diff --git a/flake.lock b/flake.lock index 9c6b973..52a3900 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,41 @@ { "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703368619, + "narHash": "sha256-ZGPMYL7FMA6enhuwby961bBANmoFX14EA86m2/Jw5Jo=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "a2523ea0343b056ba240abbac90ab5f116a7aa7b", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1702453208, + "narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixos-hardware", + "type": "github" + } + }, "nixos-modules": { "inputs": { "nixpkgs-lib": [ @@ -7,11 +43,11 @@ ] }, "locked": { - "lastModified": 1703443084, - "narHash": "sha256-POWXUw4gf8c9eZ1PJ2Har+PBsgdyULeHbqabdVSAQZE=", + "lastModified": 1703466232, + "narHash": "sha256-euLiyAHlppxizV0aRHx9adR4fTTLQVFL5sJ4LWn6dTQ=", "owner": "SuperSandro2000", "repo": "nixos-modules", - "rev": "55e8b1d38fe4a5e0315f91dfc44bd1a6f32b06ef", + "rev": "d428b73701f49f1fe5f47720db4d093d60818f18", "type": "github" }, "original": { @@ -38,6 +74,8 @@ }, "root": { "inputs": { + "home-manager": "home-manager", + "nixos-hardware": "nixos-hardware", "nixos-modules": "nixos-modules", "nixpkgs": "nixpkgs", "sops-nix": "sops-nix" diff --git a/flake.nix b/flake.nix index 81ded5b..d165e61 100644 --- a/flake.nix +++ b/flake.nix @@ -3,12 +3,18 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; nixos-modules = { url = "github:SuperSandro2000/nixos-modules"; inputs.nixpkgs-lib.follows = "nixpkgs"; }; + home-manager = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + sops-nix = { url = "github:Mic92/sops-nix"; inputs = { @@ -18,7 +24,7 @@ }; }; - outputs = { nixpkgs, nixos-modules, sops-nix, ... }: + outputs = { nixpkgs, nixos-hardware, nixos-modules, home-manager, sops-nix, ... }: let inherit (nixpkgs) lib; src = builtins.filterSource (path: type: type == "directory" || lib.hasSuffix ".nix" (baseNameOf path)) ./.; @@ -30,27 +36,34 @@ hostname, system ? "x86_64-linux", modules ? [], - users ? [], + users ? ["dennis"], }: lib.nixosSystem { inherit system; modules = [ nixos-modules.nixosModule + home-manager.nixosModules.home-manager sops-nix.nixosModules.sops ./systems/programs.nix ./systems/configuration.nix ./systems/${hostname}/hardware.nix ./systems/${hostname}/configuration.nix - ] ++ modules ++ fileList "modules" ++ map(user: ./users/${user}) users; - + { config.networking.hostName = "${hostname}"; } + ] ++ modules ++ fileList "modules" + ++ map(user: { config, lib, pkgs, ... }@args: { + users.users.${user} = import ./users/${user} (args // { name = "${user}"; }); + }) users + ++ map(user: { home-manager.users.${user} = import ./users/${user}/home.nix; }) users; }; in { photon = constructSystem { hostname = "photon"; + users = ["dennis"]; }; palatine-hill = constructSystem { hostname = "palatine-hill"; + users = ["alice"]; }; }; }; diff --git a/modules/boot.nix b/modules/boot.nix index bdd56b4..84e1046 100644 --- a/modules/boot.nix +++ b/modules/boot.nix @@ -7,6 +7,12 @@ in options = { boot = { default = libS.mkOpinionatedOption "enable the boot builder"; + cpuType = lib.mkOption { + type = lib.types.str; + example = "amd"; + default = ""; + description = "The cpu-type installed on the server."; + }; }; }; @@ -14,8 +20,8 @@ in supportedFilesystems = [ "zfs" ]; tmp.useTmpfs = true; kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; - kernelParams = [ "kvm-amd" "nordrand" ]; - zfs = { + kernelParams = [ "nordrand" ] ++ lib.optional (cfg.cpuType == "amd") "kvm-amd"; + zfs = { enableUnstable = true; devNodes = "/dev/disk/by-id/"; forceImportRoot = true; diff --git a/systems/configuration.nix b/systems/configuration.nix index 00e43fa..8f19128 100644 --- a/systems/configuration.nix +++ b/systems/configuration.nix @@ -2,16 +2,18 @@ { i18n = { defaultLocale = "en_US.utf8"; - supportedLocales = [ - "en_US.UTF-8/UTF-8" - "de_DE.UTF-8/UTF-8" - ]; + supportedLocales = [ "en_US.UTF-8/UTF-8" ]; }; boot = { default = true; }; + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + }; + networking.firewall.allowedTCPPorts = [ 22 ]; services = { @@ -31,18 +33,10 @@ programs = { fzf.keybindings = true; + git = { enable = true; config = { - alias = { - p = "pull"; - r = "reset --hard"; - ci = "commit"; - co = "checkout"; - lg = "log --graph --abbrev-commit --decorate --format=format:'%C(bold blue)%h%C(reset) - %C(bold green)(%ar)%C(reset) %C(white)%s%C(reset) %C(dim white)- %an%C(reset)%C(bold yellow)%d%C(reset)'"; - st = "status"; - undo = "reset --soft HEAD^"; - }; interactive.singlekey = true; pull.rebase = true; rebase.autoStash = true; @@ -50,6 +44,21 @@ }; }; + neovim = { + enable = true; + defaultEditor = true; + configure = { + customRC = '' + set undofile " save undo file after quit + set undolevels=1000 " number of steps to save + set undoreload=10000 " number of lines to save + + " Save Cursor Position + au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif + ''; + }; + }; + zsh = { enable = true; autosuggestions = { @@ -64,69 +73,7 @@ enableBashCompletion = true; ohMyZsh = { enable = true; - plugins = [ "git" "sudo" "docker" "kubectl" "history" "colorize" "direnv" ]; - theme = "agnoster"; }; - - shellAliases = { - flake = "nvim flake.nix"; - garbage = "sudo nix-collect-garbage -d"; - gpw = "git pull | grep \"Already up-to-date\" > /dev/null; while [ $? -gt 1 ]; do sleep 5; git pull | grep \"Already up-to-date\" > /dev/null; done; notify-send Pull f$"; - l = "ls -lah"; - nixdir = "echo \"use flake\" > .envrc && direnv allow"; - nixeditc = "nvim ~/dotfiles/system/configuration.nix"; - nixeditpc = "nvim ~/dotfiles/system/program.nix"; - pypi = "pip install --user"; - qr = "qrencode -m 2 -t utf8 <<< \"$1\""; - update = "sudo nixos-rebuild switch --fast --flake ~/dotfiles/ -L"; - v = "nvim"; - }; - }; - - neovim = { - enable = true; - defaultEditor = true; - vimAlias = true; - viAlias = true; - withPython3 = true; - configure = { - customRC = '' - set undofile " save undo file after quit - set undolevels=1000 " number of steps to save - set undoreload=10000 " number of lines to save - - " Save Cursor Position - au BufReadPost * if line("'\"") > 1 && line("'\"") <= line("$") | exe "normal! g'\"" | endif - ''; - packages.myVimPackage = with pkgs.vimPlugins; { - start = [ - colorizer - copilot-vim - csv-vim - fugitive - fzf-vim - nerdtree - nvchad - nvchad-ui - nvim-treesitter-refactor - nvim-treesitter.withAllGrammars - unicode-vim - vim-cpp-enhanced-highlight - vim-tmux - vim-tmux-navigator - ]; - }; - }; - }; - - tmux = { - enable = true; - plugins = with pkgs.tmuxPlugins; [ - nord - vim-tmux-navigator - sensible - yank - ]; }; nix-ld = { @@ -170,7 +117,7 @@ gc = { automatic = true; dates = "weekly"; - options = "--delete-oder-than 14d"; + options = "--delete-oder-than 30d"; }; diffSystem = true; diff --git a/users/alice/default.nix b/users/alice/default.nix index b74829f..556b6db 100644 --- a/users/alice/default.nix +++ b/users/alice/default.nix @@ -1,8 +1,5 @@ -{ pkgs, lib, config }: +{ pkgs, lib, config, name, ... }: import ../default.nix { - inherit pkgs lib config; - userName = "AmethystAndroid"; - pubKeys = { - palatine-hill = "ed25516-AAAAAAA"; - }; + inherit pkgs lib config name; + pubKeys = [ "ed25516-AAAAAAA" ]; } \ No newline at end of file diff --git a/users/alice/home.nix b/users/alice/home.nix new file mode 100644 index 0000000..f86a4a2 --- /dev/null +++ b/users/alice/home.nix @@ -0,0 +1,7 @@ +{ ... }: +{ + programs = { + }; + + home.stateVersion = "23.11"; +} \ No newline at end of file diff --git a/users/default.nix b/users/default.nix index d25005c..3a0d346 100644 --- a/users/default.nix +++ b/users/default.nix @@ -1,5 +1,14 @@ -{ lib, config, pkgs, userName, pubKeys }: { + lib, + config, + pkgs, + name, + pubKeys ? [], + defaultShell ? "zsh", +}: + +{ + inherit name; isNormalUser = true; uid = 1000; extraGroups = [ @@ -8,14 +17,12 @@ (lib.mkIf config.networking.networkmanager.enable "networkmanager") (lib.mkIf config.programs.adb.enable "adbusers") (lib.mkIf config.programs.wireshark.enable "wireshark") - (lib.mkIf config.programs.virtualisation.docker.enable "docker") + (lib.mkIf config.virtualisation.docker.enable "docker") "libvirtd" "dialout" "plugdev" "uaccess" ]; - shell = pkgs.zsh; - openssh.authorizedKeys.keys = [ - (lib.mkIf (pubKeys ? ${config.networking.hostName}) pubKeys.${config.networking.hostName}) - ]; + shell = pkgs.${defaultShell}; + openssh.authorizedKeys.keys = pubKeys; } \ No newline at end of file