chris/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: chris:cabdf0aeb5bcc5e2fb4f3370cb5a6c68b3b37d4b
Branches Tags
chris:main
...
compare: chris:main
Branches Tags
chris:main

87 Commits
cabdf0aeb5 ... main

Author SHA1 Message Date
Chris
b2458bbefc Update files 2026-04-06 22:40:40 +01:00
Chris
70302671ff Update files 2026-04-06 20:07:34 +01:00
Chris
0c78fd12a1 Update files 2026-04-06 17:52:15 +01:00
Chris
7a2a6ccd23 Update files 2026-04-06 13:54:31 +01:00
Chris
ad70686b05 fix krita 2026-04-05 22:47:17 +01:00
Chris
0c69a2c32e Update files 2026-04-05 15:17:12 +01:00
Chris
0c631272ea Update files 2026-04-05 15:13:37 +01:00
Chris
b745739914 Update 2026-04-05 15:02:20 +01:00
Chris
67b3c38f52 Update files 2026-04-05 14:16:59 +01:00
Chris
e70a5473c4 Update files 2026-04-01 20:42:51 +01:00
Chris
96a17d3313 Update files 2026-03-29 21:31:08 +00:00
Chris
ed2def05a2 Update files 2026-03-28 17:22:04 +00:00
Chris
0482012f79 Update files 2026-03-28 17:21:40 +00:00
Chris
f5cd434ac0 Update files 2026-03-28 17:21:19 +00:00
Chris
48e51cb952 Update files 2026-03-28 14:07:08 +00:00
Chris
7463facb62 Update files 2026-03-27 14:56:46 +00:00
Chris
d006e30a31 Update files 2026-03-27 13:48:02 +00:00
Chris
7aa9f6c785 Update files 2026-03-27 13:43:07 +00:00
Chris
55534e65ff Update files 2026-03-27 13:42:29 +00:00
Chris
e934e19ecb Update files 2026-03-27 11:50:47 +00:00
Chris
b4f21226ef Update files 2026-03-27 09:56:39 +00:00
Chris
ca8931192d Update files 2026-03-27 09:56:09 +00:00
Chris
c9fa01aaf0 Update files 2026-03-27 09:47:23 +00:00
Chris
6a5fd198b5 Update files 2026-03-27 09:41:53 +00:00
Chris
795e73be77 Update files 2026-03-27 09:36:24 +00:00
Chris
b4c63b8b79 Update files 2026-03-27 09:31:53 +00:00
Chris
356b2a82aa Update files 2026-03-27 08:47:15 +00:00
Chris
448432926f Update files 2026-03-26 18:33:47 +00:00
Chris
1447336288 Update files 2026-03-26 17:09:56 +00:00
Chris
104ef84243 Update files 2026-03-25 21:14:36 +00:00
Chris
898868900c Update files 2026-03-25 21:07:14 +00:00
Chris
0fb5035fc1 Update files 2026-03-25 21:03:32 +00:00
Chris
59c4299ae7 Update files 2026-03-25 20:58:46 +00:00
Chris
921b0527ab Update files 2026-03-25 20:57:19 +00:00
Chris
36ed8aeff0 Update files 2026-03-24 21:37:51 +00:00
Chris
91f10904d2 Update files 2026-03-24 21:01:17 +00:00
Chris
bc73d5ec6e Update files 2026-03-24 20:42:44 +00:00
Chris
e8b47ea4a5 Update files 2026-03-24 20:39:25 +00:00
Chris
b941192860 Update files 2026-03-24 19:07:10 +00:00
Chris
249e95075c Update files 2026-03-24 19:03:39 +00:00
Chris
876f7e6c3f Update files 2026-03-23 22:33:29 +00:00
Chris
6ed74b4d37 Update files 2026-03-23 22:33:11 +00:00
Chris
95c859b3f4 Sound 2026-03-23 22:32:55 +00:00
Chris
2325e48006 Update files 2026-03-23 22:20:28 +00:00
Chris
39ac040d98 Update files 2026-03-23 22:20:05 +00:00
Chris
608506ec3b Update files 2026-03-23 22:18:20 +00:00
Chris
204803689f Update files 2026-03-23 22:17:22 +00:00
Chris
43e0876595 Update files 2026-03-23 21:32:14 +00:00
Chris
dea59a0c17 Update files 2026-03-23 21:22:48 +00:00
Chris
14043ea855 Update files 2026-03-23 21:12:18 +00:00
Chris
b78485c0d6 Update files 2026-03-23 20:13:45 +00:00
Chris
1542c5ba2f Update files 2026-03-22 21:48:00 +00:00
Chris
aea31984d0 Update files 2026-03-22 21:39:15 +00:00
Chris
efe8575777 Update files 2026-03-22 21:36:40 +00:00
Chris
805e028eaa Update files 2026-03-22 21:25:04 +00:00
Chris
5885f86813 Update files 2026-03-22 21:23:48 +00:00
Chris
e41939f2e1 Update files 2026-03-21 17:28:54 +00:00
Chris
c1a50c2ce9 Update files 2026-03-21 17:27:28 +00:00
Chris
f89861cad7 Update files 2026-03-21 17:25:14 +00:00
Chris
345f498212 Update files 2026-03-21 17:24:16 +00:00
Chris
bfeca4e848 Flake 2026-03-20 19:42:11 +00:00
Chris
695e9d1037 Update files 2026-03-20 19:26:48 +00:00
Chris
4b83effbda Update files 2026-03-20 19:18:45 +00:00
Chris
bad3d6bb03 Update files 2026-03-20 19:15:37 +00:00
Chris
a9d032fa79 Update files 2026-03-20 19:14:34 +00:00
Chris
8c47bcea6a Wine 2026-03-20 19:13:30 +00:00
Chris
b09edeb4b7 Update files 2026-03-20 19:11:54 +00:00
Chris
2b2e18eac3 Update files 2026-03-19 17:19:51 +00:00
Chris
19fcd662dd Update files 2026-03-18 20:58:46 +00:00
Chris
bff2fe0ea1 Update files 2026-03-18 17:08:24 +00:00
Chris
94da53c296 Update files 2026-03-15 17:17:18 +00:00
Chris
16069417e9 Add obsidian config 2026-03-15 17:04:51 +00:00
Chris
95f1f15a68 More stuff 2026-03-15 17:04:38 +00:00
Chris
51ab62ab2b Fix hooks 2026-03-14 11:02:13 +00:00
Chris
a3a1d1c730 Fix for install 2026-03-14 10:43:47 +00:00
Chris
ac5df46bc0 Update README 2026-03-13 19:32:32 +00:00
Chris
d869bc0cf9 Fix errors 2026-03-13 19:14:07 +00:00
Chris
69232abb6c Refactoring 2026-03-12 23:38:13 +00:00
Chris
95740b26bf Configure for two machines 2026-03-09 23:04:47 +00:00
Chris
cb2150362c Refactoring 2026-03-09 21:43:40 +00:00
Chris
6d89b0c685 Refactoring 2026-03-09 20:27:18 +00:00
Chris
3c76981dc6 Chromium 2026-03-08 23:18:43 +00:00
Chris
71d3e4623c Update files 2026-03-08 21:00:47 +00:00
Chris
d66fd8b5c5 Stuff 2026-03-08 15:27:58 +00:00
Chris
9bf816f6a9 Stuff 2026-03-08 00:25:16 +00:00
Chris
9d4baf7266 Fix error 2026-03-07 00:28:53 +00:00
Chris
ac8d10a0a0 Bootloader 2026-03-07 00:26:43 +00:00
37 changed files with 1617 additions and 671 deletions
Expand all files Collapse all files

54
.Trash-1000/files/nextcloud.cfg Normal file
View File

@@ -0,0 +1,54 @@
[General]
clientPreviousVersion=
clientVersion=4.0.6
confirmExternalStorage=true
desktopEnterpriseChannel=stable
isVfsEnabled=false
launchOnSystemStartup=true
monoIcons=false
moveToTrash=false
newBigFolderSizeLimit=500
notifyExistingFoldersOverLimit=false
optionalServerNotifications=true
overrideLocalDir=
overrideServerUrl=
promptDeleteAllFiles=false
showCallNotifications=true
showChatNotifications=true
showInExplorerNavigationPane=false
stopSyncingExistingFoldersOverLimit=false
updateChannel=stable
useNewBigFolderSizeLimit=true
[Accounts]
0\Folders\1\ignoreHiddenFiles=false
0\Folders\1\journalPath=.sync_0a9bf4139ff3.db
0\Folders\1\localPath=/home/chris/Tower/
0\Folders\1\paused=false
0\Folders\1\targetPath=/
0\Folders\1\version=2
0\Folders\1\virtualFilesMode=off
0\authType=webflow
0\dav_user=chris
0\desktopEnterpriseChannel=invalid
0\displayName=chris
0\encryptionCertificateSha256Fingerprint=@ByteArray()
0\networkDownloadLimit=0
0\networkDownloadLimitSetting=0
0\networkProxyHostName=
0\networkProxyNeedsAuth=false
0\networkProxyPort=0
0\networkProxyType=2
0\networkProxyUser=
0\networkUploadLimit=0
0\networkUploadLimitSetting=0
0\serverColor=@Variant(\0\0\0\x43\x1\xff\xff\0\0\x82\x82\xc9\xc9\0\0)
0\serverHasValidSubscription=false
0\serverTextColor=@Variant(\0\0\0\x43\x1\xff\xff\xff\xff\xff\xff\xff\xff\0\0)
0\serverVersion=32.0.5.0
0\url=https://tower.scarif.space
0\version=13
0\webflow_user=chris
[Nextcloud]
autoUpdateCheck=true

