leon/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: leon:main
Branches Tags
leon:main
leon:multisystem
...
pull from: leon:multisystem
Branches Tags
leon:main
leon:multisystem

2 Commits
main ... multisyste

Author SHA1 Message Date
Leon Wilzer
ae304c6902 update 2024-12-25 16:28:38 +01:00
Leon Wilzer
d341f7280b multisystem init 2024-12-05 20:09:11 +01:00
4 changed files with 87 additions and 71 deletions
Show Stats Expand all files Collapse all files

93
configuration.nix
View File

@ -30,7 +30,7 @@ in
# "ddcci-driver" # Brightness Controll (even on OLEDS)
# "i2c-dev" # Brightness Controll (even on OLEDS)
#];
kernelParams = [ "module_blacklist=i915" "nvidia_drm.modeset=1" ];
#kernelParams = [ "module_blacklist=i915" "nvidia_drm.modeset=1" ];
#kernelPatches = [ {
# name = "hdr";
# patch = null;
@ -38,15 +38,21 @@ in
# AMD_PRIVATE_COLOR y
# '';
# } ];
extraModprobeConfig = ''
options nvidia_drm modes.et=1 fbdev=1
options nvidia NVreg_PreserveVideoMemoryAllocations=1
'';
#extraModprobeConfig = ''
# options nvidia_drm modes.et=1 fbdev=1
# options nvidia NVreg_PreserveVideoMemoryAllocations=1
#'';
loader = {
efi.canTouchEfiVariables = true;
systemd-boot = {
consoleMode = "max";
memtest86.enable = true;
efi.efiSysMountPoint = "/boot";
#systemd-boot = {
# consoleMode = "max";
# memtest86.enable = true;
#};
grub = {
enable = true;
efiSupport = true;
device = "nodev";
};
};
initrd.systemd.enable = true;
@ -55,11 +61,11 @@ in
# Filesystems
fileSystems =
{
"/share" = {
options = [
"nofail"
];
};
#"/share" = {
# options = [
# "nofail"
# ];
#};
};
# Graphics
@ -67,19 +73,26 @@ in
graphics = {
enable = true;
enable32Bit = true;
extraPackages = with pkgs; [
vpl-gpu-rt # newer gpus
intel-media-sdk # older gpus
];
};
nvidia = {
modesetting.enable = true; # required
powerManagement.enable = false; # Experimental
open = false; # Support limited to Turing and later: https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
nvidiaSettings = true; # accessible via nvidia-settings
package = config.boot.kernelPackages.nvidiaPackages.stable;
};
bluetooth.enable = true;
#nvidia = {
# modesetting.enable = true; # required
# powerManagement.enable = false; # Experimental
# open = false; # Support limited to Turing and later: https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
# nvidiaSettings = true; # accessible via nvidia-settings
# package = config.boot.kernelPackages.nvidiaPackages.stable;
#};
};
networking =
{
hostName = "Zuse1"; # Define your hostname.
hostName = "Zuse2"; # Define your hostname
networkmanager.enable = true;
wireless.userControlled.enable = true;
#nameservers = [
# "127.0.0.1"
# "::1"
@ -117,13 +130,13 @@ networking =
services.xserver = {
enable = true;
videoDrivers = [ "nvidia" ];
#videoDrivers = [ "nvidia" ];
excludePackages = with pkgs; [
xterm # why the fuck is this garbage even shipped?
];
# Configure keymap in X11
xkb.layout = "us";
xkb.layout = "de";
xkb.options = "eurosign:e,caps:escape";
# DWM (minimal Xorg Fallback)
@ -159,6 +172,9 @@ services.gnome.gnome-keyring.enable = true;
security.pam.services.sddm.enableGnomeKeyring = true;
security.pam.services.hyprlock.enableGnomeKeyring = true;
# Bluetooth managment
services.blueman.enable = true;
# Enable CUPS to print documents.
services.printing.enable = true;
@ -211,6 +227,7 @@ security.krb5 = {
# Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true;
# /share
users.groups.share = {};
@ -247,6 +264,13 @@ systemd.tmpfiles.rules = [
shell = pkgs.zsh;
};
users.users.kiosk = {
isNormalUser = true;
home = "/var/kiosk";
homeMode = "700";
extraGroups = ["audio"];
};
# Font Config
fonts = {
enableDefaultPackages = true;
@ -315,6 +339,7 @@ environment.etc.crypttab = {
#backgroundbin = "$XDG_PICTURES_DIR/Wallpapers/current";
loginBackground = true;
})
networkmanagerapplet # Network Manager GUI
];
programs = {
@ -358,7 +383,9 @@ programs.gnupg.agent = {
enableSSHSupport = true;
};
security.polkit.extraConfig = ''
security.polkit = {
enable = true;
extraConfig = ''
polkit.addRule(function(action, subject) {
if (
subject.isInGroup("users")
@ -374,23 +401,7 @@ security.polkit.extraConfig = ''
}
})
'';
systemd.user.services =
{
polkit-gnome-authentication-agent-1 = {
description = "polkit-gnome-authentication-agent-1";
wantedBy = [ "graphical-session.target" ];
wants = [ "graphical-session.target" ];
after = [ "graphical-session.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
Restart = "on-failure";
RestartSec = 1;
TimeoutStopSec = 10;
};
};
};
};
system.userActivationScripts.linktosharedfolder.text = ''
if [[ ! -h "$XDG_MUSIC_DIR" ]]; then

