chris/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Format

Browse Source
This commit is contained in:
Chris
2026-02-28 14:33:47 +00:00
parent 9cd1adf12d
commit 24417bb1b8
1 changed files with 295 additions and 295 deletions
Download Patch File Download Diff File Expand all files Collapse all files

590
flake.nix
View File

@@ -36,42 +36,43 @@
disko.devices = {
disk = {
stationette = {
type = "disk";
device = "/dev/sda"; # Check this with lsblk
content = {
type = "gpt";
partitions = {
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "fmask=0022" "dmask=0022" "umask=0077" ];
type = "disk";
device = "/dev/sda"; # Check this with lsblk
content = {
type = "gpt";
partitions = {
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "fmask=0022" "dmask=0022" "umask=0077" ];
};
};
};
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ]; # Force overwrite
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/persist" = {
mountpoint = "/persist";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/swap" = {
mountpoint = "/.swapvol";
swap.swapfile.size = "8G";
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ]; # Force overwrite
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/persist" = {
mountpoint = "/persist";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/swap" = {
mountpoint = "/.swapvol";
swap.swapfile.size = "8G";
};
};
};
};
@@ -80,295 +81,294 @@
};
};
};
};
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
environment = {
persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/networkmanager"
"/etc/ssh"
];
files = [
"/etc/machine-id"
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
environment = {
persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/networkmanager"
"/etc/ssh"
];
files = [
"/etc/machine-id"
];
};
systemPackages = with pkgs; [
bat
#highlight
btop
eza
fzf
git
#gnumake
#neofetch
neovim
ripgrep
tldr
unzip
openssl
wget
zip
zoxide
jq
lazygit
#sqlit
less
mlocate
tree
tmux
tmuxinator
wget
zenity
gum
yazi
rsync
p7zip
impala
];
};
systemPackages = with pkgs; [
bat
#highlight
btop
eza
fzf
git
#gnumake
#neofetch
neovim
ripgrep
tldr
unzip
openssl
wget
zip
zoxide
jq
lazygit
#sqlit
less
mlocate
tree
tmux
tmuxinator
wget
zenity
gum
yazi
rsync
p7zip
impala
];
};
networking = {
hostName = "stationette";
networkmanager.enable = true;
};
users.users.chris = {
uid = 1000;
isNormalUser = true;
initialPassword = "changeme123";
shell = pkgs.zsh;
extraGroups = [
"chris"
"wheel"
"networkmanager"
];
};
programs.zsh = {
enable = true;
};
networking = {
hostName = "stationette";
networkmanager.enable = true;
};
users.users.chris = {
uid = 1000;
isNormalUser = true;
initialPassword = "changeme123";
shell = pkgs.zsh;
extraGroups = [
"chris"
"wheel"
"networkmanager"
];
};
programs.zsh = {
enable = true;
};
system.stateVersion = "25.11";
home-manager = {
users.chris = { pkgs, lib, ... }: {
home = {
username = "chris";
homeDirectory = "/home/chris";
stateVersion = "25.11";
persistence."/persist" = {
directories = [
"Downloads"
"Tower"
".config/dotfiles"
".local/share/direnv"
".ssh"
];
};
activation.setupDotfiles = lib.hm.dag.entryAfter ["writeBoundary"] ''
system.stateVersion = "25.11";
home-manager = {
users.chris = { pkgs, lib, ... }: {
home = {
username = "chris";
homeDirectory = "/home/chris";
stateVersion = "25.11";
persistence."/persist" = {
directories = [
"Downloads"
"Tower"
".config/dotfiles"
".local/share/direnv"
".ssh"
];
};
activation.setupDotfiles = lib.hm.dag.entryAfter ["writeBoundary"] ''
if [[ -v DRY_RUN ]]; then
echo "Dry run: Would bootstrap dotfiles from labs.scarif.space"
exit
exit
fi
DOTFILES_DIR="$HOME/.config/dotfiles"
if [ -d "$DOTFILES_DIR/.git" ]; then
SOURCE="$DOTFILES_DIR/.git"
SOURCE="$DOTFILES_DIR/.git"
else
SOURCE="https://labs.scarif.space/chris/dotfiles.git"
SOURCE="https://labs.scarif.space/chris/dotfiles.git"
# Initialize the separate git directory
if [ ! -d "$DOTFILES_DIR" ]; then
${pkgs.coreutils}/bin/mkdir -p "$DOTFILES_DIR"
fi
fi
${pkgs.coreutils}/bin/mkdir -p "$DOTFILES_DIR"
fi
fi
TEMP_DIR=$(mktemp -d)
${pkgs.git}/bin/git clone -b main "$SOURCE" "$TEMP_DIR"
${pkgs.git}/bin/git clone -b main "$SOURCE" "$TEMP_DIR"
${pkgs.coreutils}/bin/cp -rfT "$TEMP_DIR" "$HOME"
${pkgs.coreutils}/bin/cp -rfT "$TEMP_DIR" "$HOME"
cd "$HOME"
${pkgs.git}/bin/git init --separate-git-dir "$DOTFILES_DIR/.git" "$HOME"
${pkgs.git}/bin/git init --separate-git-dir "$DOTFILES_DIR/.git" "$HOME"
${pkgs.git}/bin/git submodule set-url ".config/nvim" https://labs.scarif.space/chris/nvim.git
${pkgs.git}/bin/git submodule update --init
${pkgs.git}/bin/git submodule set-url ".config/nvim" https://labs.scarif.space/chris/nvim.git
${pkgs.git}/bin/git submodule update --init
${pkgs.git}/bin/git submodule set-url ".config/nvim" git@labs.scarif.space:chris/nvim.git
${pkgs.git}/bin/git remote set-url origin git@labs.scarif.space:chris/dotfiles.git
${pkgs.git}/bin/git submodule set-url ".config/nvim" git@labs.scarif.space:chris/nvim.git
${pkgs.git}/bin/git remote set-url origin git@labs.scarif.space:chris/dotfiles.git
# Clean up
${pkgs.coreutils}/bin/rm -rf "$TEMP_DIR"
${pkgs.coreutils}/bin/rm -f "$HOME/.git"
${pkgs.coreutils}/bin/rm -rf "$TEMP_DIR"
${pkgs.coreutils}/bin/rm -f "$HOME/.git"
echo "Dotfiles bootstrapped successfully."