3
.Trash-1000/info/nextcloud.cfg.trashinfo Normal file
View File

@@ -0,0 +1,3 @@
[Trash Info]
Path=/home/chris/.config/nixos/initial-configs/nextcloud.cfg
DeletionDate=2026-03-23T21:32:08

93
README.md Normal file
View File

@@ -0,0 +1,93 @@
# NixOS Configuration
This repository contains the declarative NixOS configuration for my machines, utilizing Flakes, Home Manager, and Disko for dynamic, multi-host deployment.
## Hardware Configuration Generation
When setting up a new host, or updating an existing one, you'll need to generate a hardware-specific configuration file so NixOS knows what kernel modules and microcode to load for your exact components.
To generate the hardware configuration, run the following command directly on the target machine:
```bash
# Replace 'hostname' with the name of your machine (e.g., 'station' or 'stationette')
# We use 'nix shell' since the nixos-install-tools package doesn't have a default executable.
sudo $(which nix) --extra-experimental-features "nix-command flakes" shell nixpkgs#nixos-install-tools -c nixos-generate-config --no-filesystems --show-hardware-config --dir . > hardware/<hostname>-hardware-configuration.nix
```
Ensure this file is tracked by git before attempting to evaluate or build the flake:
```bash
git add hardware/<hostname>-hardware-configuration.nix
```
## Installation
This configuration uses [Disko](https://github.com/nix-community/disko) to manage declarative disk partitioning and formatting. The disk layouts are defined in `hardware/disko.nix`.
> [!WARNING]
> Running the Disko installation commands below will **completely erase** the target disks. Ensure you have backups of any important data before proceeding.
### Method 1: Installing Directly from Gitea (Remote)
You can install NixOS directly from this repository without needing to clone it manually first. Boot into a NixOS live USB, open a terminal, and run the following command.
Replace `<hostname>` with your target machine (e.g., `stationette`) and `<disk>` with the target block device (e.g., `/dev/sda` or `/dev/nvme0n1`):
```bash
nix --extra-experimental-features "nix-command flakes" run github:nix-community/disko/latest#disko-install -- \
--flake git+https://labs.scarif.space/chris/nixos/#<hostname> \
--disk <hostname> \
--write-efi-boot-entries <disk>
```
#### Examples:
**For `stationette`:**
```bash
nix --extra-experimental-features "nix-command flakes" run github:nix-community/disko/latest#disko-install -- \
--flake git+https://labs.scarif.space/chris/nixos/#stationette \
--disk stationette \
--write-efi-boot-entries /dev/sda
```
**For `station`:**
```bash
nix --extra-experimental-features "nix-command flakes" run github:nix-community/disko/latest#disko-install -- \
--flake git+https://labs.scarif.space/chris/nixos/#station \
--disk station \
--write-efi-boot-entries /dev/nvme0n1
```
### Method 2: Installing from a Local Clone
If you prefer to clone the repository first so you can make manual adjustments (like generating the hardware configuration) before deploying:
1. Boot into a NixOS live USB.
2. Clone the repository:
```bash
git clone https://labs.scarif.space/chris/nixos.git /mnt/etc/nixos
cd /mnt/etc/nixos
```
3. Generate your hardware configuration (if needed):
```bash
nixos-generate-config --no-filesystems --show-hardware-config > hardware/<hostname>-hardware-configuration.nix
git add hardware/<hostname>-hardware-configuration.nix
```
4. Run the Disko installer using the local flake:
```bash
nix --extra-experimental-features "nix-command flakes" run github:nix-community/disko/latest#disko-install -- \
--flake .#<hostname> \
--disk <hostname> \
--write-efi-boot-entries <disk>
```
*(Remember to replace `<hostname>` and `<disk>` with your specific machine's details, e.g., `.m#stationette` and `/dev/sda`)*.
---
### Rebuilding the System
Once installed and booted into your new system, you can pull the latest changes and apply updates using standard NixOS rebuild commands:
```bash
sudo nixos-rebuild switch --flake .#<hostname>
```

1
alejandra.toml Normal file
View File

@@ -0,0 +1 @@
# indentation = "FourSpaces"

BIN
default_wallpaper.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 73 KiB

268
flake.lock generated
View File

@@ -25,11 +25,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1770910218,
"narHash": "sha256-IyHoHbhLFuIgFG+n7dqHwJaXuNnRaEsxCfAsfudV1KY=",
"lastModified": 1774640361,
"narHash": "sha256-5PLTPbnbtK0iDbsB9yFeHr5y/pv6/XzoVm/CDeXXt/c=",
"owner": "abenz1267",
"repo": "elephant",
"rev": "c354a596ec7a7e34e9c26478dc7ef9680bc23e6d",
"rev": "d30652147d8e16ebc849b779b8ef495a894b0dd4",
"type": "github"
},
"original": {
@@ -46,11 +46,11 @@
},
"locked": {
"dir": "pkgs/firefox-addons",
"lastModified": 1772078860,
"narHash": "sha256-Pojf7QHic9RmZFIoWYx5LoHy1UytoOHuGnLH3U5Nipo=",
"lastModified": 1775448173,
"narHash": "sha256-C6OJuD3A4KDNz4QaYedkYtXzKHPecG5YYyMGLq7UwY8=",
"owner": "rycee",
"repo": "nur-expressions",
"rev": "ae41eb07a37d1d5cd7b5714df0fbcb315c492e4d",
"rev": "5b0fb7d54dea38c47e5c58058c166e790a0e0cf1",
"type": "gitlab"
},
"original": {
@@ -60,10 +60,44 @@
"type": "gitlab"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1767039857,
"narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
"owner": "NixOS",
"repo": "flake-compat",
"rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1775087534,
"narHash": "sha256-91qqW8lhL7TLwgQWijoGBbiD4t7/q75KTi8NxjVmSmA=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "3107b77cd68437b9a76194f0f7f9c55f2329ca5b",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1763759067,
"narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=",
@@ -78,6 +112,69 @@
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"nix-gaming",
"nixpkgs"
]
},
"locked": {
"lastModified": 1775036584,
"narHash": "sha256-zW0lyy7ZNNT/x8JhzFHBsP2IPx7ATZIPai4FJj12BgU=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "4e0eb042b67d863b1b34b3f64d52ceb9cd926735",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"nix-gaming",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -85,11 +182,11 @@
]
},
"locked": {
"lastModified": 1772020340,
"narHash": "sha256-aqBl3GNpCadMoJ/hVkWTijM1Aeilc278MjM+LA3jK6g=",
"lastModified": 1775425411,
"narHash": "sha256-KY6HsebJHEe5nHOWP7ur09mb0drGxYSzE3rQxy62rJo=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "36e38ca0d9afe4c55405fdf22179a5212243eecc",
"rev": "0d02ec1d0a05f88ef9e74b516842900c41f0f2fe",
"type": "github"
},
"original": {
@@ -107,11 +204,11 @@
]
},
"locked": {
"lastModified": 1772060133,
"narHash": "sha256-VuyRptb8v1lVGMlLp4/1vRX3Efwec0CN0S6mKmDPzLg=",
"lastModified": 1768598210,
"narHash": "sha256-kkgA32s/f4jaa4UG+2f8C225Qvclxnqs76mf8zvTVPg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "ce9b6e52500a0ea0ec48f0bbf6d7a3e431d9dfa4",
"rev": "c47b2cc64a629f8e075de52e4742de688f930dc6",
"type": "github"
},
"original": {
@@ -139,13 +236,33 @@
"type": "github"
}
},
"nix-gaming": {
"inputs": {
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1775445570,
"narHash": "sha256-Vo+fChd5PkSnbHDKPQSROMDPmPPuFsRTqeVpEWd7afU=",
"owner": "fufexan",
"repo": "nix-gaming",
"rev": "98a1511fbc84643be14c6c60816bdad1d00a004a",
"type": "github"
},
"original": {
"owner": "fufexan",
"repo": "nix-gaming",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1772082373,
"narHash": "sha256-wySf8a6hvuqgFdwvvzPPTARBCMLDz7WFAufGkllD1M4=",
"lastModified": 1768661221,
"narHash": "sha256-MJwOjrIISfOpdI9x4C+5WFQXvHtOuj5mqLZ4TMEtk1M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "26eaeac4e409d7b5a6bf6f90a2a2dc223c78d915",
"rev": "3327b113f2ef698d380df83fbccefad7e83d7769",
"type": "github"
},
"original": {
@@ -156,6 +273,21 @@
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1774748309,
"narHash": "sha256-+U7gF3qxzwD5TZuANzZPeJTZRHS29OFQgkQ2kiTJBIQ=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "333c4e0545a6da976206c74db8773a1645b5870a",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1761765539,
"narHash": "sha256-b0yj6kfvO8ApcSE+QmA6mUfu8IYG6/uU28OFn4PaC8M=",
@@ -172,11 +304,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1772198003,
"narHash": "sha256-I45esRSssFtJ8p/gLHUZ1OUaaTaVLluNkABkk6arQwE=",
"lastModified": 1775036866,
"narHash": "sha256-ZojAnPuCdy657PbTq5V0Y+AHKhZAIwSIT2cb8UgAz/U=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "dd9b079222d43e1943b6ebd802f04fd959dc8e61",
"rev": "6201e203d09599479a3b3450ed24fa81537ebc4e",
"type": "github"
},
"original": {
@@ -204,11 +336,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1771848320,
"narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=",
"lastModified": 1768564909,
"narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2fc6539b481e1d2569f25f8799236694180c0993",
"rev": "e4bae1bd10c9c57b2cf517953ab70060a828ee6f",
"type": "github"
},
"original": {
@@ -220,27 +352,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1772047000,
"narHash": "sha256-7DaQVv4R97cii/Qdfy4tmDZMB2xxtyIvNGSwXBBhSmo=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "1267bb4920d0fc06ea916734c11b0bf004bbe17e",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1764557259,
"narHash": "sha256-fhD/QUtJ0HKs3oLvfnD+/SrBV5Y7YEkCYnDjOVUjLys=",
"lastModified": 1775126147,
"narHash": "sha256-J0dZU4atgcfo4QvM9D92uQ0Oe1eLTxBVXjJzdEMQpD0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0d70460758949966e91d9ecb823b821f963cefbb",
"rev": "8d8c1fa5b412c223ffa47410867813290cdedfef",
"type": "github"
},
"original": {
@@ -250,18 +366,18 @@
"type": "github"
}
},
"nixpkgs_6": {
"nixpkgs_5": {
"locked": {
"lastModified": 1768564909,
"narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=",
"owner": "NixOS",
"lastModified": 1775305101,
"narHash": "sha256-/74n1oQPtKG52Yw41cbToxspxHbYz6O3vi+XEw16Qe8=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e4bae1bd10c9c57b2cf517953ab70060a828ee6f",
"rev": "36a601196c4ebf49e035270e10b2d103fe39076b",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"owner": "nixos",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
@@ -273,9 +389,11 @@
"firefox-addons": "firefox-addons",
"home-manager": "home-manager",
"impermanence": "impermanence",
"nixpkgs": "nixpkgs_4",
"nix-gaming": "nix-gaming",
"nixpkgs": "nixpkgs_5",
"nixpkgs-unstable": "nixpkgs-unstable",
"try-cli": "try-cli",
"voxtype": "voxtype",
"walker": "walker"
}
},
@@ -295,6 +413,21 @@
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
@@ -311,8 +444,10 @@
},
"try-cli": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_5"
"flake-parts": "flake-parts_2",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1770817563,
@@ -328,20 +463,43 @@
"type": "github"
}
},
"voxtype": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1775048999,
"narHash": "sha256-w35TNOdJcgMdt98XusY8DjmY4UPv3NQ7m+vR8oliWRU=",
"owner": "peteonrails",
"repo": "voxtype",
"rev": "f292b6e1c9dbcfe4cdc7f781048db8be16c40c18",
"type": "github"
},
"original": {
"owner": "peteonrails",
"repo": "voxtype",
"type": "github"
}
},
"walker": {
"inputs": {
"elephant": [
"elephant"
],
"nixpkgs": "nixpkgs_6",
"systems": "systems_2"
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_3"
},
"locked": {
"lastModified": 1771062828,
"narHash": "sha256-y1jBFFO0u+V21y3YldHZozrDwVJVrdC+o3c4M8/rasU=",
"lastModified": 1773675699,
"narHash": "sha256-GrormZ2KxchtCLuO90+5fioEQmlUCKBIil0Mzr9w0Iw=",
"owner": "abenz1267",
"repo": "walker",
"rev": "19b1104585305e0806b842af341630f72038a4b9",
"rev": "d2702235710da3d7daf55c912ca7534261cf20f5",
"type": "github"
},
"original": {

