nx2/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor

Browse Source
This commit is contained in:
Lennart J. Kurzweg (Nx2)
2025-06-18 15:31:01 +02:00
parent 04dcba2d3f
commit d6d4a1f3b5
27 changed files with 243 additions and 276 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
configuration.nix
View File

@@ -1,44 +1,44 @@
{ pkgs, ... }@all: with all;
{ ... }@all: with all;
{
imports = [
inputs.sops-nix.nixosModules.sops
./system-modules/adb.nix
./system-modules/auto-mount.nix
./system-modules/boot.nix
./system-modules/tz.nix
./system-modules/bluetooth.nix
./system-modules/boot.nix
./system-modules/calendar.nix
./system-modules/dm.nix
./system-modules/docker.nix
./system-modules/fcitx5.nix
./system-modules/fonts.nix
./system-modules/fonts.nix
./system-modules/fuse.nix
./system-modules/fuse.nix
./system-modules/games.nix
./system-modules/gc.nix
./system-modules/gc.nix
./system-modules/gpg.nix
./system-modules/hardware-configuration.nix
./system-modules/hardware-configuration.nix
./system-modules/health_reminder.nix
./system-modules/hsmw.nix
./system-modules/kanata.nix
./system-modules/terminal.nix
./system-modules/kodi.nix
./system-modules/networking.nix
./system-modules/nixd.nix
./system-modules/nvidia.nix
./system-modules/nvidia.nix
./system-modules/ollama.nix
./system-modules/qmk.nix
./system-modules/scanning.nix
./system-modules/sops.nix
./system-modules/sound.nix
./system-modules/sound.nix
./system-modules/sshd.nix
./system-modules/base-packages.nix
./system-modules/input.nix
./system-modules/syncthing.nix
./system-modules/tuda.nix
./system-modules/users.nix
./system-modules/gui.nix
./system-modules/editor.nix
./system-modules/printing.nix
./system-modules/security.nix
./system-modules/users.nix
./system-modules/virtualisation.nix
./system-modules/ydotool.nix
@@ -48,110 +48,20 @@
./system-modules/postgres.nix
./system-modules/nx2site/proxy.nix
./system-modules/nx2site/audiobookshelf.nix
# ./system-modules/nx2site/dyn_dns.nix
./system-modules/nx2site/gitea.nix
./system-modules/nx2site/open-web-calendar.nix
./system-modules/nx2site/radicale.nix
# ./system-modules/nx2site/nextcloud.nix
./system-modules/nx2site/vaultwarden.nix
./system-modules/nx2site/paperless.nix
./system-modules/calendar-publish.nix
./system-modules/calendar-lec.nix
./system-modules/calendar-lr.nix
./system-modules/calendar-dicos.nix
./system-modules/calendar/publish.nix
./system-modules/calendar/lec.nix
./system-modules/calendar/lr.nix
./system-modules/calendar/dicos.nix
] else [
]);
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console.font = "Lat2-Terminus16";
console.keyMap = "de";
services.xserver = {
enable = true;
xkb = {
layout = "de";
options = "eurosign:e,caps:escape";
};
# lightdm in lightdm.nix
};
# Enable CUPS to print documents.
services.printing.enable = true;
# rtkit is optional but recommended
security.rtkit.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
services.libinput.enable = true;
hardware.uinput.enable = true;
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
package = pkgs.bluez5-experimental;
settings.Policy.AutoEnable = "true";
settings.General.Enable = "Source,Sink,Media,Socket";
};
services.blueman.enable = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; ([
git
git-crypt
lazygit # home-manager module is bugged
wget
curlHTTP3
zip
unzip
p7zip
unar
nano
htop
direnv
openssl
blueman
dmidecode
file
parallel
]);
environment.variables = {
EDITOR = "hx";
VISUAL = "hx";
};
programs.hyprland = {
# config is done with home-manager
enable = true;
xwayland.enable = true;
};
systemd.extraConfig = "DefaultLimitNOFILE=2048";
boot.tmp.useTmpfs = false;
system.stateVersion = pkgs.version;
# nixpkgs.pkgs = pkgs;
nix = {
settings = {
experimental-features = [ "nix-command" "flakes" ];
substitute = true;
substituters = [
"https://yazi.cachix.org"
];
trusted-public-keys = [
"yazi.cachix.org-1:Dcdz63NZKfvUCbDGngQDAZq6kOroIrFoyO064uvLh8k="
];
};
};
system.stateVersion = hyper.pkgs-version;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
programs.bash.shellInit = ''
source $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh
'';

