From 90906c8209b5e71e8e1561dd9821ba7ed8eae220 Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Wed, 2 Jul 2025 13:36:02 +0800 Subject: [PATCH 01/10] Add vm config --- .../desktop.nix | 0 configuration/vm.nix | 87 +++++++++++++++++++ flake.nix | 11 ++- 3 files changed, 97 insertions(+), 1 deletion(-) rename configuration.nix => configuration/desktop.nix (100%) create mode 100755 configuration/vm.nix diff --git a/configuration.nix b/configuration/desktop.nix similarity index 100% rename from configuration.nix rename to configuration/desktop.nix diff --git a/configuration/vm.nix b/configuration/vm.nix new file mode 100755 index 0000000..45e4473 --- /dev/null +++ b/configuration/vm.nix @@ -0,0 +1,87 @@ +{ + pkgs, + ... +}: + +{ + # NixOS version. + system.stateVersion = "25.05"; + + # Enable flakes. + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + + # Allow unfree packages. + nixpkgs.config.allowUnfree = true; + + # Configure the bootloader. + boot.loader.grub = { + enable = true; + device = "/dev/sda"; + }; + + # Set time zone. + time.timeZone = "Australia/Perth"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_AU.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_AU.UTF-8"; + LC_IDENTIFICATION = "en_AU.UTF-8"; + LC_MEASUREMENT = "en_AU.UTF-8"; + LC_MONETARY = "en_AU.UTF-8"; + LC_NAME = "en_AU.UTF-8"; + LC_NUMERIC = "en_AU.UTF-8"; + LC_PAPER = "en_AU.UTF-8"; + LC_TELEPHONE = "en_AU.UTF-8"; + LC_TIME = "en_AU.UTF-8"; + }; + + # Configure keymap in X11. + services.xserver.xkb = { + layout = "us"; + variant = ""; + }; + + # Define a user account. + users.users.docker = { + isNormalUser = true; + extraGroups = [ + "wheel" + "docker" + ]; + }; + + # Install some packages. + programs.git.enable = true; + + programs.neovim = { + enable = true; + defaultEditor = true; # Use neovim as default terminal editor. + configure = { + customRC = '' + set expandtab + set shiftwidth=2 + set tabstop=8 + set softtabstop=2 + set number + colorscheme kanagawa-dragon + ''; + packages.myVimPackage = with pkgs.vimPlugins; { + start = [ kanagawa-nvim ]; + }; + }; + }; + + # Enable SSH server + services.openssh.enable = true; + + # Enable avahi hostname resolution. + services.avahi = { + enable = true; + nssmdns4 = true; + }; +} diff --git a/flake.nix b/flake.nix index 967e3b5..faa523a 100755 --- a/flake.nix +++ b/flake.nix @@ -34,9 +34,18 @@ lanzaboote.nixosModules.lanzaboote nixos-hardware.nixosModules.lenovo-thinkpad-t480 - ./configuration.nix + ./configuration/desktop.nix ./hardware-configuration/muskduck.nix # Include the results of the hardware scan. ]; }; + + nixosConfigurations.vm = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + + modules = [ + ./configuration/vm.nix + ./hardware-configuration/vm.nix # Include the results of the hardware scan. + ]; + }; }; } From e92c0ae27bd8f4620ddc8369363ee401fc030da0 Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Wed, 2 Jul 2025 14:46:08 +0800 Subject: [PATCH 02/10] Rename minecraft vm config, add hostnames --- flake.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index faa523a..1e5a2b2 100755 --- a/flake.nix +++ b/flake.nix @@ -31,18 +31,24 @@ }; modules = [ + { networking.hostName = "muskduck"; } + lanzaboote.nixosModules.lanzaboote nixos-hardware.nixosModules.lenovo-thinkpad-t480 + ./configuration/common.nix ./configuration/desktop.nix ./hardware-configuration/muskduck.nix # Include the results of the hardware scan. ]; }; - nixosConfigurations.vm = nixpkgs.lib.nixosSystem { + nixosConfigurations.vm-minecraft = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ + { networking.hostName = "minecraft"; } + + ./configuration/common.nix ./configuration/vm.nix ./hardware-configuration/vm.nix # Include the results of the hardware scan. ]; From 4dfa79ae28ca8bac98f337ea4bc6174d87f46c2c Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Wed, 2 Jul 2025 14:46:25 +0800 Subject: [PATCH 03/10] Add common config --- configuration/common.nix | 112 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 112 insertions(+) create mode 100644 configuration/common.nix diff --git a/configuration/common.nix b/configuration/common.nix new file mode 100644 index 0000000..8c2a11b --- /dev/null +++ b/configuration/common.nix @@ -0,0 +1,112 @@ +{ pkgs, ... }: +{ + # NixOS version. + system.stateVersion = "25.05"; + + # Enable flakes. + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + + # Allow unfree packages. + nixpkgs.config.allowUnfree = true; + + # Set time zone. + time.timeZone = "Australia/Perth"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_AU.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_AU.UTF-8"; + LC_IDENTIFICATION = "en_AU.UTF-8"; + LC_MEASUREMENT = "en_AU.UTF-8"; + LC_MONETARY = "en_AU.UTF-8"; + LC_NAME = "en_AU.UTF-8"; + LC_NUMERIC = "en_AU.UTF-8"; + LC_PAPER = "en_AU.UTF-8"; + LC_TELEPHONE = "en_AU.UTF-8"; + LC_TIME = "en_AU.UTF-8"; + }; + + # Configure keymap in X11. + services.xserver.xkb = { + layout = "us"; + variant = ""; + }; + + # Use fish shell + programs.fish = { + enable = true; + interactiveShellInit = '' + function n --wraps nnn --description 'support nnn quit and change directory' + if test -n "$NNNLVL" -a "$NNNLVL" -ge 1 + echo "nnn is already running" + return + end + + if test -n "$XDG_CONFIG_HOME" + set -x NNN_TMPFILE "$XDG_CONFIG_HOME/nnn/.lastd" + else + set -x NNN_TMPFILE "$HOME/.config/nnn/.lastd" + end + + command ${pkgs.nnn}/bin/nnn $argv + + if test -e $NNN_TMPFILE + source $NNN_TMPFILE + rm -- $NNN_TMPFILE + end + end + ''; + }; + + programs.bash = { + interactiveShellInit = '' + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + ''; + }; # https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell + + # Install some packages. + programs.git.enable = true; + + programs.neovim = { + enable = true; + defaultEditor = true; # Use neovim as default terminal editor. + configure = { + customRC = '' + set expandtab + set shiftwidth=2 + set tabstop=8 + set softtabstop=2 + set number + colorscheme kanagawa-dragon + ''; + packages.myVimPackage = with pkgs.vimPlugins; { + start = [ kanagawa-nvim ]; + }; + }; + }; + + environment.systemPackages = with pkgs; [ + aria2 + btop + lynx + ncdu + nnn + rsync + tmux + trash-cli + ]; + + # Enable avahi hostname resolution. + services.avahi = { + enable = true; + nssmdns4 = true; + }; +} \ No newline at end of file From e5532734377d7909940a25db5c8917b4d4c2f39b Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Wed, 2 Jul 2025 14:46:40 +0800 Subject: [PATCH 04/10] Move config to common.nix --- configuration/desktop.nix | 73 ++++--------------------------------- configuration/vm.nix | 75 +++++---------------------------------- 2 files changed, 15 insertions(+), 133 deletions(-) diff --git a/configuration/desktop.nix b/configuration/desktop.nix index bb8fccb..38b139b 100755 --- a/configuration/desktop.nix +++ b/configuration/desktop.nix @@ -7,18 +7,6 @@ }: { - # NixOS version. - system.stateVersion = "25.05"; - - # Enable flakes. - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; - - # Allow unfree packages. - nixpkgs.config.allowUnfree = true; - # Configure the bootloader. boot = { # Enable secure boot. @@ -54,36 +42,9 @@ # Enable smart card support (for YubiKey). services.pcscd.enable = true; - # Define hostname. - networking.hostName = "muskduck"; - # Enable networking. networking.networkmanager.enable = true; - # Set time zone. - time.timeZone = "Australia/Perth"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_AU.