613
flake.nix
View File

@@ -4,6 +4,7 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
nix-gaming.url = "github:fufexan/nix-gaming";
disko.url = "github:nix-community/disko/latest";
impermanence.url = "github:nix-community/impermanence";
home-manager = {
@@ -14,578 +15,110 @@
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
inputs.nixpkgs.follows = "nixpkgs";
};
try-cli.url = "github:tobi/try-cli";
elephant.url = "github:abenz1267/elephant";
try-cli = {
url = "github:tobi/try-cli";
inputs.nixpkgs.follows = "nixpkgs";
};
elephant = {
url = "github:abenz1267/elephant";
# inputs.nixpkgs.follows = "nixpkgs";
};
walker = {
url = "github:abenz1267/walker";
inputs.elephant.follows = "elephant";
inputs.nixpkgs.follows = "nixpkgs";
};
voxtype = {
url = "github:peteonrails/voxtype";
inputs.nixpkgs.follows = "nixpkgs";
};
# hyprland-preview-share-picker = {
# url = "github:WhySoBad/hyprland-preview-share-picker";
# inputs.nixpkgs.follows = "nixpkgs";
# };
};
outputs = {
self,
nixpkgs,
nixpkgs-unstable,
nix-gaming,
impermanence,
disko,
home-manager,
try-cli,
voxtype,
walker,
# hyprland-preview-share-picker,
...
} @ inputs: let
lib = nixpkgs.lib;
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
pkgs-unstable = nixpkgs-unstable.legacyPackages.${system};
in {
nixosConfigurations = {
stationette = nixpkgs.lib.nixosSystem {
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
};
nix-gaming = inputs.nix-gaming.packages.${system};
pkgs-unstable = import nixpkgs-unstable {
inherit system;
config.allowUnfree = true;
};
mkHost = hostname: nixpkgs.lib.nixosSystem {
modules = [
./hardware-configuration.nix
disko.nixosModules.disko
impermanence.nixosModules.impermanence
./hardware
./system
home-manager.nixosModules.home-manager
{
# nix --extra-experimental-features "nix-command flakes" run github:nix-community/disko/latest#disko-install -- --flake ./#stationette --disk stationette --write-efi-boot-entries /dev/sda
disko.devices = {
disk = {
stationette = {
type = "disk";
device = "/dev/sda"; # Check this with lsblk
content = {
type = "gpt";
partitions = {
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "fmask=0022" "dmask=0022" "umask=0077" ];
};
};
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ]; # Force overwrite
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/persist" = {
mountpoint = "/persist";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/swap" = {
mountpoint = "/.swapvol";
swap.swapfile.size = "8G";
};
};
};
};
};
};
};
};
};
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
environment = {
persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/networkmanager"
"/var/lib/nixos"
"/etc/ssh"
"/var/lib/systemd/coredump"
"/etc/NetworkManager/system-connections"
];
files = [
"/etc/machine-id"
];
};
systemPackages = with pkgs; [
hyprpaper
libnotify
mako
qt6.qtwayland
hypridle
hyprlock
hyprpicker
wlogout
wl-clipboard
waybar
bat
highlight
btop
eza
fzf
neovim
ripgrep
tldr
unzip
openssl
wget
zip
zoxide
jq
git
lazygit
less
tree
tmux
tmuxinator
wget
zenity
gum
pkgs-unstable.yazi
rsync
p7zip
impala
xdg-terminal-exec
];
};
networking = {
hostName = "stationette";
networkmanager.enable = true;
wireless = {
iwd.enable = true;
networks = {
ssid = "Outskirt Stable";
psk = "SidonPhlegm";
};
};
firewall = {
enable = true;
# Ports used by Local Send
allowedTCPPorts = [ 53317 ];
allowedUDPPorts = [ 53317 ];
};
};
users.users.chris = {
uid = 1000;
isNormalUser = true;
initialPassword = "changeme123";
shell = pkgs.zsh;
extraGroups = [
"chris"
"wheel"
"networkmanager"
];
};
nixpkgs.config.allowUnfree = true;
programs = {
zsh = {
enable = true;
};
hyprland = {
enable = true;
package = pkgs-unstable.hyprland;
xwayland.enable = true;
};
steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
};
};
services = {
openssh.enable = true;
dbus.enable = true;
envfs.enable = true; # This ensures normal shebangs work (#!/bin/bash)
expressvpn.enable = true;
locate.enable = true;
displayManager = {
sddm = {
enable = true;
wayland.enable = true;
theme = "maya";
};
autoLogin.enable = true;
autoLogin.user = "chris";
defaultSession = "hyprland";
};
};
powerManagement.enable = true;
system.stateVersion = "25.11";
home-manager = {
users.chris = { pkgs, lib, ... }: {
home = {
file.".mozilla/firefox/default/search.json.mozlz4".force = lib.mkForce true;
username = "chris";
homeDirectory = "/home/chris";
enableNixpkgsReleaseCheck = false;
stateVersion = "25.11";
persistence."/persist" = {
directories = [
"Downloads"
"Tower"
"Code"
".steam"
".config/dotfiles"
".mozilla/firefox"
".config/nvim"
".config/yazi/plugins"
".config/nixos"
".config/sinew.in"
".local/share/direnv"
".local/share/nvim"
".local/share/zoxide"
".local/share/Enpass"
".local/share/Steam"
".ssh"
];
files = [
".config/shell/.env"
];
};
activation = {
setupDotfiles = lib.hm.dag.entryAfter ["writeBoundary"] ''
if [[ -v DRY_RUN ]]; then
echo "Dry run: Would bootstrap dotfiles from labs.scarif.space"
exit
fi
TEMP_DIR=$(mktemp -d)
DOTFILES_DIR="$HOME/.config/dotfiles"
DOTFILES_GIT_DIR="$DOTFILES_DIR/.git"
if [ ! -d "$DOTFILES_GIT_DIR" ]; then
echo "No local repository so cloning from remote"
SOURCE="https://labs.scarif.space/chris/dotfiles.git"
${pkgs.git}/bin/git clone -b main "$SOURCE" "$TEMP_DIR"
mv "$TEMP_DIR/.git" "$DOTFILES_GIT_DIR"
else
echo "Local repository found so cloning from there"
${pkgs.git}/bin/git clone -b main "$DOTFILES_GIT_DIR" "$TEMP_DIR"
${pkgs.git}/bin/git --git-dir="$DOTFILES_GIT_DIR" --work-tree="$TEMP_DIR" pull --rebase || true
fi
echo "Copying dot files to home"
${pkgs.coreutils}/bin/cp -rfT "$TEMP_DIR" "$HOME"
NVIM_DIR="$HOME/.config/nvim"
echo "Neovim config not initialised so initialising from remote"
${pkgs.git}/bin/git --git-dir="$DOTFILES_GIT_DIR" --work-tree="$HOME" submodule set-url ".config/nvim" https://labs.scarif.space/chris/nvim.git
${pkgs.git}/bin/git --git-dir="$DOTFILES_GIT_DIR" --work-tree="$HOME" submodule update --init || true
${pkgs.git}/bin/git --git-dir="$DOTFILES_GIT_DIR" --work-tree="$HOME" submodule set-url ".config/nvim" git@labs.scarif.space:chris/nvim.git
cd "$HOME"
echo "Cleanup"
${pkgs.coreutils}/bin/rm -rf "$TEMP_DIR"
${pkgs.coreutils}/bin/rm -rf "$HOME/.git" || true
echo "Dotfiles bootstrapped successfully."
'';
setupDevDirectories = lib.hm.dag.entryAfter ["writeBoundary"] ''
if [[ -v DRY_RUN ]]; then
echo "Dry run: Would create dev directories"
exit
fi
echo "Creating development directories"
for dir in "DevOps" "FSharp" "JavaScript" "Scala" "Rust" "PHP" "Tutorials" "Sites" "MobileApps" "Tries"; do
if [ ! -d "$HOME/Code/$dir" ]; then
mkdir -p "$HOME/Code/$dir"
fi
done
'';
};
packages = with pkgs; [
# jetbrains.rider
# android-studio
# beekeeper-studio
# brave
# go
# lua
direnv
wiremix
bluetui
spotify
nodePackages.pnpm
try-cli.packages.${system}.default
# (python3.withPackages (python-pkgs: [ python-pkgs.pip python-pkgs.requests ]))
# rustup
# zig
obsidian
mailspring
