From b9590201e7297df0d3676af222268777ce40c14a Mon Sep 17 00:00:00 2001 From: Fern Garden Date: Sat, 28 Jun 2025 11:33:10 +0800 Subject: [PATCH] First commit --- .gitignore | 1 + configuration.nix | 178 ++++++++++++++++++++++++++++++++++ flake.lock | 238 ++++++++++++++++++++++++++++++++++++++++++++++ flake.nix | 40 ++++++++ 4 files changed, 457 insertions(+) create mode 100644 .gitignore create mode 100755 configuration.nix create mode 100755 flake.lock create mode 100755 flake.nix diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..662d9a5 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +**/hardware-configuration.nix \ No newline at end of file diff --git a/configuration.nix b/configuration.nix new file mode 100755 index 0000000..f9a0426 --- /dev/null +++ b/configuration.nix @@ -0,0 +1,178 @@ +{ + pkgs, + lib, + fluffychat2, + feishin0_16_0, + ... +}: + +{ + # Include the results of the hardware scan. + imports = [ ./hardware-configuration.nix ]; + + # NixOS version. + system.stateVersion = "25.05"; + + # Enable flakes. + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + + # Allow unfree packages. + nixpkgs.config.allowUnfree = true; + + # Configure the bootloader. + boot = { + # Enable secure boot. + bootspec.enable = true; + initrd.systemd.enable = true; + loader.systemd-boot.enable = lib.mkForce false; + loader.efi.canTouchEfiVariables = true; + + lanzaboote = { + enable = true; + pkiBundle = "/var/lib/sbctl"; + }; + + # Enable quiet boot with splash + plymouth.enable = true; + consoleLogLevel = 3; + initrd.verbose = false; + kernelParams = [ + "quiet" + "splash" + "boot.shell_on_fail" + "udev.log_priority=3" + "rd.systemd.show_status=auto" + ]; + }; + + # Enable firmware updates. + services.fwupd.enable = true; + + # Define hostname. + networking.hostName = "muskduck"; + + # Enable networking. + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "Australia/Perth"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_AU.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_AU.UTF-8"; + LC_IDENTIFICATION = "en_AU.UTF-8"; + LC_MEASUREMENT = "en_AU.UTF-8"; + LC_MONETARY = "en_AU.UTF-8"; + LC_NAME = "en_AU.UTF-8"; + LC_NUMERIC = "en_AU.UTF-8"; + LC_PAPER = "en_AU.UTF-8"; + LC_TELEPHONE = "en_AU.UTF-8"; + LC_TIME = "en_AU.UTF-8"; + }; + + # Configure keymap in X11. + services.xserver.xkb = { + layout = "us"; + variant = ""; + }; + + # Define a user account. + users.users.fern = { + isNormalUser = true; + description = "Fern Garden"; + extraGroups = [ + "networkmanager" + "wheel" + ]; + }; + + # Use fish shell. + programs.bash = { + interactiveShellInit = '' + if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] + then + shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" + exec ${pkgs.fish}/bin/fish $LOGIN_OPTION + fi + ''; + }; + + # Enable the GNOME Desktop Environment. + services.xserver = { + enable = true; + + excludePackages = with pkgs; [ + xterm + ]; + + displayManager.gdm.enable = true; + + desktopManager.gnome = { + enable = true; + # Enable fractional scaling. + extraGSettingsOverridePackages = [ pkgs.mutter ]; + extraGSettingsOverrides = '' + [org.gnome.mutter] + experimental-features=['scale-monitor-framebuffer'] + ''; + }; + }; + + # Run electron apps under wayland. + environment.sessionVariables.NIXOS_OZONE_WL = "1"; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable sound with pipewire. + services.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + # Enable CPU frequency scaling management. + services.power-profiles-daemon.enable = lib.mkForce false; # enabled by gnome + services.tlp.enable = lib.mkForce false; # enabled by nixos-hardware + services.auto-cpufreq.enable = true; + + # Install some packages + programs.git.enable = true; + programs.firefox.enable = true; + programs.gamemode.enable = true; + programs.nautilus-open-any-terminal = { enable = true; terminal = "ghostty"; }; + programs.steam.enable = true; + + environment.systemPackages = with pkgs; [ + adwsteamgtk + bitwarden-desktop + discord + feishin0_16_0.feishin + filezilla + fluffychat2.fluffychat + ghostty + gimp3 + glabels-qt + gnomeExtensions.rounded-window-corners-reborn + gnomeExtensions.smile-complementary-extension + jellyfin-media-player + libreoffice + nixd # nix language server + nixfmt-rfc-style # nix language formatter + obsidian + prismlauncher + protonmail-desktop + signal-desktop + smile + vscodium + yubioath-flutter + ]; +} \ No newline at end