nur,
blender, blender,
... ...
}@inputs: }@inputs:
let let
mkNix = modules: nixpkgs.lib.nixosSystem { mkNix = modules: stable.lib.nixosSystem {
inherit modules; inherit modules;
specialArgs = inputs; specialArgs = inputs;
}; };
mkHome = modules: pkgs: home-manager.lib.homeManagerConfiguration { mkHome = modules: pkgs: hm.lib.homeManagerConfiguration {
inherit modules pkgs; inherit modules pkgs;
extraSpecialArgs = inputs; extraSpecialArgs = inputs;
}; };
in { in {
# nixos-rebuild switch --flake /etc/nixos#hostname # nh os switch /path --hostname=host
nixosConfigurations = { nixosConfigurations = {
tower = mkNix [ ./hosts/tower ]; # Main Desktop tower = mkNix [ ./hosts/tower ]; # Main Desktop
qemu = mkNix [ ./hosts/qemu ]; # Virtualization Testing qemu = mkNix [ ./hosts/qemu ]; # Virtualization Testing
@ -67,10 +67,10 @@
prophet = mkNix [ ./hosts/prophet ]; # Oracle Neoverse-N1 prophet = mkNix [ ./hosts/prophet ]; # Oracle Neoverse-N1
}; };
# home-manager switch --flake /etc/nixos#arch # nh home switch /path -c arch
homeConfigurations = { homeConfigurations = {
x86 = mkHome [ ./modules/home ] nixpkgs.legacyPackages.x86_64-linux; x86 = mkHome [ ./modules/home ] stable.legacyPackages.x86_64-linux;
aarch = mkHome [ ./modules/home ] nixpkgs.legacyPackages.aarch64-linux; aarch = mkHome [ ./modules/home ] stable.legacyPackages.aarch64-linux;
}; };
}; };
} }

1
hosts/intuos/default.nix
View file

@ -11,7 +11,6 @@
networking = { networking = {
hostName = "intuos"; hostName = "intuos";
useDHCP = false;
wireless.enable = true; wireless.enable = true;
interfaces."wlp1s0".ipv4.addresses = [{ interfaces."wlp1s0".ipv4.addresses = [{
address = "10.2.0.102"; address = "10.2.0.102";

2
hosts/intuos/hardware/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, modulesPath, ... }: { config, lib, modulesPath, ... }:
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

2
hosts/kitty/hardware/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, modulesPath, ... }: { config, lib, modulesPath, ... }:
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

4
hosts/midas/firewall/default.nix
View file

@ -3,7 +3,7 @@
networking.nftables.tables.forwarding = { networking.nftables.tables.forwarding = {
family = "inet"; family = "inet";
content = '' content = ''
chain PREROUTING { chain incoming {
type nat hook prerouting priority dstnat; policy accept; type nat hook prerouting priority dstnat; policy accept;
tcp dport 2211 dnat ip to 10.2.0.100:22 comment "SSH to Tower" tcp dport 2211 dnat ip to 10.2.0.100:22 comment "SSH to Tower"
tcp dport 2222 dnat ip to 10.2.0.2:22 comment "SSH to Kitty" tcp dport 2222 dnat ip to 10.2.0.2:22 comment "SSH to Kitty"
@ -17,7 +17,7 @@
udp dport { 37998, 37999, 38000 } dnat ip to 10.3.0.1 comment "VM Sunshine UDP" udp dport { 37998, 37999, 38000 } dnat ip to 10.3.0.1 comment "VM Sunshine UDP"
} }
chain POSTROUTING { chain forward {
type nat hook postrouting priority 100; policy accept; type nat hook postrouting priority 100; policy accept;
oifname "enp0s31f6" masquerade oifname "enp0s31f6" masquerade
} }

2
hosts/pear/hardware/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, modulesPath, ... }: { config, lib, modulesPath, ... }:
{ {
imports = [ imports = [
(modulesPath + "/hardware/network/broadcom-43xx.nix") (modulesPath + "/hardware/network/broadcom-43xx.nix")

6
hosts/tower/boot/default.nix
View file

@ -6,9 +6,6 @@ let
"iommu=pt" "iommu=pt"
"nested=1" "nested=1"
# Virtualization nonsense
"transparent_hugepage=never"
# Isolate devices into IOMMU groups # Isolate devices into IOMMU groups
"pcie_acs_override=downstream,multifunction" "pcie_acs_override=downstream,multifunction"
"pci=routeirq" "pci=routeirq"
@ -19,13 +16,14 @@ in {
kernelPackages = pkgsUnstable.linuxPackages_xanmod_stable; kernelPackages = pkgsUnstable.linuxPackages_xanmod_stable;
kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:1f82,10de:10fa" ]; kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:1f82,10de:10fa" ];
# Load into GPU before NVIDIA driver # Load into GPU before video driver
initrd.kernelModules = [ initrd.kernelModules = [
"vfio" "vfio"
"vfio_pci" "vfio_pci"
"vfio_iommu_type1" "vfio_iommu_type1"
]; ];
# Secure boot
lanzaboote.enable = true; lanzaboote.enable = true;
}; };