# thunderbird
# libreoffice-qt
# pkgs-unstable.nerd-fonts.fira-code
# hunspell
# blueberry
# pkgs-unstable.hyprshot
# catppuccin-cursors.macchiatoBlue
# catppuccin-gtk
# papirus-folders
# pkgs-unstable.php84Packages.composer
# pkgs-unstable.php84Packages.xdebug
# pkgs-unstable.php84Extensions.sqlite3
# pkgs-unstable.php84Extensions.redis
# pkgs-unstable.php84Extensions.sodium
# pkgs-unstable.php84Extensions.pgsql
# pkgs-unstable.php84Extensions.iconv
# pkgs-unstable.php84Extensions.gd
# pkgs-unstable.php84Extensions.zip
# php
antigravity
gimp
# kdePackages.dolphin
nautilus
enpass
enpass-cli
expressvpn
# jellyfin-ffmpeg
inkscape
krita
libreoffice-fresh
nextcloud-client
nodejs_24
signal-desktop
sxiv
tenacity
zathura
ghostty
yarn
uwsm
wally-cli
kdePackages.wacomtablet
# kdePackages.print-manager
mpv
vlc
imv
# telegram-desktop
];
};
xdg.mimeApps = {
enable = true;
defaultApplications = {
# Directories
"inode/directory" = [ "org.gnome.Nautilus.desktop" ];
# Images
"image/png" = [ "imv.desktop" ];
"image/jpeg" = [ "imv.desktop" ];
"image/gif" = [ "imv.desktop" ];
"image/webp" = [ "imv.desktop" ];
"image/bmp" = [ "imv.desktop" ];
"image/tiff" = [ "imv.desktop" ];
# Documents
"application/pdf" = [ "zathura.desktop" ];
# Web and Browser
"x-scheme-handler/http" = [ "firefox.desktop" ];
"x-scheme-handler/https" = [ "firefox.desktop" ];
"text/html" = [ "firefox.desktop" ];
# Video
"video/mp4" = [ "mpv.desktop" ];
"video/x-msvideo" = [ "mpv.desktop" ];
"video/x-matroska" = [ "mpv.desktop" ];
"video/x-flv" = [ "mpv.desktop" ];
"video/x-ms-wmv" = [ "mpv.desktop" ];
"video/mpeg" = [ "mpv.desktop" ];
"video/ogg" = [ "mpv.desktop" ];
"video/webm" = [ "mpv.desktop" ];
"video/quicktime" = [ "mpv.desktop" ];
"video/3gpp" = [ "mpv.desktop" ];
"video/3gpp2" = [ "mpv.desktop" ];
"video/x-ms-asf" = [ "mpv.desktop" ];
"video/x-ogm+ogg" = [ "mpv.desktop" ];
"video/x-theora+ogg" = [ "mpv.desktop" ];
"application/ogg" = [ "mpv.desktop" ];
# Mail
"x-scheme-handler/mailto" = [ "mailspring.desktop" ];
# Text and Code
"text/plain" = [ "nvim.desktop" ];
"text/english" = [ "nvim.desktop" ];
"text/x-makefile" = [ "nvim.desktop" ];
"text/x-c++hdr" = [ "nvim.desktop" ];
"text/x-c++src" = [ "nvim.desktop" ];
"text/x-chdr" = [ "nvim.desktop" ];
"text/x-csrc" = [ "nvim.desktop" ];
"text/x-java" = [ "nvim.desktop" ];
"text/x-moc" = [ "nvim.desktop" ];
"text/x-pascal" = [ "nvim.desktop" ];
"text/x-tcl" = [ "nvim.desktop" ];
"text/x-tex" = [ "nvim.desktop" ];
"application/x-shellscript" = [ "nvim.desktop" ];
"text/x-c" = [ "nvim.desktop" ];
"text/x-c++" = [ "nvim.desktop" ];
"application/xml" = [ "nvim.desktop" ];
"text/xml" = [ "nvim.desktop" ];
};
};
imports = [
inputs.walker.homeManagerModules.default
# inputs.elephant.homeManagerModules.default
];
systemd.user.services = {
walker = {
Unit.Description = "Walker - Application Runner";
Install.WantedBy = ["graphical-session.target"];
};
elephant = {
Unit.Description = "Elephant launcher backend";
Install.WantedBy = ["graphical-session.target"];
};
};
programs = let
lock-false = {
Value = false;
Status = "locked";
};
lock-true = {
Value = true;
Status = "locked";
};
in {
walker = {
enable = true;
runAsService = true;
};
elephant = {
enable = true;
installService = true;
};
firefox = {
enable = true;
package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
extraPolicies = {
DisableTelemetry = true;
DisableFirefoxStudies = true;
EnableTrackingProtection = {
Value= true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
DisablePocket = true;
DisableFirefoxAccounts = false;
DisableAccounts = false;
DisableFirefoxScreenshots = true;
OverrideFirstRunPage = "";
OverridePostUpdatePage = "";
DontCheckDefaultBrowser = true;
DisplayBookmarksToolbar = "always"; # alternatives: "always" or "newtab"
DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
SearchBar = "unified"; # alternative: "separate"
/* ---- EXTENSIONS ---- */
ExtensionSettings = {
"*".installation_mode = "allowed"; # blocks all addons except the ones specified below
# Enpass
"firefox-enpass@enpass.io" = {
install_url = "https://dl.enpass.io/stable/extensions/firefox/versions/v6.11.10.2/enpass_password_manager-6.11.10.2.xpi";
installation_mode = "force_installed";
};
};
/* ---- PREFERENCES ---- */
# Set preferences shared by all profiles.
Preferences = {
"browser.contentblocking.category" = { Value = "strict"; Status = "locked"; };
"extensions.pocket.enabled" = lock-false;
"extensions.screenshots.disabled" = lock-true;
"browser.topsites.contile.enabled" = lock-false;
"browser.formfill.enable" = lock-false;
"browser.search.suggest.enabled" = lock-false;
"browser.search.suggest.enabled.private" = lock-false;
"browser.urlbar.suggest.searches" = lock-false;
"browser.urlbar.showSearchSuggestionsFirst" = lock-false;
"browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false;
"browser.newtabpage.activity-stream.feeds.snippets" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false;
"browser.newtabpage.activity-stream.showSponsored" = lock-false;
"browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
"browser.newtabpage.activity-stream.feeds.section.highlights" = false;
};
};
};
profiles = {
default = {
id = 0;
name = "default";
isDefault = true;
search = {
default = "holocron";
order = [ "holocron" "google" ];
engines= {
holocron = {
name = "Holocron";
urls = [{
template = "https://holocron.scarif.space/search";
params = [
{ name = "q"; value = "{searchTerms}"; }
];
}];
icon = "https://holocron.scarif.space/favicon.ico";
definedAliases = [ "@h" ];
};
bing.metaData.hidden = true;
ebay.metaData.hidden = true;
perplexity.metaData.hidden = true;
};
};
};
};
};
};
nixpkgs = {
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
permittedInsecurePackages = [
"electron-25.9.0" # Obsidian
"beekeeper-studio-5.3.4"
];
};
};
};
users.chris = import ./home;
extraSpecialArgs = {
inherit inputs;
inherit pkgs-unstable;
inherit try-cli;
inherit voxtype;
inherit walker;
inherit impermanence;
inherit hostname;
};
};
}
];
specialArgs = {
inherit inputs;
inherit pkgs-unstable;
inherit impermanence;
inherit disko;
inherit hostname;
inherit nix-gaming;
};
};
in {
nixosConfigurations = {
stationette = mkHost "stationette";
station = mkHost "station";
};
# Standalone home-manager configuration entrypoint
#homeConfigurations = {
# chris = home-manager.lib.homeManagerConfiguration {
# inherit pkgs;
# extraSpecialArgs = {
# inherit inputs;
# };
# modules = [
# ./home
# ];
# };
#};
homeConfigurations = {
chris = home-manager.lib.homeManagerConfiguration {
inherit pkgs;
extraSpecialArgs = {
inherit inputs;
inherit pkgs-unstable;
inherit try-cli;
inherit voxtype;
inherit walker;
inherit impermanence;
};
modules = [
./home
];
};
};
nix.settings = {
extra-substituters = [
"https://walker.cachix.org"
@@ -595,6 +128,8 @@
"walker.cachix.org-1:fG8q+uAaMqhsMxWjwvk0IMb4mFPFLqHjuvfwQxE4oJM="
"walker-git.cachix.org-1:vmC0ocfPWh0S/vRAQGtChuiZBTAe4wiKDeyyXM0/7pM="
];
substituters = ["https://nix-gaming.cachix.org"];
trusted-public-keys = ["nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="];
};
};
}