4
flake.nix
View File

@@ -34,7 +34,7 @@
pkgs-version = "25.05";
};
pkgs = builtins.removeAttrs (import nixpkgs {
pkgs = import nixpkgs {
inherit system config;
overlays = [
(final: prev: {
@@ -43,7 +43,7 @@
version = "25.05";
})
];
}) [ "hyper" "host" ]; # this removes the programs from pkgs so I can use the variable name
};
nvidia-base = import ./flake-modules/nvidia.nix;
secrets = import ./git-crypt/secrets.nix;

3
home-modules/nx2site-backup.nix
View File

@@ -59,8 +59,7 @@
echo "Backup and encryption complete: $DESTINATION"
echo "Space remaining:"
df -h | head -n 1
df -h | grep -P "^/dev.+? "
dysk
'';
})
];

15
home-modules/pkgs-list/desktop.nix Normal file
View File

@@ -0,0 +1,15 @@
{ pkgs, ... }@all: with all; {
home.packages = with pkgs; [
brightnessctl
blueman
fontpreview
gsettings-desktop-schemas
imv
pavucontrol
# playerctl
swww
wev
wl-clipboard
xclip
];
}

16
home-modules/pkgs-list/programs.nix Normal file
View File

@@ -0,0 +1,16 @@
{ pkgs, hyper, ... }: {
home.packages = with pkgs; [
chromium
element-desktop
mpv
qbittorrent
unstable.spotify
wl-clipboard
xfce.thunar
] ++ (if (hyper.host != "NxACE") then [
signal-desktop
obsidian
zoom-us
inkscape
] else []);
}

4
home-modules/pkgs-list/shell.nix
View File

@@ -1,8 +1,6 @@
{ pkgs, ... }@all: with all;
{
{ pkgs, ... }@all: with all; {
home.packages = with pkgs; [
bat
browsh
cmake
dig
du-dust

3
home-modules/waybar.nix
View File

@@ -1,5 +1,4 @@
{ pkgs, ... }@all: with all;
let
{ pkgs, hyper, ... }@all: with all; let
sep = " ";
in {
sops.secrets = {

32
home-modules/xdg.nix Normal file
View File

@@ -0,0 +1,32 @@
{ pkgs, ... }@all: with all; {
xdg = {
enable = true;
configHome = "${hyper.home}.config";
cacheHome = "${hyper.home}.cache";
dataHome = "${hyper.home}.local/share";
stateHome = "${hyper.home}.local/state";
mimeApps = {
enable = true;
defaultApplications = let
browser = "firefox.desktop";
image = "imv.desktop";
in {
"default-web-browser" = [ browser ];
"text/html" = [ browser ];
"text/htm" = [ browser ];
"x-scheme-handler/http" = [ browser ];
"x-scheme-handler/https" = [ browser ];
"x-scheme-handler/about" = [ browser ];
"x-scheme-handler/unknown" = [ browser ];
"x-scheme-handler/mailto" = "thunderbird.desktop";
"image/png" = image;
"image/jpg" = image;
"image/jpeg" = image;
"image/webp" = image;
"image/gif" = image;
"application/pdf" = "zathura.desktop";
"inode/directory" = "thunar.desktop";
};
};
};
}