4
modules/home/programs/gui/rofi/scripts/default.nix
View file

@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
home.packages = with pkgs; lib.mkIf config.programs.rofi.enable [ home.packages = with pkgs; lib.mkIf config.programs.rofi.enable [
(pkgs.writeScriptBin "rofiscratch" '' (writeScriptBin "rofiscratch" ''
SCRATCHPADS=$(echo -e "Btop\nMusic\nSound\nEasyEffects" | rofi -dmenu -i -p "Scratchpads") SCRATCHPADS=$(echo -e "Btop\nMusic\nSound\nEasyEffects" | rofi -dmenu -i -p "Scratchpads")
case $SCRATCHPADS in case $SCRATCHPADS in
Btop) foot -a btop -T Btop btop;; Btop) foot -a btop -T Btop btop;;
@ -9,7 +9,7 @@
Sound) foot -a sound -T Sound pulsemixer;; Sound) foot -a sound -T Sound pulsemixer;;
esac esac
'') '')
(pkgs.writeScriptBin "rofipower" '' (writeScriptBin "rofipower" ''
POWER=$(echo -e "Shutdown\nReboot\nLock\nSleep\nKill" | rofi -dmenu -i -p "Power") POWER=$(echo -e "Shutdown\nReboot\nLock\nSleep\nKill" | rofi -dmenu -i -p "Power")
case $POWER in case $POWER in
Shutdown) poweroff;; Shutdown) poweroff;;

7
modules/home/programs/terminal/bat/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ ... }:
{
programs.bat = {
enable = true;
config.paging = "never";
};
}

1
modules/home/programs/terminal/default.nix
View file

@ -1,6 +1,7 @@
{ ... }: { ... }:
{ {
imports = [ imports = [
./bat
./btop ./btop
./eza ./eza
./fastfetch ./fastfetch

2
modules/home/programs/terminal/fastfetch/small/default.nix
View file

@ -1,5 +1,5 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
home.packages = with pkgs; [ (pkgs.writeScriptBin "pfetch" "fastfetch --config ~/.config/fastfetch/small.jsonc") ]; home.packages = with pkgs; [ (writeScriptBin "pfetch" "fastfetch --config ~/.config/fastfetch/small.jsonc") ];
xdg.configFile."fastfetch/small.jsonc".source = ./small.jsonc; xdg.configFile."fastfetch/small.jsonc".source = ./small.jsonc;
} }

1
modules/home/programs/terminal/zsh/default.nix
View file

@ -14,7 +14,6 @@
}; };
initExtra = '' initExtra = ''
pfetch pfetch
source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh
source ${pkgs.zsh-you-should-use}/share/zsh/plugins/you-should-use/you-should-use.plugin.zsh source ${pkgs.zsh-you-should-use}/share/zsh/plugins/you-should-use/you-should-use.plugin.zsh
setopt HIST_IGNORE_SPACE setopt HIST_IGNORE_SPACE
setopt RM_STAR_WAIT setopt RM_STAR_WAIT

1
modules/home/settings/aliases/default.nix
View file

@ -9,7 +9,6 @@
# Shortcuts # Shortcuts
ff = "clear && fastfetch"; ff = "clear && fastfetch";
ip = "ip -c"; ip = "ip -c";
cat = "${pkgs.bat}/bin/bat --paging never";
spotdl = "spotdl --m3u --format opus"; spotdl = "spotdl --m3u --format opus";
copycat = "wl-copy <"; copycat = "wl-copy <";
myip = "curl ifconfig.co"; myip = "curl ifconfig.co";

10
modules/home/settings/gtk/theme/default.nix
View file

@ -1,13 +1,13 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
gtk = { gtk = with pkgs; {
font = { font = {
name = "${config.look.fonts.main}"; name = config.look.fonts.main;
size = 11; size = 11;
}; };
theme = { theme = {
name = "Colloid-Dark"; name = "Colloid-Dark";
package = pkgs.colloid-gtk-theme.override { package = colloid-gtk-theme.override {
themeVariants = [ "default" ]; themeVariants = [ "default" ];
colorVariants = [ "dark" ]; colorVariants = [ "dark" ];
sizeVariants = [ "standard" ]; sizeVariants = [ "standard" ];
@ -20,8 +20,8 @@
}; };
iconTheme = { iconTheme = {
name = "Papirus-Dark"; name = "Papirus-Dark";
package = pkgs.papirus-icon-theme.override { package = papirus-icon-theme.override {
color = "${config.look.colors.folder}"; color = config.look.colors.folder;
}; };
}; };
}; };