69
hardware-configuration.nix
View File

@@ -1,69 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-partlabel/disk-stationette-root";
fsType = "btrfs";
options = [ "subvol=root" ];
};
boot.initrd.postDeviceCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-stationette-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date +%Y-%m-%d_%H-%M-%S)
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9 -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +7); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
fileSystems."/persist" = {
device = "/dev/disk/by-partlabel/disk-stationette-root";
neededForBoot = true;
fsType = "btrfs";
options = [ "subvol=persist" ];
};
fileSystems."/nix" = {
device = "/dev/disk/by-partlabel/disk-stationette-root";
neededForBoot = true;
fsType = "btrfs";
options = [ "subvol=nix" ];
};
fileSystems."/boot" = {
device = "/dev/disk/by-partlabel/disk-stationette-ESP";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" "umask=0077" ];
};
swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

10
hardware/default.nix Normal file
View File

@@ -0,0 +1,10 @@
{ hostname, ... }:
{
imports = [
./disko.nix
./filesystem.nix
./mounts.nix
./${hostname}-hardware-configuration.nix
];
}

63
hardware/disko.nix Normal file
View File

@@ -0,0 +1,63 @@
{ disko, hostname, ... }:
let
mkDisk = { hostname, drive }: {
type = "disk";
# Check this with lsblk
device = drive;
content = {
type = "gpt";
partitions = {
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "fmask=0022" "dmask=0022" "umask=0077" ];
};
};
root = {
size = "100%";
content = {
type = "btrfs";
# Force overwrite
extraArgs = [ "-f" ];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/persist" = {
mountpoint = "/persist";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/swap" = {
mountpoint = "/.swapvol";
swap.swapfile.size = "8G";
};
};
};
};
};
};
};
in
# nix --extra-experimental-features "nix-command flakes" run github:nix-community/disko/latest#disko-install -- --flake ./#${hostname} --disk stationette --write-efi-boot-entries ${drive}
{
imports = [ disko.nixosModules.disko ];
disko.devices = {
disk = {
"${hostname}" = mkDisk {
inherit hostname;
drive = if hostname == "station" then "/dev/nvme0n1" else "/dev/sda";
};
};
};
}

66
hardware/filesystem.nix Normal file
View File

@@ -0,0 +1,66 @@
{ config, lib, pkgs, modulesPath, hostname, ... }:
let
rootDisk = "/dev/disk/by-partlabel/disk-${hostname}-root";
bootDisk = "/dev/disk/by-partlabel/disk-${hostname}-ESP";
in
{
boot.initrd.postDeviceCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount ${rootDisk} /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date +%Y-%m-%d_%H-%M-%S)
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9 -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +7); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
# fileSystems."/" = {
# device = rootDisk;
# fsType = "btrfs";
# options = [ "subvol=root" ];
# };
#
# fileSystems."/persist" = {
# device = rootDisk;
# neededForBoot = true;
# fsType = "btrfs";
# options = [ "subvol=persist" ];
# };
#
# fileSystems."/nix" = {
# device = rootDisk;
# neededForBoot = true;
# fsType = "btrfs";
# options = [ "subvol=nix" ];
# };
#
# fileSystems."/boot" = {
# device = bootDisk;
# fsType = "vfat";
# options = [ "fmask=0022" "dmask=0022" "umask=0077" ];
# };
#
# swapDevices = [ {
# device = "/.swapvol/swapfile";
# } ];
fileSystems."/persist".neededForBoot = true;
fileSystems."/nix".neededForBoot = true;
}

13
mounts.nix → hardware/mounts.nix
View File

@@ -30,5 +30,18 @@
"noauto"
];
};
"/home/chris/Games" = {
device = "/dev/disk/by-label/Games";
fsType = "ext4";
options = [
"defaults"
"x-systemd.mount-timeout=5"
"user"
"exec"
"x-systemd.automount"
"noauto"
];
};
};
}

18
hardware/station-hardware-configuration.nix Normal file
View File

@@ -0,0 +1,18 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

16
hardware/stationette-hardware-configuration.nix Normal file
View File

@@ -0,0 +1,16 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

103
home/default.nix Normal file
View File

@@ -0,0 +1,103 @@
{ pkgs, lib, ... }:
{
imports = [
./packages.nix
./programs.nix
./hooks.nix
./impermanence.nix
./services.nix
];
home = {
username = "chris";
homeDirectory = "/home/chris";
enableNixpkgsReleaseCheck = false;
stateVersion = "25.11";
};
xdg.mimeApps = {
enable = true;
defaultApplications = {
# Directories
"inode/directory" = [ "org.gnome.Nautilus.desktop" ];
# Images
"image/png" = [ "imv.desktop" ];
"image/jpeg" = [ "imv.desktop" ];
"image/gif" = [ "imv.desktop" ];
"image/webp" = [ "imv.desktop" ];
"image/bmp" = [ "imv.desktop" ];
"image/tiff" = [ "imv.desktop" ];
# Documents
"application/pdf" = [ "zathura.desktop" ];
# Web and Browser
"x-scheme-handler/http" = [ "firefox.desktop" ];
"x-scheme-handler/https" = [ "firefox.desktop" ];
"text/html" = [ "firefox.desktop" ];
# Video
"video/mp4" = [ "mpv.desktop" ];
"video/x-msvideo" = [ "mpv.desktop" ];
"video/x-matroska" = [ "mpv.desktop" ];
"video/x-flv" = [ "mpv.desktop" ];
"video/x-ms-wmv" = [ "mpv.desktop" ];
"video/mpeg" = [ "mpv.desktop" ];
"video/ogg" = [ "mpv.desktop" ];
"video/webm" = [ "mpv.desktop" ];
"video/quicktime" = [ "mpv.desktop" ];
"video/3gpp" = [ "mpv.desktop" ];
"video/3gpp2" = [ "mpv.desktop" ];
"video/x-ms-asf" = [ "mpv.desktop" ];
"video/x-ogm+ogg" = [ "mpv.desktop" ];
"video/x-theora+ogg" = [ "mpv.desktop" ];
"application/ogg" = [ "mpv.desktop" ];
# Mail
"x-scheme-handler/mailto" = [ "mailspring.desktop" ];
# Text and Code
"text/plain" = [ "nvim.desktop" ];
"text/english" = [ "nvim.desktop" ];
"text/x-makefile" = [ "nvim.desktop" ];
"text/x-c++hdr" = [ "nvim.desktop" ];
"text/x-c++src" = [ "nvim.desktop" ];
"text/x-chdr" = [ "nvim.desktop" ];
"text/x-csrc" = [ "nvim.desktop" ];
"text/x-java" = [ "nvim.desktop" ];
"text/x-moc" = [ "nvim.desktop" ];
"text/x-pascal" = [ "nvim.desktop" ];
"text/x-tcl" = [ "nvim.desktop" ];
"text/x-tex" = [ "nvim.desktop" ];
"application/x-shellscript" = [ "nvim.desktop" ];
"text/x-c" = [ "nvim.desktop" ];
"text/x-c++" = [ "nvim.desktop" ];
"application/xml" = [ "nvim.desktop" ];
"text/xml" = [ "nvim.desktop" ];
};
};
# systemd.user = {
# enable = true;
# timers = {
# "station-battery-monitor" = {
# wantedBy = [ "timers.target" ];
# timerConfig = {
# OnBootSec = "1min";
# OnUnitActiveSec = "30sec";
# Unit = "station-battery-monitor.service";
# };
# };
# };
# services = {
# "station-battery-monitor" = {
# after = [ "graphical-session.target" ];
# serviceConfig = {
# Type = "oneshot";
# ExecStart = "%h/.local/share/omarchy/bin/omarchy-battery-monitor";
# Environment = "DISPLAY=:0";
# LogLevelMax = "warning";
# };
# };
# };
# };
}

