dadada/nix-config
dadada/nix-config
1
0
Fork 0
Code Issues 2 Pull requests 5 Projects Releases Packages Wiki Activity Actions

fix: some deprecations

Browse source
This commit is contained in:
Tim Schubert 2025-07-13 20:36:26 +02:00
parent 1f9c599c40
commit 0e9b76da48
No known key found for this signature in database
5 changed files with 335 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
home/modules/zsh.nix
View file

@ -34,7 +34,7 @@ in
}; };
plugins = [ plugins = [
]; ];
initExtra = '' initContent = ''
source ${pkgs.zsh-git-prompt}/share/zsh-git-prompt/zshrc.sh source ${pkgs.zsh-git-prompt}/share/zsh-git-prompt/zshrc.sh
source ${pkgs.fzf}/share/fzf/key-bindings.zsh source ${pkgs.fzf}/share/fzf/key-bindings.zsh
source ${pkgs.fzf}/share/fzf/completion.zsh source ${pkgs.fzf}/share/fzf/completion.zsh

37
nixos/configurations.nix
View file

@ -31,6 +31,39 @@ let
}; };
in in
{ {
stolas =
let
system = "x86_64-linux";
in
nixosSystem {
inherit nixpkgs system;
extraModules = [
# TODO lanzaboote.nixosModules.lanzaboote
{
nixpkgs.overlays = nixpkgs.lib.attrValues self.overlays;
dadada.pkgs = self.packages.${system};
dadada.inputs = inputs // {
dadada = self;
};
}
nixos-hardware.nixosModules.framework-amd-ai-300-series
home-manager.nixosModules.home-manager
(
{ pkgs, ... }:
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.sharedModules = (nixpkgs.lib.attrValues self.hmModules) ++ [
{ dadada.home.helix.package = pkgs.helix; }
];
home-manager.users.dadada = import ../home;
}
)
./stolas
];
};
gorgon = gorgon =
let let
system = "x86_64-linux"; system = "x86_64-linux";
@ -46,12 +79,10 @@ in
dadada = self; dadada = self;
}; };
} }
nixos-hardware.nixosModules.lenovo-thinkpad-t14s-amd-gen1 nixos-hardware.nixosModules.lenovo-thinkpad-t14s-amd-gen1
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
( (
{ pkgs, lib, ... }: { pkgs, ... }:
{ {
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true; home-manager.useUserPackages = true;

4
nixos/modules/profiles/base.nix
View file

@ -13,8 +13,8 @@ in
./upgrade-pg-cluster.nix ./upgrade-pg-cluster.nix
]; ];
boot.tmp.useTmpfs = true; boot.tmp.useTmpfs = lib.mkDefault true;
boot.tmp.tmpfsSize = "50%"; boot.tmp.tmpfsSize = lib.mkDefault "50%";
i18n.defaultLocale = mkDefault "en_US.UTF-8"; i18n.defaultLocale = mkDefault "en_US.UTF-8";
console = mkDefault { console = mkDefault {

2
nixos/modules/profiles/laptop.nix
View file

@ -48,7 +48,7 @@ with lib;
alsa.support32Bit = true; alsa.support32Bit = true;
pulse.enable = true; pulse.enable = true;
}; };
hardware.pulseaudio.enable = false; services.pulseaudio.enable = false;
dadada.backupClient.gs = { dadada.backupClient.gs = {
enable = true; enable = true;