'';
packages = with pkgs; [
# jetbrains.rider
# android-studio
# beekeeper-studio
# brave
# discord
# spotify
# go
# lua
# nodePackages.pnpm
# (python3.withPackages (python-pkgs: [ python-pkgs.pip python-pkgs.requests ]))
# rustup
# zig
# obsidian
# thunderbird
# libreoffice-qt
# pkgs-unstable.nerd-fonts.fira-code
# hunspell
# blueberry
# steam
# steam-run
# viewnior
# pkgs-unstable.hyprshot
# catppuccin-cursors.macchiatoBlue
# catppuccin-gtk
# papirus-folders
# pkgs-unstable.php84Packages.composer
# pkgs-unstable.php84Packages.xdebug
# pkgs-unstable.php84Extensions.sqlite3
# pkgs-unstable.php84Extensions.redis
# pkgs-unstable.php84Extensions.sodium
# pkgs-unstable.php84Extensions.pgsql
# pkgs-unstable.php84Extensions.iconv
# pkgs-unstable.php84Extensions.gd
# pkgs-unstable.php84Extensions.zip
# php
# antigravity
# gimp
# kdePackages.dolphin
# enpass
# enpass-cli
# expressvpn
# jellyfin-ffmpeg
# inkscape
# krita
# libreoffice-fresh
# nextcloud-client
# nodejs_24
# signal-desktop
# sxiv
# tenacity
# unzip
# zathura
# ghostty
# wally-cli
# kdePackages.wacomtablet
# kdePackages.print-manager
# mpv
# vlc
# telegram-desktop
];
};
programs = let
lock-false = {
Value = false;
Status = "locked";
};
lock-true = {
Value = true;
Status = "locked";
};
in {
# firefox = {
# enable = true;
# package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
# extraPolicies = {
# DisableTelemetry = true;
# DisableFirefoxStudies = true;
# EnableTrackingProtection = {
# Value= true;
# Locked = true;
# Cryptomining = true;
# Fingerprinting = true;
# };
# DisablePocket = true;
# DisableFirefoxAccounts = true;
# DisableAccounts = true;
# DisableFirefoxScreenshots = true;
# OverrideFirstRunPage = "";
# OverridePostUpdatePage = "";
# DontCheckDefaultBrowser = true;
# DisplayBookmarksToolbar = "always"; # alternatives: "always" or "newtab"
# DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
# SearchBar = "unified"; # alternative: "separate"
# /* ---- EXTENSIONS ---- */
# ExtensionSettings = {
# "*".installation_mode = "allowed"; # blocks all addons except the ones specified below
# # Enpass
# "firefox-enpass@enpass.io" = {
# install_url = "https://dl.enpass.io/stable/extensions/firefox/versions/v6.11.10.2/enpass_password_manager-6.11.10.2.xpi";
