diff --git a/configuration/common.nix b/configuration/common.nix new file mode 100644 index 0000000..8c2a11b --- /dev/null +++ b/configuration/common.nix @@ -0,0 +1,112 @@ +{ pkgs, ... }: +{ + # NixOS version. + system.stateVersion = "25.05"; + + # Enable flakes. + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + + # Allow unfree packages. + nixpkgs.config.allowUnfree = true; + + # Set time zone. + time.timeZone = "Australia/Perth"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_AU.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_AU.UTF-8"; + LC_IDENTIFICATION = "en_AU.UTF-8"; + LC_MEASUREMENT = "en_AU.UTF-8"; + LC_MONETARY = "en_AU.UTF-8"; + LC_NAME = "en_AU.UTF-8"; + LC_NUMERIC = "en_AU.UTF-8"; + LC_PAPER = "en_AU.UTF-8"; + LC_TELEPHONE = "en_AU.UTF-8"; + LC_TIME = "en_AU.UTF-8"; + }; + + # Configure keymap in X11. + services.xserver.xkb = { + layout = "us"; + variant = ""; + }; + + # Use fish shell + programs.fish = { + enable = true; + interactiveShellInit = '' + function n --wraps nnn --description 'support nnn quit and change directory' + if test -n "$NNNLVL" -a "$NNNLVL" -ge 1 + echo "nnn is already running" + return + end + + if test -n "$XDG_CONFIG_HOME" + set -x NNN_TMPFILE "$XDG_CONFIG_HOME/nnn/.lastd" + else + set -x NNN_TMPFILE "$HOME/.config/nnn/.lastd" + end + + command ${pkgs.nnn}/bin/nnn $argv + + if test -e $NNN_TMPFILE + source $NNN_TMPFILE + rm -- $NNN_TMPFILE + end + end + ''; + }; + + programs.bash = { + interactiveShellInit = '' + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + ''; + }; # https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell + + # Install some packages. + programs.git.enable = true; + + programs.neovim = { + enable = true; + defaultEditor = true; # Use neovim as default terminal editor. + configure = { + customRC = '' + set expandtab + set shiftwidth=2 + set tabstop=8 + set softtabstop=2 + set number + colorscheme kanagawa-dragon + ''; + packages.myVimPackage = with pkgs.vimPlugins; { + start = [ kanagawa-nvim ]; + }; + }; + }; + + environment.systemPackages = with pkgs; [ + aria2 + btop + lynx + ncdu + nnn + rsync + tmux + trash-cli + ]; + + # Enable avahi hostname resolution. + services.avahi = { + enable = true; + nssmdns4 = true; + }; +} \ No newline at end of file diff --git a/configuration.nix b/configuration/desktop.nix similarity index 73% rename from configuration.nix rename to configuration/desktop.nix index bb8fccb..38b139b 100755 --- a/configuration.nix +++ b/configuration/desktop.nix @@ -7,18 +7,6 @@ }: { - # NixOS version. - system.stateVersion = "25.05"; - - # Enable flakes. - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; - - # Allow unfree packages. - nixpkgs.config.allowUnfree = true; - # Configure the bootloader. boot = { # Enable secure boot. @@ -54,36 +42,9 @@ # Enable smart card support (for YubiKey). services.pcscd.enable = true; - # Define hostname. - networking.hostName = "muskduck"; - # Enable networking. networking.networkmanager.enable = true; - # Set time zone. - time.timeZone = "Australia/Perth"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_AU.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "en_AU.UTF-8"; - LC_IDENTIFICATION = "en_AU.UTF-8"; - LC_MEASUREMENT = "en_AU.UTF-8"; - LC_MONETARY = "en_AU.UTF-8"; - LC_NAME = "en_AU.UTF-8"; - LC_NUMERIC = "en_AU.UTF-8"; - LC_PAPER = "en_AU.UTF-8"; - LC_TELEPHONE = "en_AU.UTF-8"; - LC_TIME = "en_AU.UTF-8"; - }; - - # Configure keymap in X11. - services.xserver.xkb = { - layout = "us"; - variant = ""; - }; - # Define a user account. users.users.fern = { isNormalUser = true; @@ -150,35 +111,21 @@ # Install some packages. programs.steam.enable = true; - programs.git.enable = true; programs.firefox.enable = true; - programs.neovim = { - enable = true; - defaultEditor = true; # Use neovim as default terminal editor. - configure = { - customRC = '' - set expandtab - set shiftwidth=2 - set tabstop=8 - set softtabstop=2 - set number - colorscheme kanagawa-dragon - ''; - packages.myVimPackage = with pkgs.vimPlugins; { - start = [ kanagawa-nvim ]; - }; - }; - }; - environment.systemPackages = with pkgs; [ adwsteamgtk ansible celluloid discord feishin0_16_0.feishin + ghostty gimp3 glabels-qt + gnome-tweaks + gnomeExtensions.auto-move-windows + gnomeExtensions.rounded-window-corners-reborn + gnomeExtensions.smile-complementary-extension jellyfin-media-player libreoffice nixd # nix language server @@ -187,13 +134,8 @@ protonmail-desktop signal-desktop smile - yubioath-flutter - gnomeExtensions.rounded-window-corners-reborn - gnomeExtensions.smile-complementary-extension - gnomeExtensions.auto-move-windows - gnome-tweaks vscodium - ghostty + yubioath-flutter # PrismLauncher with temurin jre. (prismlauncher.override { @@ -215,9 +157,6 @@ # Enable gamemode service programs.gamemode.enable = true; - # Enable avahi hostname resolution. - services.avahi.nssmdns4 = true; - # Enable CUPS to print documents. services.printing.enable = true; diff --git a/configuration/vm.nix b/configuration/vm.nix new file mode 100755 index 0000000..529fe9d --- /dev/null +++ b/configuration/vm.nix @@ -0,0 +1,40 @@ +{ + # Configure the bootloader. + boot.loader.grub = { + enable = true; + device = "/dev/sda"; + }; + + # Define a user account. + users.users.docker = { + isNormalUser = true; + linger = true; + extraGroups = [ + "wheel" + "docker" + ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETPyuxUVEmYyEW6PVC6BXqkhULHd/RvMm8fMbYhjTMV fern@muskduck" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKzW4epTmK01kGVXcuAXUNJQPltnogf4uab9FA5m8S3n fern@pardalote" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEJYq1fMxVOzCMfE/td6DtWS8nUk76U9seYD3Z9RYAz u0_a399@fairywren" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMoJvPcUJDVVzO4dHROCFNlgJdDZSP5xyPx2s40zcx5QAAAABHNzaDo= YubiKey5NFC" + ]; + }; + + # Auto login + services.getty.autologinUser = "docker"; + + # Passwordless sudo + security.sudo.wheelNeedsPassword = false; + + # Enable all terminfo (for ghostty) + environment.enableAllTerminfo = true; + + # Enable SSH server + services.openssh.enable = true; + + # Enable docker + virtualisation.docker = { + enable = true; + }; +} diff --git a/flake.nix b/flake.nix index 967e3b5..188ff2a 100755 --- a/flake.nix +++ b/flake.nix @@ -31,12 +31,27 @@ }; modules = [ + { networking.hostName = "muskduck"; } + lanzaboote.nixosModules.lanzaboote nixos-hardware.nixosModules.lenovo-thinkpad-t480 - ./configuration.nix + ./configuration/common.nix + ./configuration/desktop.nix ./hardware-configuration/muskduck.nix # Include the results of the hardware scan. ]; }; + + nixosConfigurations.vm-minecraft = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + + modules = [ + { networking.hostName = "minecraft"; } + + ./configuration/common.nix + ./configuration/vm.nix + ./hardware-configuration/vm-minecraft.nix # Include the results of the hardware scan. + ]; + }; }; } diff --git a/hardware-configuration/muskduck.nix b/hardware-configuration/muskduck.nix index 367b9e3..d6505f9 100644 --- a/hardware-configuration/muskduck.nix +++ b/hardware-configuration/muskduck.nix @@ -1,7 +1,4 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ config, lib, modulesPath, ... }: { imports = @@ -28,13 +25,7 @@ swapDevices = [ ]; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/hardware-configuration/vm-minecraft.nix b/hardware-configuration/vm-minecraft.nix new file mode 100644 index 0000000..b6816e7 --- /dev/null +++ b/hardware-configuration/vm-minecraft.nix @@ -0,0 +1,35 @@ +{ lib, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/4d1a9488-acf2-456c-a435-cc96ecff8aba"; + fsType = "ext4"; + }; + + fileSystems."/home/docker/volumes" = + { device = "/dev/disk/by-uuid/e520aca6-6cad-483c-b855-f6409a8a6908"; + fsType = "ext2"; + }; + + fileSystems."/var/lib/docker" = + { device = "/dev/disk/by-uuid/fab223a4-78a1-4900-81a6-45d04325fdcf"; + fsType = "ext2"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/73916996-b863-4279-9fe5-ae2b3b773608"; } + ]; + + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} \ No newline at end of file