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "en_AU.UTF-8"; - LC_IDENTIFICATION = "en_AU.UTF-8"; - LC_MEASUREMENT = "en_AU.UTF-8"; - LC_MONETARY = "en_AU.UTF-8"; - LC_NAME = "en_AU.UTF-8"; - LC_NUMERIC = "en_AU.UTF-8"; - LC_PAPER = "en_AU.UTF-8"; - LC_TELEPHONE = "en_AU.UTF-8"; - LC_TIME = "en_AU.UTF-8"; - }; - - # Configure keymap in X11. - services.xserver.xkb = { - layout = "us"; - variant = ""; - }; - # Define a user account. users.users.fern = { isNormalUser = true; @@ -150,35 +111,21 @@ # Install some packages. programs.steam.enable = true; - programs.git.enable = true; programs.firefox.enable = true; - programs.neovim = { - enable = true; - defaultEditor = true; # Use neovim as default terminal editor. - configure = { - customRC = '' - set expandtab - set shiftwidth=2 - set tabstop=8 - set softtabstop=2 - set number - colorscheme kanagawa-dragon - ''; - packages.myVimPackage = with pkgs.vimPlugins; { - start = [ kanagawa-nvim ]; - }; - }; - }; - environment.systemPackages = with pkgs; [ adwsteamgtk ansible celluloid discord feishin0_16_0.feishin + ghostty gimp3 glabels-qt + gnome-tweaks + gnomeExtensions.auto-move-windows + gnomeExtensions.rounded-window-corners-reborn + gnomeExtensions.smile-complementary-extension jellyfin-media-player libreoffice nixd # nix language server @@ -187,13 +134,8 @@ protonmail-desktop signal-desktop smile - yubioath-flutter - gnomeExtensions.rounded-window-corners-reborn - gnomeExtensions.smile-complementary-extension - gnomeExtensions.auto-move-windows - gnome-tweaks vscodium - ghostty + yubioath-flutter # PrismLauncher with temurin jre. (prismlauncher.override { @@ -215,9 +157,6 @@ # Enable gamemode service programs.gamemode.enable = true; - # Enable avahi hostname resolution. - services.avahi.nssmdns4 = true; - # Enable CUPS to print documents. services.printing.enable = true; diff --git a/configuration/vm.nix b/configuration/vm.nix index 45e4473..d37f694 100755 --- a/configuration/vm.nix +++ b/configuration/vm.nix @@ -1,51 +1,10 @@ { - pkgs, - ... -}: - -{ - # NixOS version. - system.stateVersion = "25.05"; - - # Enable flakes. - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; - - # Allow unfree packages. - nixpkgs.config.allowUnfree = true; - # Configure the bootloader. boot.loader.grub = { enable = true; device = "/dev/sda"; }; - # Set time zone. - time.timeZone = "Australia/Perth"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_AU.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "en_AU.UTF-8"; - LC_IDENTIFICATION = "en_AU.UTF-8"; - LC_MEASUREMENT = "en_AU.UTF-8"; - LC_MONETARY = "en_AU.UTF-8"; - LC_NAME = "en_AU.UTF-8"; - LC_NUMERIC = "en_AU.UTF-8"; - LC_PAPER = "en_AU.UTF-8"; - LC_TELEPHONE = "en_AU.UTF-8"; - LC_TIME = "en_AU.UTF-8"; - }; - - # Configure keymap in X11. - services.xserver.xkb = { - layout = "us"; - variant = ""; - }; - # Define a user account. users.users.docker = { isNormalUser = true; @@ -53,35 +12,19 @@ "wheel" "docker" ]; - }; - - # Install some packages. - programs.git.enable = true; - - programs.neovim = { - enable = true; - defaultEditor = true; # Use neovim as default terminal editor. - configure = { - customRC = '' - set expandtab - set shiftwidth=2 - set tabstop=8 - set softtabstop=2 - set number - colorscheme kanagawa-dragon - ''; - packages.myVimPackage = with pkgs.vimPlugins; { - start = [ kanagawa-nvim ]; - }; - }; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETPyuxUVEmYyEW6PVC6BXqkhULHd/RvMm8fMbYhjTMV fern@muskduck" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKzW4epTmK01kGVXcuAXUNJQPltnogf4uab9FA5m8S3n fern@pardalote" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEJYq1fMxVOzCMfE/td6DtWS8nUk76U9seYD3Z9RYAz u0_a399@fairywren" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMoJvPcUJDVVzO4dHROCFNlgJdDZSP5xyPx2s40zcx5QAAAABHNzaDo= YubiKey5NFC" + ]; }; # Enable SSH server services.openssh.enable = true; - - # Enable avahi hostname resolution. - services.avahi = { + + # Enable docker + virtualisation.docker = { enable = true; - nssmdns4 = true; }; } From a0d53b2db76ec3f86749da42beb7a0039d017360 Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Wed, 2 Jul 2025 15:36:10 +0800 Subject: [PATCH 05/10] Enable linger for docker user --- configuration/vm.