schmittlauch/nixconfigs
2
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

[treewide] reformat all files with nixfmt-rfc-style

Browse source
This commit is contained in:
Trolli Schmittlauch 2024-03-16 17:18:20 +01:00
parent 3a31c21ae2
commit 2bdff39416
17 changed files with 653 additions and 531 deletions
Download patch file Download diff file Expand all files Collapse all files

169
common/default.nix
View file

@ -1,20 +1,22 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
inputs = config.inputInjection.flake-inputs;
unstable = inputs.nixos-unstable;
in
{
imports =
[
./packages.nix
./nitrokey.nix
];
imports = [
./packages.nix
./nitrokey.nix
];
services.davfs2.enable = true;
# exfat support
#boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
@ -38,11 +40,10 @@ in
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
programs.bash.enableCompletion = true;
programs.wireshark =
{
enable = true;
package = pkgs.wireshark;
};
programs.wireshark = {
enable = true;
package = pkgs.wireshark;
};
programs.adb.enable = true;
@ -59,79 +60,88 @@ in
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
networking.firewall.allowedTCPPortRanges = [{ from = 1714; to = 1764; }];
networking.firewall.allowedUDPPortRanges = [{ from = 1714; to = 1764; }]; # for KDE connect
networking.firewall.allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
networking.firewall.allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
]; # for KDE connect
# FIXME: kdeconnect module
# Or disable the firewall altogether.
# networking.firewall.enable = false;
networking.networkmanager = {
networking.networkmanager = {
enable = true;
# FIXME: move into own file, use SOPS for secrets
ensureProfiles.profiles = {
"37C3" = {
connection = {
id = "37C3";
type = "wifi";
interface-name = "wlan0";
};
wifi = {
mode = "infrastructure";
ssid = "37C3";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-eap";
};
"802-1x" = {
anonymous-identity = "37C3";
eap = "ttls;";
identity = "37C3";
password = "37C3";
phase2-auth = "pap";
altsubject-matches = "DNS:radius.c3noc.net";
ca-cert = "${builtins.fetchurl {
url = "https://letsencrypt.org/certs/isrgrootx1.pem";
sha256 = "sha256:1la36n2f31j9s03v847ig6ny9lr875q3g7smnq33dcsmf2i5gd92";
}}";
};
ipv4 = {
method = "auto";
};
ipv6 = {
addr-gen-mode = "default";
method = "auto";
"37C3" = {
connection = {
id = "37C3";
type = "wifi";
interface-name = "wlan0";
};
wifi = {
mode = "infrastructure";
ssid = "37C3";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-eap";
};
"802-1x" = {
anonymous-identity = "37C3";
eap = "ttls;";
identity = "37C3";
password = "37C3";
phase2-auth = "pap";
altsubject-matches = "DNS:radius.c3noc.net";
ca-cert = "${builtins.fetchurl {
url = "https://letsencrypt.org/certs/isrgrootx1.pem";
sha256 = "sha256:1la36n2f31j9s03v847ig6ny9lr875q3g7smnq33dcsmf2i5gd92";
}}";
};
ipv4 = {
method = "auto";
};
ipv6 = {
addr-gen-mode = "default";
method = "auto";
};
};
};
};
};
services.avahi.enable = true;
# Enable CUPS to print documents.
services.printing =
{
enable = true;
drivers = [ pkgs.hplip ];
};
services.printing = {
enable = true;
drivers = [ pkgs.hplip ];
};
# scanners
hardware.sane =
{
enable = true;
extraBackends = [ pkgs.hplip ];
};
hardware.sane = {
enable = true;
extraBackends = [ pkgs.hplip ];
};
# Enable sound.
hardware.pulseaudio = {
enable = true;
# decouple pulseaudio application and sink volumes
daemon.config = { flat-volumes = "no"; };
daemon.config = {
flat-volumes = "no";
};
# C3D2 hq music
zeroconf.discovery.enable = true;
zeroconf.publish.enable = true;
};
# Bluetooth
hardware.bluetooth = {
enable = true;
@ -141,7 +151,6 @@ in
package = pkgs.pulseaudioFull;
};
# FIXME: at some point, hide GUI and sound (desktop vs. server) behind an option
# Enable the X11 windowing system.
services.xserver.enable = true;
@ -160,8 +169,8 @@ in
# dconf required for several Gnome applications
programs.dconf.enable = true;
programs.firefox.enable = true; # enables support for automatically setting additionsl nativeMessagingHosts
programs.firefox.enable = true; # enables support for automatically setting additionsl nativeMessagingHosts
# Flatpak support
services.flatpak.enable = true;
@ -171,7 +180,18 @@ in
users.users.spiollinux = {
isNormalUser = true;
uid = 1000;
extraGroups = [ "vboxusers" "wheel" "networkmanager" "scanner" "lp" "wireshark" "dialout" "cdrom" "input" "adbusers" ];
extraGroups = [
"vboxusers"
"wheel"
"networkmanager"
"scanner"
"lp"
"wireshark"
"dialout"
"cdrom"
"input"
"adbusers"
];
shell = pkgs.zsh;
};
@ -184,11 +204,10 @@ in
nixpkgs.config.whitelistedLicenses = [ pkgs.lib.licenses.virtualbox-puel ];
users.extraGroups.vboxusers.members = [ "spiollinux" ];
programs.zsh =
{
enable = true;
autosuggestions.enable = true;
};
programs.zsh = {
enable = true;
autosuggestions.enable = true;
};
# profile sync daemon
services.psd.enable = true;
@ -208,13 +227,17 @@ in
nixpkgs.flake = inputs.nixpkgs;
};
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
# keep build-time deps around for offline-rebuilding
# keep build-time deps around for offline-rebuilding
settings = {
# keep around all inputs necessary for offline-rebuilding the system
keep-outputs = true;
keep-derivations = true;
trusted-users = [ "spiollinux" ];
experimental-features = [ "nix-command" "flakes" "repl-flake" ];
experimental-features = [
"nix-command"
"flakes"
"repl-flake"
];
# use all cores for building
cores = 0;
};
@ -254,6 +277,4 @@ in
# stop NetworkManager from managing virtual interfaces
networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
}