# installation_mode = "force_installed";
# };
# };
# /* ---- PREFERENCES ---- */
# # Set preferences shared by all profiles.
# Preferences = {
# "browser.contentblocking.category" = { Value = "strict"; Status = "locked"; };
# "extensions.pocket.enabled" = lock-false;
# "extensions.screenshots.disabled" = lock-true;
# "browser.topsites.contile.enabled" = lock-false;
# "browser.formfill.enable" = lock-false;
# "browser.search.suggest.enabled" = lock-false;
# "browser.search.suggest.enabled.private" = lock-false;
# "browser.urlbar.suggest.searches" = lock-false;
# "browser.urlbar.showSearchSuggestionsFirst" = lock-false;
# "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false;
# "browser.newtabpage.activity-stream.feeds.snippets" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false;
# "browser.newtabpage.activity-stream.showSponsored" = lock-false;
# "browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
# "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
# };
# };
# };
# };
};
nixpkgs = {
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
permittedInsecurePackages = [
"electron-25.9.0" # Obsidian
"beekeeper-studio-5.3.4"
'';
packages = with pkgs; [
# jetbrains.rider
# android-studio
# beekeeper-studio
# brave
# discord
# spotify
# go
# lua
# nodePackages.pnpm
# (python3.withPackages (python-pkgs: [ python-pkgs.pip python-pkgs.requests ]))
# rustup
# zig
# obsidian
# thunderbird
# libreoffice-qt
# pkgs-unstable.nerd-fonts.fira-code
# hunspell
# blueberry
# steam
# steam-run
# viewnior
# pkgs-unstable.hyprshot
# catppuccin-cursors.macchiatoBlue
# catppuccin-gtk
# papirus-folders
# pkgs-unstable.php84Packages.composer
# pkgs-unstable.php84Packages.xdebug
# pkgs-unstable.php84Extensions.sqlite3
# pkgs-unstable.php84Extensions.redis
# pkgs-unstable.php84Extensions.sodium
# pkgs-unstable.php84Extensions.pgsql
# pkgs-unstable.php84Extensions.iconv
# pkgs-unstable.php84Extensions.gd
# pkgs-unstable.php84Extensions.zip
# php
# antigravity
# gimp
# kdePackages.dolphin
# enpass
# enpass-cli
# expressvpn
# jellyfin-ffmpeg
# inkscape
# krita
# libreoffice-fresh
# nextcloud-client
# nodejs_24
# signal-desktop
# sxiv
# tenacity
# unzip
# zathura
# ghostty
# wally-cli
# kdePackages.wacomtablet
# kdePackages.print-manager
# mpv
# vlc
# telegram-desktop
];
};
programs = let
lock-false = {
Value = false;
Status = "locked";
};
lock-true = {
Value = true;
Status = "locked";
};
in {
# firefox = {
# enable = true;
# package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
# extraPolicies = {
# DisableTelemetry = true;
# DisableFirefoxStudies = true;
# EnableTrackingProtection = {
# Value= true;
# Locked = true;
# Cryptomining = true;
# Fingerprinting = true;
# };
# DisablePocket = true;
# DisableFirefoxAccounts = true;
# DisableAccounts = true;
# DisableFirefoxScreenshots = true;
# OverrideFirstRunPage = "";
# OverridePostUpdatePage = "";
# DontCheckDefaultBrowser = true;
# DisplayBookmarksToolbar = "always"; # alternatives: "always" or "newtab"
# DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
# SearchBar = "unified"; # alternative: "separate"
# /* ---- EXTENSIONS ---- */
# ExtensionSettings = {
# "*".installation_mode = "allowed"; # blocks all addons except the ones specified below
# # Enpass
# "firefox-enpass@enpass.io" = {
# install_url = "https://dl.enpass.io/stable/extensions/firefox/versions/v6.11.10.2/enpass_password_manager-6.11.10.2.xpi";
# installation_mode = "force_installed";
# };
# };
# /* ---- PREFERENCES ---- */
# # Set preferences shared by all profiles.
# Preferences = {
# "browser.contentblocking.category" = { Value = "strict"; Status = "locked"; };
# "extensions.pocket.enabled" = lock-false;
# "extensions.screenshots.disabled" = lock-true;
# "browser.topsites.contile.enabled" = lock-false;
# "browser.formfill.enable" = lock-false;
# "browser.search.suggest.enabled" = lock-false;
# "browser.search.suggest.enabled.private" = lock-false;
# "browser.urlbar.suggest.searches" = lock-false;
# "browser.urlbar.showSearchSuggestionsFirst" = lock-false;
# "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false;
# "browser.newtabpage.activity-stream.feeds.snippets" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false;
# "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false;
# "browser.newtabpage.activity-stream.showSponsored" = lock-false;
# "browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
# "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
# };
# };
# };
# };
};
nixpkgs = {
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
permittedInsecurePackages = [
"electron-25.9.0" # Obsidian
"beekeeper-studio-5.3.4"
];
};
};
};
extraSpecialArgs = {
inherit inputs;
};
};
extraSpecialArgs = {
inherit inputs;
};
};
}
];
}
];
};
};
};
# Standalone home-manager configuration entrypoint
#homeConfigurations = {
# chris = home-manager.lib.homeManagerConfiguration {
# inherit pkgs;
# extraSpecialArgs = {
# inherit inputs;
# };
# modules = [
# ./home
# ];
# };
#};
};
# Standalone home-manager configuration entrypoint
#homeConfigurations = {
# chris = home-manager.lib.homeManagerConfiguration {
# inherit pkgs;
# extraSpecialArgs = {
# inherit inputs;
# };
# modules = [
# ./home
# ];
# };
#};
};
}