tasiaiso/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

uu? rr?

Browse source
This commit is contained in:
Tasia Iso 2024-05-01 11:15:45 +02:00
parent 42148a2489
commit 4a238ff95b
Signed by: tasiaiso
SSH key fingerprint: SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw
8 changed files with 46 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
README.md
View file

@ -39,6 +39,8 @@ Build enry and upload a generation: TODO
- Fill out `configuration.nix` - Fill out `configuration.nix`
- add your key in `common/programs/ssh.nix`
- `sudo nixos-generate-config --show-hardware-config > hosts/$HOSTNAME/hardare-configuration.nix` - `sudo nixos-generate-config --show-hardware-config > hosts/$HOSTNAME/hardare-configuration.nix`
- `sudo nixos-rebuild switch --flake .#$HOSTNAME` - `sudo nixos-rebuild switch --flake .#$HOSTNAME`
@ -55,17 +57,18 @@ add to git: `git config --global user.signingkey ~/.ssh/id_ed25519`
- `google-authenticator -td -r 5 -R 60 -w 2` - `google-authenticator -td -r 5 -R 60 -w 2`
# Hosts
## theseus ## Hosts
### theseus
My main PC. Mostly unused because of power constraints My main PC. Mostly unused because of power constraints
## phoenix ### phoenix
My old laptop. My old laptop.
## stuff ### stuff
Another person's laptop. Another person's laptop.

22
common/hardware/amdgpu.nix
View file

@ -1,22 +0,0 @@
{pkgs, ...}: {
boot = {
initrd.kernelModules = ["amdgpu"];
# params for Sea Islands or smth
kernelParams = ["radeon.cik_support=0" "amdgpu.cik_support=1"];
};
hardware.opengl = {
enable = true;
## radv: an open-source Vulkan driver from freedesktop
driSupport = true;
driSupport32Bit = true;
## amdvlk: an open-source Vulkan driver from AMD
extraPackages = [pkgs.amdvlk];
extraPackages32 = [pkgs.driversi686Linux.amdvlk];
};
services.xserver.videoDrivers = ["amdgpu"];
}

5
common/hardware/btrfs.nix
View file

@ -3,6 +3,11 @@
pkgs, pkgs,
... ...
}: { }: {
boot.initrd.availableKernelModules = [
# Btrfs CRC hardware acceleration
"crc32c-intel"
];
services.btrfs.autoScrub = { services.btrfs.autoScrub = {
enable = true; enable = true;
interval = "monthly"; interval = "monthly";

7
common/programs/zsh.nix
View file

@ -5,12 +5,6 @@
autosuggestions.enable = true; autosuggestions.enable = true;
syntaxHighlighting.enable = true; syntaxHighlighting.enable = true;
shellAliases = {
ll = "ls -al";
done = "curl -d 'Done' ntfy.sh/tasiaiso_done";
rebuild = "sudo nixos-rebuild switch -flake -I nixos-config=/home/tasia/Desktop/nixos-config"; # .#hostname
};
ohMyZsh = { ohMyZsh = {
enable = true; enable = true;
plugins = [ plugins = [
@ -19,5 +13,6 @@
theme = "robbyrussell"; theme = "robbyrussell";
}; };
}; };
users.defaultUserShell = pkgs.zsh; users.defaultUserShell = pkgs.zsh;
} }

25
common/services/auditd.nix
View file

@ -1,8 +1,19 @@
{ {pkgs, ...}: {
security.auditd.enable = true; security = {
security.audit.enable = true; audit = {
# security.audit.rules = [ enable = true;
# "-a exit,always -F arch=b64 -S execve"
# ]; rules = [
# You can monitor these logs with journalctl -f. If you don't see any audit logs show up, ssh in from another window and run some commands like ls. You should see a flurry of them show up. "-a exit,always -F arch=b64 -S execve"
# "-w /etc/passwd -p wa -k passwd_changes"
# "-w /home/tasia -p wa -k home_changes"
];
};
auditd.enable = true;
};
environment.systemPackages = with pkgs; [
audit
];
} }

8
common/services/usbguard.nix
View file

@ -17,12 +17,8 @@
allow id 8087:0025 serial "" name "" allow id 8087:0025 serial "" name ""
# USB Drives # USB Drives
allow id 0951:1666 serial "D067E5161936F420A61181ED" name "DataTraveler 3.0" # ISO USB
## ISO USB allow id 346d:5678 serial "FC081FF86A47A" name "Disk 20" # TAILS USB
allow id 0951:1666 serial "D067E5161936F420A61181ED" name "DataTraveler 3.0"
## TAILS USB
allow id 346d:5678 serial "FC081FF86A47A" name "Disk 20"
# Peripherals # Peripherals
allow id 046d:c08b serial "178D316C3832" name "G502 HERO Gaming Mouse" allow id 046d:c08b serial "178D316C3832" name "G502 HERO Gaming Mouse"

12
home/tasia/home.nix
View file

@ -23,6 +23,18 @@
".librewolf/librewolf.overrides.cfg".source = ../../dotfiles/librewolf.overrides.cfg; ".librewolf/librewolf.overrides.cfg".source = ../../dotfiles/librewolf.overrides.cfg;
}; };
home.shellAliases = {
e = "nvim";
ee = "nvim $(fzf)";
g = "git";
l = "ls";
lg = "lazygit";
ll = "ls -al";
done = "curl -d 'Done' ntfy.sh/tasiaiso_done";
rebuild = "sudo nixos-rebuild switch --flake .#$(cat /etc/hostname)";
};
home.packages = with pkgs; [ home.packages = with pkgs; [
# Development # Development
rustc rustc

10
hosts/yaseen/configuration.nix
View file

@ -28,6 +28,7 @@ in {
../../common/components/de/hyprland.nix ../../common/components/de/hyprland.nix
../../common/programs/steam.nix ../../common/programs/steam.nix
../../common/services/auditd.nix
../../common/services/adguardhome.nix ../../common/services/adguardhome.nix
../../common/services/syncthing.nix ../../common/services/syncthing.nix
../../common/services/usbguard.nix ../../common/services/usbguard.nix
@ -37,11 +38,6 @@ in {
../../home/tasia/home.nix ../../home/tasia/home.nix
]; ];
boot.initrd.availableKernelModules = [
# Btrfs CRC hardware acceleration
"crc32c-intel"
];
networking = { networking = {
hostName = "yaseen"; hostName = "yaseen";
@ -90,10 +86,6 @@ in {
# inputs.nix-software-center.packages.${system}.nix-software-center # inputs.nix-software-center.packages.${system}.nix-software-center
]; ];
virtualisation.virtualbox.host.enable = true;
services.blueman.enable = true;
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "23.11"; system.stateVersion = "23.11";
} }