95
home/hooks.nix Normal file
View File

@@ -0,0 +1,95 @@
{ lib, pkgs, ... }:
{
home.activation = {
setupDotfiles = lib.hm.dag.entryAfter ["writeBoundary"] ''
if [[ -v DRY_RUN ]]; then
echo "Dry run: Would bootstrap dotfiles from labs.scarif.space"
exit
fi
TEMP_DIR=$(mktemp -d)
DOTFILES_DIR="$HOME/.config/dotfiles"
DOTFILES_GIT_DIR="$DOTFILES_DIR/.git"
if [ ! -d "$DOTFILES_GIT_DIR" ]; then
echo "No local repository so cloning from remote"
SOURCE="https://labs.scarif.space/chris/dotfiles.git"
${pkgs.git}/bin/git clone -b main "$SOURCE" "$TEMP_DIR"
mv "$TEMP_DIR/.git" "$DOTFILES_GIT_DIR"
else
echo "Local repository found so cloning from there"
${pkgs.git}/bin/git clone -b main "$DOTFILES_GIT_DIR" "$TEMP_DIR"
${pkgs.git}/bin/git --git-dir="$DOTFILES_GIT_DIR" --work-tree="$TEMP_DIR" pull --rebase || true
fi
echo "Copying dot files to home"
${pkgs.coreutils}/bin/cp -rfT "$TEMP_DIR" "$HOME"
NVIM_DIR="$HOME/.config/nvim"
echo "Neovim config not initialised so initialising from remote"
${pkgs.git}/bin/git --git-dir="$DOTFILES_GIT_DIR" --work-tree="$HOME" submodule set-url ".config/nvim" https://labs.scarif.space/chris/nvim.git
${pkgs.git}/bin/git --git-dir="$DOTFILES_GIT_DIR" --work-tree="$HOME" submodule update --init || true
${pkgs.git}/bin/git --git-dir="$DOTFILES_GIT_DIR" --work-tree="$HOME" submodule set-url ".config/nvim" git@labs.scarif.space:chris/nvim.git
cd "$HOME"
echo "Cleanup"
${pkgs.coreutils}/bin/rm -rf "$TEMP_DIR"
${pkgs.coreutils}/bin/rm -rf "$HOME/.git" || true
echo "Dotfiles bootstrapped successfully."
'';
setupDevDirectories = lib.hm.dag.entryAfter ["writeBoundary"] ''
if [[ -v DRY_RUN ]]; then
echo "Dry run: Would create dev directories"
exit
fi
echo "Creating development directories"
for dir in "DevOps" "FSharp" "JavaScript" "Scala" "Rust" "PHP" "Tutorials" "Sites" "MobileApps" "Tries"; do
if [ ! -d "$HOME/Code/$dir" ]; then
mkdir -p "$HOME/Code/$dir"
fi
done
'';
setupInitialConfigs = lib.hm.dag.entryAfter ["writeBoundary"] ''
if [[ -v DRY_RUN ]]; then
echo "Dry run: Would copy initial config files"
exit
fi
DEST_FILE="$HOME/.config/sinew.in/Enpass.conf"
if [ ! -f "$DEST_FILE" ]; then
mkdir -p "$(dirname "$DEST_FILE")"
cp "${../initial-configs/Enpass.conf}" "$DEST_FILE"
fi
DEST_FILE="$HOME/.config/obsidian/obsidian.json"
if [ ! -f "$DEST_FILE" ]; then
mkdir -p "$(dirname "$DEST_FILE")"
cp "${../initial-configs/obsidian.json}" "$DEST_FILE"
fi
'';
setupDefaultWallpaper = lib.hm.dag.entryAfter ["writeBoundary"] ''
if [[ -v DRY_RUN ]]; then
echo "Dry run: Would copy wallpaper and initialise colour scheme if not set"
exit
fi
WALLPAPER_FILE="$HOME/.config/station/current/background"
if [ ! -f "$WALLPAPER_FILE" ]; then
mkdir -p "$(dirname "$WALLPAPER_FILE")"
ln -nsf ${../default_wallpaper.png} "$WALLPAPER_FILE"
fi
if [ ! -f "$HOME/.config/wal/colors" ]; then
${pkgs.pywal16}/bin/wal -i "$WALLPAPER_FILE"
fi
'';
};
}

46
home/impermanence.nix Normal file
View File

@@ -0,0 +1,46 @@
{ impermanence, ... }:
{
#imports = [ impermanence.nixosModules.impermanence ];
home.persistence."/persist" = {
directories = [
".cache/Nextcloud"
".cache/wal"
".cache/zsh"
".config/.gemini"
".config/Antigravity"
".config/Nextcloud"
".config/chromium"
".config/dotfiles"
".config/nixos"
".config/Signal"
".config/nvim"
".config/obsidian"
".config/sinew.in"
".config/spotify"
".config/superProductivity"
".config/yazi/plugins"
".local/share/android"
".local/share/Enpass"
".local/share/Steam"
".local/share/direnv"
".local/share/keyrings"
".local/share/krita"
".local/share/nvim"
".local/share/station"
".local/share/voxtype"
".local/share/zoxide"
".local/state/station"
".local/state/wireplumber"
".mozilla/firefox"
".ssh"
".steam"
"Code"
"Downloads"
"Tower"
];
files = [
".config/shell/.env"
];
};
}

79
home/packages.nix Normal file
View File

@@ -0,0 +1,79 @@
{ pkgs, pkgs-unstable, try-cli, nix-direnv, ... }:
let
krita-appimage = pkgs.callPackage ../packages/krita.nix { };
enpass = pkgs.enpass.overrideAttrs (oldAttrs: rec {
version = "6.11.13.1957";
src = pkgs.fetchurl {
url = "https://apt.enpass.io/pool/main/e/enpass/enpass_${version}_amd64.deb";
sha256 = "2d8c90643851591aff41057b380a7e87bb839bf5c5aa0ca1456144e9996c902a";
};
});
in
{
nixpkgs = {
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
permittedInsecurePackages = [
"electron-25.9.0" # Obsidian
"beekeeper-studio-5.3.4"
];
};
};
home.packages = with pkgs; [
pkgs-unstable.antigravity # Gemini AI coding assistant
bluetui # Bluetooth TUI
enpass # Password manager
enpass-cli # Enpass CLI tool
expressvpn # VPN
ffmpeg # Video tools
ffmpegthumbnailer # Video thumbnailer
pkgs-unstable.gemini-cli # Gemini AI CLI tool
ghostty # Terminal emulator
gimp # Image manipulation software
gpu-screen-recorder # GPU screen recorder for Linux
imv # Image viewer
inkscape # Vector graphics software
krita-appimage # Custom digital art software (from AppImage)
libreoffice-fresh # Office suite
lunar-client # Minecraft launcher
mpv # Video player
nautilus # Document viewer
nextcloud-client # Nextcloud sync client
obsidian # Notes software
signal-desktop # Messaging
spotify # Music
super-productivity # Task app
sxiv # Minimal image viewer
tenacity # Audio software
thunderbird # Mail client
try-cli.packages.${pkgs.system}.default # Try CLI tool
wally-cli # Keyboard flasher
wiremix # Audio mixer TUI
xournalpp # Handwriting note-taking software
yad # For creating dialogs during install script
zenity # For creating dialogs during install script
zathura # Minimal PDF viewer
];
xdg.desktopEntries.enpass = {
type = "Application";
name = "Enpass";
genericName = "Enpass Password Manager";
icon = "enpass";
terminal = false;
exec = "env QT_SCREEN_SCALE_FACTORS=2 ${enpass}/bin/Enpass %U";
mimeType = [
"x-scheme-handler/enpassauth"
"x-scheme-handler/enpasscard"
"x-scheme-handler/enpassstart"
"x-scheme-handler/enpass"
"x-scheme-handler/cloudkit-7adb8cc64f.in.sinew.walletx"
"x-scheme-handler/enpassshare"
"application/enpasscard"
];
categories = [ "Utility" ];
};
}

