thiago/nix-conf
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: reinit

Browse source
This commit is contained in:
Thiago Sposito 2025-08-25 22:42:48 -03:00
parent 095e9f4f6b
commit 3027322470
Signed by: thiago
GPG key ID: 3065EA73A976D430
29 changed files with 1215 additions and 528 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/Nixbook/default.nix
View file

@ -48,7 +48,6 @@
neovim
nil
nixpkgs-fmt
rclone
wget
];

68
hosts/Nixbook/disko.nix
View file

@ -1,68 +0,0 @@
{ config, lib, ... }:
{
disko.devices = {
disk.main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
esp = {
size = "512M";
start = "1M";
type = "EF00";
label = "EFI";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
swap = {
size = "16G";
type = "8200";
label = "Swap";
content = {
type = "swap";
randomEncryption = false;
};
};
root = {
type = "8300";
label = "NixOS";
size = "870G";
content = {
type = "btrfs";
mountpoint = "/";
subvolumes = {
"@root" = {
mountpoint = "/";
};
"@nix" = {
mountpoint = "/nix";
};
"@home" = {
mountpoint = "/home";
};
"@log" = {
mountpoint = "/var/log";
};
};
extraArgs = [
"-L"
"nixos-root"
];
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
};
}

7
hosts/Nixbook/hardware-configuration.nix
View file

@ -1,8 +1,6 @@
{ config
, lib
, pkgs
, modulesPath
, inputs
, ...
}:
@ -25,6 +23,11 @@
extraModulePackages = [ ];
};
fileSystems."/" = {
device = "/dev/nvme0n1";
fsType = "btrfs";
};
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

58
hosts/Nixstation/default.nix
View file

@ -2,41 +2,30 @@
, ...
}:
{
imports = [
../common/default.nix
../common/keychron.nix
../common/network.nix
../common/nvidia/default.nix
../common/rclone.nix
../common/screen.nix
./hardware-configuration.nix
];
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
# kernelPackages = pkgs.linuxPackages_6_16;
};
environment = {
systemPackages = with pkgs; [
act
btrfs-progs
cudatoolkit
networkmanagerapplet
libwacom
wacomtablet
];
variables = {
NIXOS_HOST = "nixstation";
NIXOS_DE = "wayland";
};
sessionVariables = {
NIXOS_OZONE_WL = "1";
XDG_SESSION_TYPE = "wayland";
QT_QPA_PLATFORM = "wayland";
GDK_BACKEND = "wayland";
};
};
hardware = {
sane.enable = true;
graphics.enable = true;
@ -81,16 +70,25 @@
# };
dconf.enable = true;
hyprland = {
enable = true;
withUWSM = true;
xwayland.enable = true;
};
virt-manager.enable = true;
};
# security.pam.services.gdm.enableGnomeKeyring = true;
security.pam.services.gdm.enableGnomeKeyring = true;
security.rtkit.enable = true;
services = {
xserver = {
xkb = {
layout = "us";
variant = "alt-intl";
};
};
desktopManager.gnome.enable = true;
displayManager = {
gdm.enable = true;
gdm.wayland = true;
defaultSession = "gnome";
};
udev.packages = [ pkgs.libwacom ];
avahi = {
enable = true;
nssmdns4 = true;
@ -109,14 +107,6 @@
flatpak.enable = true;
greetd = {
enable = true;
settings.default_session = {
command = "${pkgs.hyprland}/bin/Hyprland";
user = "thiago";
};
};
pipewire = {
enable = true;
alsa.enable = true;
@ -124,6 +114,7 @@
pulse.enable = true;
};
};
systemd = {
services."getty@tty1".enable = false;
services."autovt@tty1".enable = false;
@ -149,7 +140,7 @@
};
};
};
system.stateVersion = "24.05"; # keep it!
system.stateVersion = "25.11"; # keep it!
time.timeZone = "America/Sao_Paulo";
virtualisation = {
vmware.host.enable = false;
@ -157,14 +148,13 @@
libvirtd = {
enable = true;
qemu.ovmf.enable = true;
qemu.package = pkgs.qemu_full;
# qemu.package = pkgs.qemu_full;
};
};
zramSwap = {
enable = true;
memoryPercent = 30;
memoryPercent = 25;
algorithm = "zstd";
};
}