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/configuration/vm.nix b/configuration/vm.nix index d37f694..fde4318 100755 --- a/configuration/vm.nix +++ b/configuration/vm.nix @@ -8,6 +8,7 @@ # Define a user account. users.users.docker = { isNormalUser = true; + linger = true; extraGroups = [ "wheel" "docker" From b9be0e96c459801d3349773d3851b02a7c0e177c Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Wed, 2 Jul 2025 16:10:47 +0800 Subject: [PATCH 06/10] Autologin, passwordless sudo --- configuration/vm.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/configuration/vm.nix b/configuration/vm.nix index fde4318..8e4c994 100755 --- a/configuration/vm.nix +++ b/configuration/vm.nix @@ -21,6 +21,12 @@ ]; }; + # Auto login + services.getty.autologinUser = "docker"; + + # Passwordless sudo + security.sudo.wheelNeedsPassword = false; + # Enable SSH server services.openssh.enable = true; From 630864ef08cda8861654d20c3f3c1d58ffa865f3 Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Wed, 2 Jul 2025 16:19:59 +0800 Subject: [PATCH 07/10] Enable all terminfo --- configuration/vm.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/configuration/vm.nix b/configuration/vm.nix index 8e4c994..529fe9d 100755 --- a/configuration/vm.nix +++ b/configuration/vm.nix @@ -27,6 +27,9 @@ # Passwordless sudo security.sudo.wheelNeedsPassword = false; + # Enable all terminfo (for ghostty) + environment.enableAllTerminfo = true; + # Enable SSH server services.openssh.enable = true; From 761687accbfc322924775ffb0f1b11ce686c9b44 Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Wed, 2 Jul 2025 16:21:47 +0800 Subject: [PATCH 08/10] Cleanup --- hardware-configuration/muskduck.nix | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/hardware-configuration/muskduck.nix b/hardware-configuration/muskduck.nix index 367b9e3..d6505f9 100644 --- a/hardware-configuration/muskduck.nix +++ b/hardware-configuration/muskduck.nix @@ -1,7 +1,4 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, modulesPath, ... }: { imports = @@ -28,13 +25,7 @@ swapDevices = [ ]; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; From 9b67203d4e73c66e91bf7196360377a428b01a0e Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Wed, 2 Jul 2025 16:21:56 +0800 Subject: [PATCH 09/10] add minecraft vm hardware config --- hardware-configuration/vm-minecraft.nix | 35 +++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 hardware-configuration/vm-minecraft.nix diff --git a/hardware-configuration/vm-minecraft.nix b/hardware-configuration/vm-minecraft.nix new file mode 100644 index 0000000..b6816e7 --- /dev/null +++ b/hardware-configuration/vm-minecraft.nix @@ -0,0 +1,35 @@ +{ lib, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/4d1a9488-acf2-456c-a435-cc96ecff8aba"; + fsType = "ext4"; + }; + + fileSystems."/home/docker/volumes" = + { device = "/dev/disk/by-uuid/e520aca6-6cad-483c-b855-f6409a8a6908"; + fsType = "ext2"; + }; + + fileSystems."/var/lib/docker" = + { device = "/dev/disk/by-uuid/fab223a4-78a1-4900-81a6-45d04325fdcf"; + fsType = "ext2"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/73916996-b863-4279-9fe5-ae2b3b773608"; } + ]; + + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} \ No newline at end of file From 56a20fc1c8a981765684c13da9f5772f50f6ff05 Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Wed, 2 Jul 2025 16:22:13 +0800 Subject: [PATCH 10/10] Rename hardware config in flake --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 1e5a2b2..188ff2a 100755 --- a/flake.nix +++ b/flake.nix @@ -50,7 +50,7 @@ ./configuration/common.nix ./configuration/vm.nix - ./hardware-configuration/vm.nix # Include the results of the hardware scan. + ./hardware-configuration/vm-minecraft.nix # Include the results of the hardware scan. ]; }; };