36
flake.lock generated
View File

@ -2,11 +2,11 @@
"nodes": {
"crane": {
"locked": {
"lastModified": 1730652660,
"narHash": "sha256-+XVYfmVXAiYA0FZT7ijHf555dxCe+AoAT5A6RU+6vSo=",
"lastModified": 1731098351,
"narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=",
"owner": "ipetkov",
"repo": "crane",
"rev": "a4ca93905455c07cb7e3aca95d4faf7601cba458",
"rev": "ef80ead953c1b28316cc3f8613904edc2eb90c28",
"type": "github"
},
"original": {
@ -86,11 +86,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1731941836,
"narHash": "sha256-zpmAzrvK8KdssBSwiIwwRxaUJ77oWORbW0XFvgCFpTE=",
"lastModified": 1734994463,
"narHash": "sha256-S9MgfQjNt4J3I7obdLOVY23h+Yl/hnyibwGfOl+1uOE=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "2f48272f34174fd2a5ab3df4d8a46919247be879",
"rev": "93e6f0d77548be8757c11ebda5c4235ef4f3bc67",
"type": "github"
},
"original": {
@ -101,11 +101,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1732521221,
"narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
"lastModified": 1734649271,
"narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
"rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507",
"type": "github"
},
"original": {
@ -117,11 +117,11 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1720386169,
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
"lastModified": 1730741070,
"narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
"rev": "d063c1dd113c91ab27959ba540c0d9753409edf3",
"type": "github"
},
"original": {
@ -145,11 +145,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1730302582,
"narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=",
"lastModified": 1731363552,
"narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf",
"rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0",
"type": "github"
},
"original": {
@ -172,11 +172,11 @@
]
},
"locked": {
"lastModified": 1730601085,
"narHash": "sha256-Sgax33jGuvVHTjl1P78IwzlhAGyOxtx5Q26inKja8S4=",
"lastModified": 1731897198,
"narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "8d1b40f8dfd7539aaa3de56e207e22b3cc451825",
"rev": "0be641045af6d8666c11c2c40e45ffc9667839b5",
"type": "github"
},
"original": {

6
flake.nix
View File

@ -38,6 +38,12 @@
})
];
};
Zuse2 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./configuration.nix
];
};
};
};
}

23
hardware-configuration.nix
View File

@ -8,33 +8,30 @@
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/2ba31f86-69eb-448c-a224-7bb228803f95";
{ device = "/dev/disk/by-uuid/445ce2b5-db78-48b5-bde7-1aa3057bafae";
fsType = "btrfs";
};
boot.initrd.luks.devices."root".device = "/dev/disk/by-uuid/b9457757-75bc-494e-adaa-87d772b93cbd";
fileSystems."/var/lib/docker/btrfs" =
{ device = "/var/lib/docker/btrfs";
fsType = "none";
options = [ "bind" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/12CE-A600";
{ device = "/dev/disk/by-uuid/3139-13CA";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
fileSystems."/share" =
{ device = "/dev/disk/by-uuid/61d599a8-170a-4e97-abb3-cd0cb32edac2";
fsType = "btrfs";
};
boot.initrd.luks.devices."share".device = "/dev/disk/by-uuid/87aa812d-b5dd-44b7-bb4d-303d6ac7c11a";
swapDevices =
[ { device = "/dev/disk/by-uuid/a07a0f5b-012b-4b37-b052-8e2da8615413"; }
[ { device = "/dev/disk/by-uuid/4fc7c055-f053-4bfa-a609-58ad9444450f"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@ -42,7 +39,9 @@
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.docker0.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;