32
hosts/Nixstation/hardware-configuration.nix
View file

@ -11,43 +11,42 @@
boot = {
initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"ehci_pci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
"xhci_pci"
];
kernelParams = [ "amd_pstate=active" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/df74093a-637d-41a5-8c6a-2bf2dccc1506";
device = "/dev/disk/by-uuid/07c4d31f-e1cd-4a02-8b3f-8c2bd2e0ce8d";
fsType = "btrfs";
options = [ "subvol=@" ];
};
"/home" = {
device = "/dev/disk/by-uuid/07c4d31f-e1cd-4a02-8b3f-8c2bd2e0ce8d";
fsType = "btrfs";
options = [ "subvol=@home" ];
};
"/boot" = {
device = "/dev/disk/by-uuid/E9BA-D1A3";
device = "/dev/disk/by-uuid/D2EA-469F";
fsType = "vfat";
options = [
"fmask=0022"
"dmask=0022"
"fmask=0077"
"dmask=0077"
];
};
"/mnt/hdd0" = {
device = "/dev/disk/by-uuid/940353dd-5774-4577-aba3-516d3f9c404d";
fsType = "btrfs";
options = [ "defaults" ];
};
};
swapDevices = [ ];
networking = {
@ -61,5 +60,4 @@
};
services.blueman.enable = true;
}

29
hosts/Nixtest/default.nix
View file

@ -1,29 +0,0 @@
{ pkgs, ... }:
{
imports = [
./disko.nix
];
networking.hostName = "Nixtest";
services = {
xserver.enable = true;
displayManager.sddm = {
enable = true;
};
openssh = {
enable = true;
settings = {
PermitRootLogin = "yes";
PasswordAuthentication = true;
};
};
};
environment.systemPackages = with pkgs; [
git
home-manager
];
system.stateVersion = "23.11";
}

58
hosts/Nixtest/disko.nix
View file

@ -1,58 +0,0 @@
{ config, lib, ... }:
{
disko.devices = {
disk.main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
esp = {
size = "128M";
start = "1M";
type = "EF00";
label = "EFI";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
type = "8300";
label = "NixOS";
size = "32G";
content = {
type = "btrfs";
mountpoint = "/";
subvolumes = {
"@root" = {
mountpoint = "/";
};
"@nix" = {
mountpoint = "/nix";
};
"@home" = {
mountpoint = "/home";
};
"@log" = {
mountpoint = "/var/log";
};
};
extraArgs = [
"-L"
"nixos-root"
];
mountOptions = [
"compress=zstd"
"noatime"
];
};
};
};
};
};
};
}