136
home/programs.nix Normal file
View File

@@ -0,0 +1,136 @@
{ pkgs, lib, voxtype, walker, ... }:
{
imports = [
walker.homeManagerModules.default
voxtype.homeManagerModules.default
];
programs = let
lock-false = {
Value = false;
Status = "locked";
};
lock-true = {
Value = true;
Status = "locked";
};
in {
direnv = {
enable = true;
nix-direnv.enable = true;
};
walker = {
enable = true;
config = {};
runAsService = true;
};
elephant = {
enable = true;
};
waybar = {
enable = true;
systemd.enable = true;
};
voxtype = {
enable = true;
package = voxtype.packages.${pkgs.system}.vulkan;
service.enable = true;
settings = {};
};
chromium = {
enable = true;
extensions = [
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin
"kmcfomidfpdkfieipokbalgegidffkal" # Enpass
];
};
firefox = {
enable = true;
package = pkgs.wrapFirefox pkgs.firefox-unwrapped {
extraPolicies = {
DisableTelemetry = true;
DisableFirefoxStudies = true;
EnableTrackingProtection = {
Value= true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
DisablePocket = true;
DisableFirefoxAccounts = false;
DisableAccounts = false;
DisableFirefoxScreenshots = true;
OverrideFirstRunPage = "";
OverridePostUpdatePage = "";
DontCheckDefaultBrowser = true;
DisplayBookmarksToolbar = "always"; # alternatives: "always" or "newtab"
DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
SearchBar = "unified"; # alternative: "separate"
/* ---- EXTENSIONS ---- */
ExtensionSettings = {
"*".installation_mode = "allowed"; # blocks all addons except the ones specified below
# Enpass
"firefox-enpass@enpass.io" = {
install_url = "https://dl.enpass.io/stable/extensions/firefox/versions/v6.11.10.2/enpass_password_manager-6.11.10.2.xpi";
installation_mode = "force_installed";
};
};
/* ---- PREFERENCES ---- */
Preferences = {
"browser.contentblocking.category" = { Value = "strict"; Status = "locked"; };
"extensions.pocket.enabled" = lock-false;
"extensions.screenshots.disabled" = lock-true;
"browser.topsites.contile.enabled" = lock-false;
"browser.formfill.enable" = lock-false;
"browser.search.suggest.enabled" = lock-false;
"browser.search.suggest.enabled.private" = lock-false;
"browser.urlbar.suggest.searches" = lock-false;
"browser.urlbar.showSearchSuggestionsFirst" = lock-false;
"browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false;
"browser.newtabpage.activity-stream.feeds.snippets" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false;
"browser.newtabpage.activity-stream.showSponsored" = lock-false;
"browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
"browser.newtabpage.activity-stream.feeds.section.highlights" = false;
};
};
};
profiles = {
default = {
id = 0;
name = "default";
isDefault = true;
search = {
default = "holocron";
order = [ "holocron" "google" ];
engines= {
holocron = {
name = "Holocron";
urls = [{
template = "https://holocron.scarif.space/search";
params = [
{ name = "q"; value = "{searchTerms}"; }
];
}];
icon = "https://holocron.scarif.space/favicon.ico";
definedAliases = [ "@h" ];
};
bing.metaData.hidden = true;
ebay.metaData.hidden = true;
perplexity.metaData.hidden = true;
};
};
};
};
};
};
xdg.configFile."voxtype/config.toml".enable = false;
home.file.".icons/default".source = "${pkgs.vimix-cursors}/share/icons/Vimix-white-cursors";
home.file.".mozilla/firefox/default/search.json.mozlz4".force = lib.mkForce true;
}

7
home/services.nix Normal file
View File

@@ -0,0 +1,7 @@
{ ... }:
{
services = {
swayosd.enable = true;
};
}

34
initial-configs/Enpass.conf Normal file
View File

@@ -0,0 +1,34 @@
[General]
ALWAYS_SAVE_TO_TEAM=local
ALWAYS_SAVE_TO_VAULT=primary
ChangedLocationPath=/home/chris/.local/share/Enpass/Enpass/
DEVICE_UUID=e2b61cfc-4671-485c-a848-90df077d3a25
LAST_SELECTED_LANGUAGE=default
QUICKSETUP_SHOWN=true
SELECTED_LANGUAGE=default
assets_copied1=0
detailPaneTabWidth=0
masterPaneDesktopWidth=260
masterPaneTabWidth=240
sidePaneDesktopWidth=220
[Backup]
MajorCount=8
MinorCount=0
changedBackupPath=/home/chris/.local/share/Enpass/Backups/
lastMajorCountTime=1772996878
lastMinorCountTime=0
[%General]
autorunAtSystemStartup6=true
avoidSubscriptionDialog=true
hiddenCategories\size=0
useDarkTheme=true
[mainWindow]
height=508
screen=eDP-1
visibility=2
width=941
x=967
y=560

13
initial-configs/obsidian.json Normal file
View File

@@ -0,0 +1,13 @@
{
"vaults": {
"default": {
"path": "/home/chris/Tower/Documents/Notes",
"ts": 1773591361639,
"open": true
},
"rpg": {
"path": "/home/chris/Tower/Documents/Areas/RPG",
"ts": 1773591361639
}
}
}

1
initial-configs/passwords/chris Normal file
View File

@@ -0,0 +1 @@
$6$MCVd.EUOYYB0A1eS$S1/gSfAq1c2dBCofvJp9RtW.o5mLi78h0Y39LABIeIauPRjlEny/1R5aXEA7uPrZ3TPxhnYOYxTdbCi0imFZp.

40
packages/krita.nix Normal file
View File

@@ -0,0 +1,40 @@
{
lib,
appimageTools,
fetchurl,
makeWrapper
}:
let
version = "6.0.1";
pname = "krita-appimage";
src = fetchurl {
url = "https://download.kde.org/stable/krita/${version}/krita-${version}-x86_64.AppImage";
hash = "sha256-lzIgaqZiTnUOW5FSRF+1ROpj3RASWC390aLVFSBBTQo=";
};
appimageContents = appimageTools.extract { inherit pname version src; };
in
appimageTools.wrapType2 {
inherit pname version src;
extraInstallCommands = ''
install -m 444 -D ${appimageContents}/org.kde.krita.desktop $out/share/applications/krita.desktop
install -m 444 -D ${appimageContents}/krita.png $out/share/icons/hicolor/256x256/apps/krita.png
substituteInPlace $out/share/applications/krita.desktop \
--replace-fail "Exec=krita" "Exec=krita-appimage"
source ${makeWrapper}/nix-support/setup-hook
wrapProgram $out/bin/${pname} \
--set FONTCONFIG_FILE /etc/fonts/fonts.conf
'';
meta = {
description = "Digital painting and illustration application";
homepage = "https://krita.org";
license = lib.licenses.gpl3Only;
platforms = [ "x86_64-linux" ];
maintainers = with lib.maintainers; [ ];
};
}

74
system/boot.nix Normal file
View File

@@ -0,0 +1,74 @@
{ pkgs, hostname, ... }:
let
# Found by running sudo btrfs inspect-internal map-swapfile -r /.swapvol/swapfile
hibernateBootOffsets = {
stationette = "533760";
station = "533760";
};
resumeOffset = hibernateBootOffsets."${hostname}" or "0";
in
{
boot = {
loader = {
limine = {
enable = true;
extraConfig = ''
timeout: 3
default_entry: 2
interface_branding: Station Bootloader
interface_branding_color: 2
hash_mismatch_panic: no
term_background: 1a1b26
backdrop: 1a1b26
# Tokyo Night palette
term_palette: 15161e;f7768e;9ece6a;e0af68;7aa2f7;bb9af7;7dcfff;a9b1d6
term_palette_bright: 414868;f7768e;9ece6a;e0af68;7aa2f7;bb9af7;7dcfff;c0caf5
term_foreground: c0caf5
term_foreground_bright: c0caf5
term_background_bright: 24283b
'';
};
efi.canTouchEfiVariables = true;
# timeout = 0; # Skips the menu and uses default entry
};
# Creates a cool animation for booting
plymouth = {
enable = true;
theme = "black_hud";
themePackages = with pkgs; [
(adi1090x-plymouth-themes.override {
selected_themes = [ "black_hud" ];
})
];
};
initrd.verbose = false;
kernelParams = [
"resume_offset=${resumeOffset}"
"quiet"
"udev.log_level=3"
"systemd.show_status=auto"
"splash"
];
bootspec.enable = true;
resumeDevice = "/dev/disk/by-partlabel/disk-${hostname}-root";
kernel.sysctl = {
"net.ipv4.ip_unprivileged_port_start" = 0;
};
};
systemd = {
settings = {
Manager = {
DefaultTimeoutStopSec = "5s";
};
};
};
}