20
common/nitrokey.nix
View file

@ -1,11 +1,13 @@
{ pkgs, lib, ...}:
{ pkgs, lib, ... }:
{
hardware.nitrokey.enable = true;
environment.systemPackages = [ pkgs.pynitrokey ];
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"nrfutil"
"pc-ble-driver-py"
"pc-ble-driver"
"pypemicro"
];
hardware.nitrokey.enable = true;
environment.systemPackages = [ pkgs.pynitrokey ];
nixpkgs.config.allowUnfreePredicate =
pkg:
builtins.elem (lib.getName pkg) [
"nrfutil"
"pc-ble-driver-py"
"pc-ble-driver"
"pypemicro"
];
}

169
common/packages.nix
View file

@ -1,89 +1,98 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
{
{
# take overlays from flake
nixpkgs.overlays = lib.attrValues config.inputInjection.flake-inputs.self.overlays;
# List packages installed in system profile.
environment.systemPackages = with pkgs; [
wget
vim
vimPlugins.vim-nix
vimPlugins.pathogen
tmux
htop
zsh
btrfs-progs
git
python3
man-pages
dnsutils
netcat-openbsd
ntfs3g
file
multipath-tools
strace
ltrace
valgrind
testdisk
rsync
pv
exfat
iotop
cifs-utils
dstat
lsof
macchanger
borgbackup
environment.systemPackages =
with pkgs;
[
wget
vim
vimPlugins.vim-nix
vimPlugins.pathogen
tmux
htop
zsh
btrfs-progs
git
python3
man-pages
dnsutils
netcat-openbsd
ntfs3g
file
multipath-tools
strace
ltrace
valgrind
testdisk
rsync
pv
exfat
iotop
cifs-utils
dstat
lsof
macchanger
borgbackup
# for debugging WLAN failures:
ethtool
trace-cmd
# NetworkManager stuff
networkmanager-openconnect
networkmanager-vpnc
networkmanager-openvpn
plasma5Packages.kdeGear.akonadi-mime # for KOrganizer
# for debugging WLAN failures:
ethtool
trace-cmd
# NetworkManager stuff
networkmanager-openconnect
networkmanager-vpnc
networkmanager-openvpn
plasma5Packages.kdeGear.akonadi-mime # for KOrganizer
]
++ (with plasma5Packages; with kdeGear; [
#akonadi
#akonadi-calendar
#akonadi-contacts
#akonadi-import-wizard
#akonadi-mime
#akonadi-notes
#akonadi-search
#akonadiconsole
#akregator
#kaddressbook
#kalarm
#kalarmcal
#kcalutils
#kcontacts
#kdav
#kdepim-addons
++ (
with plasma5Packages;
with kdeGear;
[
#akonadi
#akonadi-calendar
#akonadi-contacts
#akonadi-import-wizard
#akonadi-mime
#akonadi-notes
#akonadi-search
#akonadiconsole
#akregator
#kaddressbook
#kalarm
#kalarmcal
#kcalutils
#kcontacts
#kdav
#kdepim-addons
#kdepim-runtime
#kidentitymanagement
#kldap
#kmail
#kmailtransport
#kmbox
#kmime
#kontact
#kontactinterface
#korganizer
#kpimtextedit
#libkdepim
#libksieve
#mailcommon
#messagelib
#pimcommon
#pim-sieve-editor
#kdepim-runtime
#kidentitymanagement
#kldap
#kmail
#kmailtransport
#kmbox
#kmime
#kontact
#kontactinterface
#korganizer
#kpimtextedit
#libkdepim
#libksieve
#mailcommon
#messagelib
#pimcommon
#pim-sieve-editor
# for some Flatpak packkages
accountsservice
]);
# for some Flatpak packkages
accountsservice
]
);
}