93
hosts/Nixtest/scripts/install_test.sh
View file

@ -1,93 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
### Configuration ###
# Find virtual images at: https://alpinelinux.org/downloads/ -> Virtual
ALPINE_VERSION="3.19.1"
ALPINE_ARCH="x86_64"
ALPINE_IMAGE_FILENAME="alpine-virt-${ALPINE_VERSION}-${ALPINE_ARCH}.iso"
ALPINE_IMAGE_URL="https://dl-cdn.alpinelinux.org/alpine/v$(echo $ALPINE_VERSION | cut -d. -f1-2)/releases/${ALPINE_ARCH}/${ALPINE_IMAGE_FILENAME}"
QEMU_MEM="2048"
QEMU_CPUS="2"
QEMU_SSH_HOST_PORT="2222"
QEMU_PID_FILE="qemu_test.pid"
TARGET_IP="127.0.0.1"
TARGET_PORT="${QEMU_SSH_HOST_PORT}"
TARGET_USER="root"
SSH_KEY_PUB="$HOME/.ssh/id_rsa.pub"
SSH_KEY_PRIV="$HOME/.ssh/id_rsa"
FLAKE_PATH="./#Nixtest"
### Helper Functions ###
cleanup_qemu() {
if [ -f "$QEMU_PID_FILE" ]; then
echo "🧹 Cleaning up previous QEMU instance..."
kill -- "-$(cat $QEMU_PID_FILE)" 2>/dev/null || kill "$(cat $QEMU_PID_FILE)" 2>/dev/null || true
rm -f "$QEMU_PID_FILE"
sleep 2
echo "🧹 Cleanup complete."
fi
}
launch_qemu_alpine() {
echo "🚀 Launching QEMU with Alpine Linux (${ALPINE_IMAGE_FILENAME})..."
qemu-system-x86_64 \
-m "${QEMU_MEM}" \
-smp "${QEMU_CPUS}" \
-enable-kvm \
-nic user,model=virtio-net-pci,hostfwd=tcp::${TARGET_PORT}-:22 \
-drive file="${ALPINE_IMAGE_FILENAME}",media=cdrom,readonly=on \
-boot d \
-display none \
-daemonize \
-pidfile "$QEMU_PID_FILE"
echo "⏳ Waiting for QEMU to boot and SSH to become available on port ${TARGET_PORT}..."
local max_wait=90
local waited=0
while ! ssh -p "${TARGET_PORT}" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ConnectTimeout=2 -o ConnectionAttempts=3 "${TARGET_USER}@${TARGET_IP}" exit >/dev/null 2>&1; do
sleep 3
waited=$((waited + 3))
if [ "$waited" -ge "$max_wait" ]; then
echo "❌ Timed out waiting for SSH on port ${TARGET_PORT}."
cat "$QEMU_PID_FILE"
cleanup_qemu
exit 1
fi
echo -n "."
done
echo
echo "✅ QEMU Alpine VM is up and SSH is ready on port ${TARGET_PORT}."
}
### Main Script ###
trap cleanup_qemu EXIT SIGINT SIGTERM
if [ ! -f "$ALPINE_IMAGE_FILENAME" ]; then
echo "⏬ Downloading Alpine image: ${ALPINE_IMAGE_FILENAME}..."
wget --progress=bar:force -O "$ALPINE_IMAGE_FILENAME" "$ALPINE_IMAGE_URL"
else
echo "✅ Alpine image found locally: ${ALPINE_IMAGE_FILENAME}"
fi
if [ ! -f "$SSH_KEY_PUB" ] || [ ! -f "$SSH_KEY_PRIV" ]; then
echo "❌ SSH key not found at $SSH_KEY_PRIV or $SSH_KEY_PUB"
echo " Please generate one using 'ssh-keygen' or specify the correct path."
exit 1
fi
echo "✅ Using SSH key: ${SSH_KEY_PRIV}"
cleanup_qemu
launch_qemu_alpine
# --- Installation logic will go here ---
echo "🏁 Test script placeholder finished. VM is running."
echo " PID: $(cat $QEMU_PID_FILE)"
echo " To connect: ssh -p ${TARGET_PORT} ${TARGET_USER}@${TARGET_IP}"

22
hosts/Nixtest/scripts/install_test_shell.nix
View file

@ -1,22 +0,0 @@
{ pkgs ? import <nixpkgs> { }
,
}:
pkgs.mkShell {
name = "nixos-anywhere-test-env";
packages = with pkgs; [
nix
nixos-anywhere
openssh
sshpass
qemu_full
wget
];
shellHook = ''
echo "Entered NixOS Anywhere Test Environment."
echo "Alpine image will be downloaded if needed."
echo "Run ./install_test.sh to start the QEMU VM and run the installation."
'';
}