14
modules/home/settings/nix/channels/default.nix Normal file
View file

@ -0,0 +1,14 @@
{ config, lib, pkgs, stable, unstable, ... }:
{
nix.registry.stable.flake = stable;
nix.registry.unstable.flake = unstable;
_module.args.pkgsStable = import stable {
inherit (pkgs.stdenv.hostPlatform) system;
inherit (config.nixpkgs) config;
};
_module.args.pkgsUnstable = import unstable {
inherit (pkgs.stdenv.hostPlatform) system;
inherit (config.nixpkgs) config;
};
}

13
modules/home/settings/nix/default.nix
View file

@ -1,6 +1,9 @@
{ config, lib, pkgs, unstable, ... }: { config, lib, pkgs, ... }:
{ {
imports = [ ./unfree ]; imports = [
./channels
./unfree
];
nix = { nix = {
package = lib.mkForce pkgs.nix; package = lib.mkForce pkgs.nix;
@ -8,11 +11,5 @@
"nix-command" "nix-command"
"flakes" "flakes"
]; ];
registry.unstable.flake = unstable;
};
_module.args.pkgsUnstable = import unstable {
inherit (pkgs.stdenv.hostPlatform) system;
inherit (config.nixpkgs) config;
}; };
} }

9
modules/system/devices/networking/default.nix
View file

@ -8,16 +8,17 @@
nftables.enable = true; nftables.enable = true;
firewall.allowPing = false; firewall.allowPing = false;
nameservers = [ nameservers = [
"1.1.1.1#one.one.one.one" "9.9.9.11#dns11.quad9.net"
"1.0.0.1#one.one.one.one" "149.112.112.11#dns11.quad9.net"
"2620:fe::11#dns11.quad9.net"
"2620:fe::fe:11#dns11.quad9.net"
]; ];
}; };
services.resolved = { services.resolved = {
enable = true; enable = true;
dnssec = "true"; dnssec = "true";
domains = [ "~." ];
fallbackDns = config.networking.nameservers;
dnsovertls = "true"; dnsovertls = "true";
fallbackDns = config.networking.nameservers;
}; };
} }

12
modules/system/devices/video/nvidia/default.nix
View file

@ -4,21 +4,17 @@
config = lib.mkIf config.system.nvidia.enable { config = lib.mkIf config.system.nvidia.enable {
hardware.nvidia = { hardware.nvidia = {
package = config.boot.kernelPackages.nvidiaPackages.beta;
modesetting.enable = true; modesetting.enable = true;
nvidiaSettings = false; nvidiaSettings = false;
open = false; open = true;
}; };
services.xserver.videoDrivers = [ "nvidia" ]; services.xserver.videoDrivers = [ "nvidia" ];
boot.kernelParams = [ "nvidia_drm.fbdev=1" ];
nixpkgs.allowUnfreePackages = [ "nvidia-x11" ]; nixpkgs.allowUnfreePackages = [ "nvidia-x11" ];
specialisation.nouveau.configuration.config = { boot.kernelParams = [ "nvidia_drm.fbdev=1" ];
system.nvidia.enable = lib.mkForce false;
environment.sessionVariables.NIXOS_OZONE_WL = lib.mkForce ""; specialisation.nouveau.configuration.config.system.nvidia.enable = lib.mkForce false;
};
}; };
} }

3
modules/system/programs/home-manager/default.nix
View file

@ -1,10 +1,11 @@
{ unstable, nur, blender, ... }: { stable, unstable, nur, blender, ... }:
{ {
home-manager = { home-manager = {
useUserPackages = true; useUserPackages = true;
backupFileExtension = "bak"; backupFileExtension = "bak";
extraSpecialArgs = { extraSpecialArgs = {
inherit inherit
stable
unstable unstable
nur nur
blender blender

11
modules/system/settings/nix/channels/default.nix Normal file
View file

@ -0,0 +1,11 @@
{ config, lib, pkgs, stable, unstable, ... }:
{
_module.args.pkgsStable = import stable {
inherit (pkgs.stdenv.hostPlatform) system;
inherit (config.nixpkgs) config;
};
_module.args.pkgsUnstable = import unstable {
inherit (pkgs.stdenv.hostPlatform) system;
inherit (config.nixpkgs) config;
};
}

8
modules/system/settings/nix/default.nix
View file

@ -1,6 +1,7 @@
{ config, lib, pkgs, unstable, ... }: { pkgs, ... }:
{ {
imports = [ imports = [
./channels
./gc ./gc
./unfree ./unfree
]; ];
@ -16,9 +17,4 @@
trusted-users = [ "@wheel" ]; trusted-users = [ "@wheel" ];
}; };
}; };
_module.args.pkgsUnstable = import unstable {
inherit (pkgs.stdenv.hostPlatform) system;
inherit (config.nixpkgs) config;
};
} }

4
modules/system/users/default.nix
View file

@ -1,7 +1,7 @@
{ home-manager, ... }: { hm, ... }:
{ {
imports = [ imports = [
./main ./main
home-manager.nixosModules.home-manager hm.nixosModules.home-manager
]; ];
} }