297
nixos/stolas/default.nix Normal file
View file

@ -0,0 +1,297 @@
{ config, lib, pkgs, ... }:
{
imports = [
../modules/profiles/laptop.nix
];
### TODO double check with generated hw-config
boot = {
# TODO lanzaboote = {
# enable = true;
# pkiBundle = "/var/lib/sbctl";
#};
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ pkgs.linuxPackages.v4l2loopback ];
initrd = {
availableKernelModules = [
"nvme"
"ehci_pci"
"xhci_pci"
"usb_storage"
"sd_mod"
"rtsx_pci_sdmmc"
];
# TODO disable for lanzaboote
systemd.enable = true;
# Lanzaboote currently replaces the systemd-boot module.
# This setting is usually set to true in configuration.nix
# generated at installation time. So we force it to false
# for now.
#boot.loader.systemd-boot.enable = lib.mkForce false;
luks.devices = {
root = {
# TODO
device = "/dev/disk/by-uuid/todo";
allowDiscards = true;
# TODO lanzaboote + TPM2 unlock with PIN https://www.freedesktop.org/software/systemd/man/251/systemd-cryptenroll.html#--tpm2-with-pin=BOOL
#crypttabExtraOpts = [ "fido2-device=auto" ];
};
};
};
};
environment.systemPackages = [
# For debugging and troubleshooting Secure Boot.
pkgs.sbctl
];
# TODO compare with nixos-generate-config --show-hardware-config
fileSystems = {
"/boot" = {
# TODO
device = "/dev/disk/by-uuid/todo";
fsType = "vfat";
};
"/" = {
# TODO
device = "/dev/disk/by-uuid/todo";
fsType = "btrfs";
options = [
"subvol=root"
"compress=zstd"
];
};
"/home" = {
# TODO
device = "/dev/disk/by-uuid/todo";
options = [
"compress=zstd"
"subvol=home"
];
};
"/home/dadada" = {
# TODO
device = "/dev/disk/by-uuid/todo";
options = [
"compress=zstd"
"subvol=home/dadada"
];
};
"/nix" = {
# TODO
device = "/dev/disk/by-uuid/todo";
fsType = "btrfs";
options = [
"noatime"
"compress=zstd"
"subvol=nix"
];
};
"/nix/var/nix/builds" = {
device = "none";
fsType = "tmpfs";
options = [
# Max 80% of available RAM
"size=80%"
# Only owner (nix daemon may write)
"mode=755"
];
};
"/root" = {
# TODO
device = "/dev/disk/by-uuid/todo";
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=root"
];
};
"/var" = {
# TODO
device = "/dev/disk/by-uuid/todo";
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=var"
];
};
"/var/lib/paperless" = {
# TODO
device = "/dev/disk/by-uuid/todo";
fsType = "btrfs";
options = [
"compress=zstd"
"subvol=var/lib/paperless"
];
};
"/var/swap" = {
# TODO
device = "/dev/disk/by-uuid/todo";
fsType = "btrfs";
options = [
"noatime"
"subvol=swap"
];
};
# NOTE: /tmp is tmpfs because of config in base.nix
};
# TODO btrfs filesystem mkswapfile --uuid clear /var/swap/swapfile
# swapDevices = [{
# device = "/var/swap/swapfile";
# size = 80*1024; # Creates an 80GB swap file
# }];
hardware = {
# NOTE: hardware.framework.enableKmod requires kernel patching, but enables access to some EC features
bluetooth.enable = true;
framework.laptop13.audioEnhancement.enable = true;
graphics = {
enable = true;
extraPackages = with pkgs; [
vaapiVdpau
libvdpau-va-gl
];
};
};
powerManagement = {
enable = true;
cpuFreqGovernor = "schedutil";
# TODO: Limit charge of battery, does this work without kernel patches from hardware.frameworkenableKmod?
powerUpCommands = ''
echo 80 > /sys/class/power_supply/BAT0/charge_control_stop_threshold
'';
};
networking = {
hostName = "stolas";
firewall = {
enable = true;
allowedTCPPorts = [
22000 # Syncthing
];
allowedUDPPorts = [
21027 # Syncthing
];
};
};
nix = {
settings.max-jobs = lib.mkDefault 16;
};
# TODO dadada.backupClient.backup1.enable = true;
# dadada.backupClient.backup2 = {
# enable = true;
# passphrasePath = config.age.secrets."${config.networking.hostName}-backup-passphrase".path;
# sshIdentityFile = config.age.secrets."${config.networking.hostName}-backup-ssh-key".path;
# repo = "u355513-subX@u355513-subX.your-storagebox.de:/home/backup";
# };
programs = {
adb.enable = true;
firefox = {
enable = true;
package = pkgs.firefox-wayland;
};
gnupg.agent.enable = true;
ssh.startAgent = true;
wireshark.enable = true;
};
services = {
avahi.enable = true;
desktopManager.plasma6.enable = true;
displayManager = {
sddm.enable = true;
sddm.wayland.enable = true;
};
gnome.gnome-keyring.enable = lib.mkForce false;
smartd.enable = true;
printing = {
enable = true;
browsing = true;
};
paperless = {
# TODO migrate DB
enable = true;
passwordFile = config.age.secrets.paperless.path;
};
tlp.enable = false;
};
system = {
stateVersion = "25.05";
};
systemd.tmpfiles.rules =
let
cfg = config.services.paperless;
in
[
(
if cfg.consumptionDirIsPublic then
"d '${cfg.consumptionDir}' 777 - - - -"
else
"d '${cfg.consumptionDir}' 770 ${cfg.user} ${config.users.users.${cfg.user}.group} - -"
)
];
systemd.services = {
modem-manager.enable = lib.mkForce false;
"dbus-org.freedesktop.ModemManager1".enable = lib.mkForce false;
};
systemd.sleep.extraConfig = ''
HibernateDelaySec=1h
'';
virtualisation.libvirtd.enable = true;
users = {
users = {
dadada = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"libvirtd"
"adbusers"
"kvm"
"video"
"scanner"
"lp"
"docker"
"dialout"
"wireshark"
"paperless"
];
shell = "/run/current-system/sw/bin/zsh";
};
};
};
age.secrets = {
paperless = {
file = "${config.dadada.secrets.path}/paperless.age";
mode = "700";
owner = "paperless";
};
};
# Create compressing swap space in RAM
zramSwap.enable = true;
}