4
hosts/common/default.nix
View file

@ -19,6 +19,7 @@
systemPackages = with pkgs; [
exfat
file
fuse3
gcsfuse
git
gnupg
@ -29,6 +30,7 @@
pcsc-safenet
pcsctools
pkcs11helper
rclone
sops
wget
zsa-udev-rules
@ -53,7 +55,7 @@
programs.zsh.enable = true;
services = {
pcscd.enable = true;
# xserver.displayManager.sessionCommands =
# xserver.displayManager.sessionCommands =
# "${pkgs.xorg.xmodmap}/bin/xmodmap -e 'keycode 64 = Alt_L'";
};

2
hosts/common/keychron.nix
View file

@ -2,8 +2,6 @@
{
services.xserver = {
enable = true;
xkb = {
layout = "custom-br";
variant = "";

44
hosts/common/nvidia/default.nix
View file

@ -1,13 +1,15 @@
{ config
, pkgs
, unstable
{ pkgs
, ...
}:
{
imports = [
# ./passthrough.nix
];
boot = {
kernelModules = [ "nvidia" ];
kernelParams = [ "nvidia-drm.modset=1" ];
blacklistedKernelModules = [ "nouveau" ];
};
hardware = {
graphics = {
enable = true;
@ -19,36 +21,36 @@
};
nvidia = {
modesetting.enable = true;
nvidiaSettings = true;
open = false;
package = pkgs.linuxPackages.nvidiaPackages.latest;
powerManagement.enable = false;
powerManagement.finegrained = false;
open = false; # keep it like that for now, unstable!!
nvidiaSettings = true;
package = unstable.linuxPackages.nvidiaPackages.latest;
};
};
services = {
sunshine = {
enable = false;
# autoStart = true;
# openFirewall = true;
package = pkgs.sunshine.overrideAttrs (old: {
cmakeFlags = (old.cmakeFlags or [ ]) ++ [
"-DSUNSHINE_ENABLE_CUDA=OFF"
"-DCUDA_FAIL_ON_MISSING=OFF"
];
});
desktopManager.gnome.enable = true;
displayManager = {
gdm.enable = true;
gdm.wayland = true;
defaultSession = "gnome";
};
xserver = {
enable = true;
videoDrivers = [ "nvidia" ];
};
};
nixpkgs.config.cudaSupport = true;
environment.systemPackages = with pkgs; [
mesa
cudaPackages.cuda_nvcc
cudaPackages.cudatoolkit
glxinfo
libepoxy
libglvnd
mesa
nvidia-container-toolkit
cudaPackages.cudatoolkit
cudaPackages.cuda_nvcc
];
}

12
hosts/common/rclone.nix
View file

@ -1,12 +0,0 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
rclone
fuse3 # Required for mounting
];
users.users.thiago = {
extraGroups = [ "fuse" ];
};
}

8
hosts/common/screen.nix
View file

@ -1,8 +0,0 @@
{ pkgs, ... }:
{
hardware.i2c.enable = true;
environment.systemPackages = with pkgs; [
ddcutil
ddcui
];
}

36
hosts/common/users/thiago/default.nix
View file

@ -7,24 +7,24 @@ in
isNormalUser = true;
initialPassword = "changeme";
extraGroups =
[
"networkmanager"
"wheel"
"scard"
]
++ ifTheyExist [
"wireshark"
"i2c"
"docker"
"git"
"libvirtd"
"libvirt"
"video"
"kvm"
"scanner"
"photos"
];
extraGroups = [
"fuse"
"networkmanager"
"scard"
"wheel"
]
++ ifTheyExist [
"docker"
"git"
"i2c"
"kvm"
"libvirt"
"libvirtd"
"photos"
"scanner"
"video"
"wireshark"
];
openssh.authorizedKeys.keyFiles = [
(builtins.fetchurl {
url = "https://github.com/sposito.keys";