18
system/default.nix Normal file
View File

@@ -0,0 +1,18 @@
{ ... }:
{
imports = [
./boot.nix
./impermanence.nix
./networking.nix
./packages.nix
./services.nix
./users.nix
./programs.nix
./fonts.nix
./hardware.nix
./sound.nix
./virtualisation.nix
./time.nix
];
}

23
system/fonts.nix Normal file
View File

@@ -0,0 +1,23 @@
{ pkgs, ... }:
{
fonts = {
packages = with pkgs; [
nerd-fonts.jetbrains-mono
nerd-fonts.fira-code
noto-fonts
noto-fonts-cjk-sans
noto-fonts-color-emoji
liberation_ttf
];
fontconfig = {
enable = true;
defaultFonts = {
monospace = [ "JetBrainsMono Nerd Font" ];
sansSerif = [ "Noto Sans" ];
serif = [ "Noto Serif" ];
};
};
};
}

16
system/hardware.nix Normal file
View File

@@ -0,0 +1,16 @@
{ ... }:
{
hardware = {
bluetooth.enable = true;
graphics = {
enable = true;
enable32Bit = true;
};
opentabletdriver.enable = true;
uinput.enable = true;
};
boot.kernelModules = [ "uinput" ];
}

24
system/impermanence.nix Normal file
View File

@@ -0,0 +1,24 @@
{ impermanence, ... }:
# Define which files and directories should persist between boots
{
imports = [ impermanence.nixosModules.impermanence ];
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/networkmanager"
"/var/lib/docker"
"/var/lib/nixos"
"/var/lib/systemd/coredump"
"/etc/NetworkManager/system-connections"
"/etc/ssh"
];
files = [
"/etc/machine-id"
];
};
}

53
system/networking.nix Normal file
View File

@@ -0,0 +1,53 @@
{ hostname, ... }:
{
networking = {
hostName = hostname;
networkmanager.enable = true;
wireless = {
iwd.enable = true;
networks = {
ssid = "Outskirt Stable";
psk = "SidonPhlegm";
};
};
firewall = {
enable = true;
# Ports used by Local Send
allowedTCPPorts = [
53317
8001
8002
8003
8004
];
allowedUDPPorts = [
53317
8001
8002
8003
8004
];
extraCommands = "
iptables -I nixos-fw 1 -i br+ -j ACCEPT
";
extraStopCommands = "
iptables -D nixos-fw -i br+ -j ACCEPT
";
};
hosts = {
"127.0.0.1" = [
"localhost"
"host.docker.internal"
"runcats.test"
"dev.runcats.test"
"landing.runcats.test"
"api.runcats.test"
"mail.runcats.test"
"kibana.runcats.test"
"img.runcats.test"
"docs.runcats.test"
];
};
};
}

87
system/packages.nix Normal file
View File

@@ -0,0 +1,87 @@
{ pkgs, pkgs-unstable, nix-gaming, ... }:
{
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
# hyprland-preview-share-picker.packages.${system}.default # Hyprland share picker TODO: Figure out and configure
bat # Better cat
brightnessctl # Backlight control
btop # Resource monitor
cargo # Rust build tool
clippy # Rust linter
eza # Better ls
fcitx5 # Input method framework TODO: Figure out and configure
fzf # Fuzzy file finder
gcc # C compiler
git # Git
gnome-calculator # Calculator TODO: Find a better TUI calculator
gnome-keyring
grim # Screenshot tool TODO: Figure out and configure
gum # Terminal UI tool
highlight # Syntax highlighting tool TODO: Hook up to ZSH
hyprcursor # Hyprland cursor theme support
hypridle # Idle daemon for Hyprland
hyprlock # Screen locker for Hyprland
hyprpaper # Wallpaper utility for Hyprland TODO: Check if necessary with swaybg
hyprpicker # Hyprland colour picker
imagemagick # Image manipulation tool
impala # Wifi TUI
jq # CLI JSON processor
lazygit # Git TUI
less # Pager
libnotify # Notification daemon
localsend # Local file sharing tool
makima # Key remapper for Linux TODO: Figure out and configure
mako # Notification daemon
pkgs-unstable.neovim # Editor
nix-gaming.mo2installer
nodePackages.pnpm # JavaScript package manager (used by Neovim plugins)
tree-sitter # Incremental parsing tool for editors
nodejs_24 # JavaScript runtime
openssl # SSL/TLS toolkit
p7zip # 7-Zip archiver
pipewire
pkgs-unstable.yazi # Terminal file manager
pywal16 # Image colorscheme generator
qt6.qtwayland # qtwayland support
ripgrep # Better grep
rsync # Remote file sync
rustc # Rust compiler
rustfmt # Rust formatter
satty # Screenshot editor TODO: Figure out and configure
seahorse # GNOME Keyring manager
sshpass # SSH with password in CLI, used by install scripts
swaybg # Wayland wallpaper utility
tldr # Simplified man pages
tmux # Terminal multiplexer
tmuxinator # Tmux configurator
tree # Tree structure viewing Tool
unzip # Compressing tool
uwsm # Universal Wayland Session Manager
v4l-utils # Video4Linux utilities TODO: Figure out why I need this
waybar # Status bar for Hyprland
wget # Download tool
pkgs-unstable.wineWow64Packages.stable # Wine packages for 64-bit and 32-bit support
pkgs-unstable.winetricks # Windows compatibility tool
wl-clipboard # Wayland clipboard manager
wlogout # Wayland logout menu
xdg-terminal-exec # XDG terminal execution utility
yarn # JavaScript package manager
zip # Archiver tool
zoxide # Better cd
];
systemd = {
packages = with pkgs; [
uwsm
];
};
system = {
autoUpgrade = {
enable = true;
allowReboot = false;
runGarbageCollection = true;
};
};
}

47
system/programs.nix Normal file
View File

@@ -0,0 +1,47 @@
{ pkgs, pkgs-unstable, hostname, ... }:
{
programs = {
# Easy file sharing on local network
localsend = {
enable = true;
openFirewall = true;
};
nix-ld.enable = true;
zsh = {
enable = true;
};
hyprland = {
enable = true;
package = pkgs-unstable.hyprland;
portalPackage = pkgs-unstable.xdg-desktop-portal-hyprland;
xwayland.enable = true;
withUWSM = true;
};
steam = {
enable = hostname == "station";
package = pkgs-unstable.steam;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
protontricks.enable = true;
};
chromium = {
enable = true;
extraOpts = {
"BrowserSignin" = 0;
"SyncDisabled" = true;
"PasswordManagerEnabled" = false;
"SpellcheckEnabled" = true;
"SpellcheckLanguage" = [
"en-GB"
];
};
};
};
environment = {
pathsToLink = [
"/share/uwsm"
];
};
}

32
system/services.nix Normal file
View File

@@ -0,0 +1,32 @@
{ ... }:
{
services = {
openssh.enable = true;
dbus.enable = true;
envfs.enable = true; # This ensures normal shebangs work (#!/bin/bash)
expressvpn.enable = true;
locate.enable = true;
fwupd.enable = true;
"power-profiles-daemon".enable = true;
upower = {
enable = true;
percentageLow = 20;
percentageCritical = 5;
percentageAction = 3;
criticalPowerAction = "Hibernate";
};
displayManager = {
sddm = {
enable = true;
wayland.enable = true;
theme = "maya";
};
autoLogin.enable = true;
autoLogin.user = "chris";
defaultSession = "hyprland-uwsm";
};
gnome.gnome-keyring.enable = true;
};
security.pam.services.sddm.enableGnomeKeyring = true;
}

11
system/sound.nix Normal file
View File

@@ -0,0 +1,11 @@
{ ... }:
{
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
}

5
system/time.nix Normal file
View File

@@ -0,0 +1,5 @@
{...}:
{
time.timeZone = "Europe/London";
}

31
system/users.nix Normal file
View File

@@ -0,0 +1,31 @@
{ pkgs, ... }:
{
users.users.chris = {
uid = 1000;
isNormalUser = true;
hashedPasswordFile = "/persist/passwords/chris";
shell = pkgs.zsh;
extraGroups = [
"chris"
"wheel"
"networkmanager"
"docker"
];
};
system.activationScripts = {
setupInitialPassword = {
text = ''
# Ensure the directory exists
mkdir -p /persist/passwords
# Copy the initial hash if the file is missing
if [ ! -f /persist/passwords/chris ]; then
cp ${../initial-configs/passwords/chris} /persist/passwords/chris
chmod 600 /persist/passwords/chris
chown root:root /persist/passwords/chris
fi
'';
};
};
}

10
system/virtualisation.nix Normal file
View File

@@ -0,0 +1,10 @@
{ ... }:
{
virtualisation = {
docker = {
enable = true;
autoPrune.enable = true;
};
};
}