94
home.nix
View File

@@ -27,7 +27,6 @@
./home-modules/latex.nix
./home-modules/mako.nix
# ./home-modules/matrix.nix
# ./home-modules/nm.nix
./home-modules/nh.nix
./home-modules/nixd.nix
./home-modules/nvidia.nix
@@ -36,6 +35,9 @@
./home-modules/office.nix
./home-modules/ollama.nix
./home-modules/pandoc.nix
./home-modules/pkgs-list/desktop.nix
./home-modules/pkgs-list/programs.nix
./home-modules/pkgs-list/shell.nix
./home-modules/pnx.nix
./home-modules/programming/c.nix
./home-modules/programming/gleam.nix
@@ -57,6 +59,7 @@
./home-modules/wallpaper-to-colors.nix
./home-modules/waybar.nix
./home-modules/wlogout.nix
./home-modules/xdg.nix
./home-modules/yazi.nix
./home-modules/zathura.nix
./home-modules/zoxide.nix
@@ -68,94 +71,5 @@
# home.homeDirectory = hyper.home; # for some reason you cant use hyper.home here
home.homeDirectory = "/home/${hyper.user}";
home.stateVersion = hyper.pkgs-version;
home.packages = with pkgs; [
bat
brightnessctl
browsh
chromium
cmake
dig
du-dust
exiftool
eza
element-desktop
ffmpeg
figlet
fontpreview
fzf
glib
glow
gnumake
gsettings-desktop-schemas
imagemagick
imv
jq
lolcat
lynx
mediainfo
mpv
neofetch
pavucontrol
pdfgrep
piper-tts
pipes
playerctl
pv
qbittorrent
reflex
ripgrep
screen
spicetify-cli
sssnake
swww
systemctl-tui
tldr
unstable.spotify
w3m
wev
wl-clipboard
xclip
xfce.thunar
yt-dlp
] ++ (if (hyper.host != "NxACE") then [
signal-desktop
obsidian
zoom-us
inkscape
] else []);
xdg = {
enable = true;
configHome = "${hyper.home}.config";
cacheHome = "${hyper.home}.cache";
dataHome = "${hyper.home}.local/share";
stateHome = "${hyper.home}.local/state";
mimeApps = {
enable = true;
defaultApplications = let
browser = "firefox.desktop";
in {
"default-web-browser" = [ browser ];
"text/html" = [ browser ];
"text/htm" = [ browser ];
"x-scheme-handler/http" = [ browser ];
"x-scheme-handler/https" = [ browser ];
"x-scheme-handler/about" = [ browser ];
"x-scheme-handler/unknown" = [ browser ];
"x-scheme-handler/mailto" = "thunderbird.desktop";
"image/png" = "imv.desktop";
"image/jpg" = "imv.desktop";
"image/jpeg" = "imv.desktop";
"image/webp" = "imv.desktop";
"image/gif" = "imv.desktop";
"application/pdf" = "zathura.desktop";
"inode/directory" = "thunar.desktop";
};
};
};
# Wayland, X, etc. support for session vars
# systemd.user.sessionVariables = home.sessionVariables;
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}

19
system-modules/base-packages.nix Normal file
View File

@@ -0,0 +1,19 @@
{ pkgs, ... }: {
environment.systemPackages = with pkgs; ([
git
git-crypt
lazygit # home-manager module is bugged
wget
curlHTTP3
zip
unzip
p7zip
unar
vim
htop
openssl
dmidecode
file
]);
}

10
system-modules/bluetooth.nix Normal file
View File

@@ -0,0 +1,10 @@
{ pkgs, ... }@all: with all; {
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
package = pkgs.bluez5-experimental;
settings.Policy.AutoEnable = "true";
settings.General.Enable = "Source,Sink,Media,Socket";
};
services.blueman.enable = true;
}

44
system-modules/boot.nix
View File

@@ -7,16 +7,9 @@ let
rev = "0.5.0";
hash = "sha256-e+55NYsSsWY6GPbYUtdVEB9krueuCAWT3Ce/Ghops1g=";
});
in
{
imports = if hyper.host == "NxNORTH" then [
inputs.lanzaboote.nixosModules.lanzaboote
] else [];
config = if hyper.host == "NxNORTH" then {
# I have to boot with secureboot becasue of the chinese spyware called Vanguard
device-boot = if hyper.host == "NxNORTH" then {
kernelPackages = pkgs.linuxPackages_zen;
environment.systemPackages = with pkgs; [ sbctl ];
boot = {
lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
@@ -26,14 +19,11 @@ in
consoleMode = "max";
configurationLimit = 10;
};
kernelPackages = pkgs.linuxPackages_zen;
} else if hyper.host == "NxXPS" then {
kernelPackages = pkgs.linuxPackages_latest;
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
kernelModules = [ "v4l2loopback" ];
extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1'';
};
security.polkit.enable = true;
} else if hyper.host == "NxXPS" then {
boot = {
extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS VCam" exclusive_caps=1'';
loader = {
efi.canTouchEfiVariables = true;
grub = {
@@ -55,22 +45,26 @@ in
'';
};
};
kernelPackages = pkgs.linuxPackages_latest;
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
kernelModules = [ "v4l2loopback" ];
extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS VCam" exclusive_caps=1'';
};
} else { # NxACE
boot = {
} else if hyper.host == "NxACE" then {
kernelPackages = pkgs.linuxPackages_6_12;
loader = {
efi.canTouchEfiVariables = true;
grub = {
enable = true;
device = "nodev";
devices = [];
efiSupport = true;
};
};
kernelPackages = pkgs.linuxPackages_6_12;
};
};
} else assert 1 == "Unknown host"; {};
in {
imports = if hyper.host == "NxNORTH" then [
inputs.lanzaboote.nixosModules.lanzaboote
] else [];
config.boot = {
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
kernelModules = [ "v4l2loopback" ];
extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1'';
tmp.useTmpfs = false;
} // device-boot;
}