of file diff --git a/flake.lock b/flake.lock new file mode 100755 index 0000000..2f4ef85 --- /dev/null +++ b/flake.lock @@ -0,0 +1,238 @@ +{ + "nodes": { + "crane": { + "locked": { + "lastModified": 1750266157, + "narHash": "sha256-tL42YoNg9y30u7zAqtoGDNdTyXTi8EALDeCB13FtbQA=", + "owner": "ipetkov", + "repo": "crane", + "rev": "e37c943371b73ed87faf33f7583860f81f1d5a48", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "feishin0_16_0": { + "locked": { + "lastModified": 1751035407, + "narHash": "sha256-tOxxFvVNm32aBPnbL6ZhI/pGz37g3k5eWFuK5VGZozQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d2640b432989f5760465b53a975fc2f963b13b0f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "pull/414929/head", + "repo": "nixpkgs", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1747046372, + "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1749398372, + "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "fluffychat2": { + "locked": { + "lastModified": 1750820161, + "narHash": "sha256-V3Q60wrOXfxz5TLLGLmbUICNFJZ7t+gOdTs5WQuXV5E=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "259c082aaefc711d4bfdec316b2b8d6639e25b06", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "pull/419632/head", + "repo": "nixpkgs", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "lanzaboote": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat", + "flake-parts": "flake-parts", + "nixpkgs": "nixpkgs", + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "rust-overlay": "rust-overlay" + }, + "locked": { + "lastModified": 1750866260, + "narHash": "sha256-fo5NvfutMEw9OV+5rGYuCKjlNNjcnD3cKMbOfzusO/E=", + "owner": "nix-community", + "repo": "lanzaboote", + "rev": "f40a3401f86d117affeeb8ca6f0ce5cd1ca3cc24", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "lanzaboote", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1750837715, + "narHash": "sha256-2m1ceZjbmgrJCZ2PuQZaK4in3gcg3o6rZ7WK6dr5vAA=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "98236410ea0fe204d0447149537a924fb71a6d4f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1750576544, + "narHash": "sha256-8myT+IxNWIB1B66NNDzQCXc5apy6pIXLW49m4qCRHFs=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e2d9c5bd3cd01115da3fc48c5d46b508a2c5deb1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable-small", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1750838302, + "narHash": "sha256-aVkL3/yu50oQzi2YuKo0ceiCypVZpZXYd2P2p1FMJM4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "7284e2decc982b81a296ab35aa46e804baaa1cfe", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1749636823, + "narHash": "sha256-WUaIlOlPLyPgz9be7fqWJA5iG6rHcGRtLERSCfUDne4=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "623c56286de5a3193aa38891a6991b28f9bab056", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, + "root": { + "inputs": { + "feishin0_16_0": "feishin0_16_0", + "fluffychat2": "fluffychat2", + "lanzaboote": "lanzaboote", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs_2" + } + }, + "rust-overlay": { + "inputs": { + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1750560265, + "narHash": "sha256-jQCojKl1/TzqE6ANOu6rP2qqxOcGK2xs6hpxZ77wrR8=", + "owner": "oxalica", + "repo": "rust-overlay", + "rev": "076fdb0d45a9de3f379a626f51a62c78afe7efb1", + "type": "github" + }, + "original": { + "owner": "oxalica", + "repo": "rust-overlay", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100755 index 0000000..fe2480c --- /dev/null +++ b/flake.nix @@ -0,0 +1,40 @@ +{ + description = "NixOS System Configuration"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; # Stable nixpkgs. + lanzaboote.url = "github:nix-community/lanzaboote"; # Secure boot. + nixos-hardware.url = "github:NixOS/nixos-hardware"; # Hardware specific config. + + # Updated packages. + fluffychat2.url = "github:NixOS/nixpkgs?ref=pull/419632/head"; # FluffyChat 2.0.0 + feishin0_16_0.url = "github:NixOS/nixpkgs?ref=pull/414929/head"; # Feishin 0.16.0 + }; + + outputs = + inputs@{ + self, + nixpkgs, + lanzaboote, + nixos-hardware, + fluffychat2, + feishin0_16_0, + ... + }: + { + nixosConfigurations.muskduck = nixpkgs.lib.nixosSystem rec { + system = "x86_64-linux"; + + specialArgs = { + fluffychat2 = import fluffychat2 { inherit system; }; + feishin0_16_0 = import feishin0_16_0 { inherit system; }; + }; + + modules = [ + lanzaboote.nixosModules.lanzaboote + nixos-hardware.nixosModules.lenovo-thinkpad-t480 + ./configuration.nix + ]; + }; + }; +}