11
system-modules/cache.nix Normal file
View File

@@ -0,0 +1,11 @@
{ ... }: {
nix.settings = {
substitute = true;
substituters = [
"https://yazi.cachix.org"
];
trusted-public-keys = [
"yazi.cachix.org-1:Dcdz63NZKfvUCbDGngQDAZq6kOroIrFoyO064uvLh8k="
];
};
}

0
system-modules/calendar-dicos.nix → system-modules/calendar/dicos.nix
View File

0
system-modules/calendar-lec.nix → system-modules/calendar/lec.nix
View File

0
system-modules/calendar-lr.nix → system-modules/calendar/lr.nix
View File

6
system-modules/calendar-publish.nix → system-modules/calendar/publish.nix
View File

@@ -1,9 +1,7 @@
{ pkgs, ... }@all: with all;
let
{ pkgs, hyper, ... }@all: with all; let
radicale-root = "/var/lib/radicale";
web-root = "/var/nginx/webroot";
in
{
in {
systemd.timers."nx_cal_publish" = {
enable = true;
wantedBy = [ "timers.target" ];

12
system-modules/editor.nix Normal file
View File

@@ -0,0 +1,12 @@
{ pkgs, ... }: {
environment = {
variables = {
EDITOR = "hx";
VISUAL = "hx";
};
systemPackages = with pkgs; [
helix
vim
];
};
}

7
system-modules/gui.nix Normal file
View File

@@ -0,0 +1,7 @@
{ ... }: {
programs.hyprland = {
enable = true;
xwayland.enable = true;
};
services.xserver.enable = true;
}

11
system-modules/input.nix Normal file
View File

@@ -0,0 +1,11 @@
{ ... }: {
services = {
xserver.xkb = {
layout = "de";
options = "eurosign:e,caps:escape";
};
libinput.enable = true;
};
hardware.uinput.enable = true;
}

3
system-modules/nx2site/nextcloud.nix
View File

@@ -1,4 +1,4 @@
{ config, hyper, ... }:
{ pkgs, ...}@all: with all;
{
sops.secrets = {
"nx2site/nextcloud/admin-pass" = { owner = "nextcloud"; };
@@ -9,6 +9,7 @@
services = {
nextcloud = {
enable = true;
package = pkgs.nextcloud;
hostName = "nc.${hyper.domain}";
https = true;
configureRedis = true;

2
system-modules/nx2site/proxy.nix
View File

@@ -1,4 +1,4 @@
{ config, hyper, pkgs, ... }:
{ pkgs, ...}@all: with all;
{
sops.secrets = {
"nx2site/sslCertificate.pem" = { owner = config.services.nginx.user; };

3
system-modules/nx2site/radicale.nix
View File

@@ -1,4 +1,4 @@
{ config, hyper, ... }:
{ pkgs, ...}@all: with all;
{
sops.secrets = {
"nx2site/radicale/htpasswd" = {
@@ -10,6 +10,7 @@
radicale = {
# is run by user radicale
enable = true;
package = pkgs.radicale;
settings = {
server.hosts = let
port = builtins.toString 5232;

3
system-modules/printing.nix Normal file
View File

@@ -0,0 +1,3 @@
{ ... }: {
services.printing.enable = true; # CUPS
}

6
system-modules/security.nix Normal file
View File

@@ -0,0 +1,6 @@
{ ... }: {
security = {
polkit.enable = true;
rtkit.enable = true;
};
}

7
system-modules/terminal.nix Normal file
View File

@@ -0,0 +1,7 @@
{ pkgs, ... }@all: with all; {
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "de";
};
}

4
system-modules/tz.nix Normal file
View File

@@ -0,0 +1,4 @@
{ ... }: {
time.timeZone = "Europe/Berlin";
}