Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

claude restructure

Browse Source
This commit is contained in:
Kabbone
2026-04-23 20:08:25 +02:00
parent d66b67ba4c
commit 5fb7ab4ee0
11 changed files with 255 additions and 493 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
flake.nix
View File

@@ -7,7 +7,7 @@
# │ └─ default.nix # │ └─ default.nix
{ {
description = "Kabbone's peronal NixOS Flake config"; description = "Kabbone's personal NixOS Flake config";
inputs = { inputs = {
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Nix Packages nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Nix Packages
@@ -48,7 +48,7 @@
noctalia = { noctalia = {
url = "github:noctalia-dev/noctalia-shell"; url = "github:noctalia-dev/noctalia-shell";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
@@ -66,18 +66,17 @@
impermanence, impermanence,
lanzaboote, lanzaboote,
... ...
} @ inputs: rec { } @ inputs:
inherit (self) outputs; let
systems = [ systems = [
# "aarch64-linux" # "aarch64-linux"
"x86_64-linux" "x86_64-linux"
]; ];
forAllSystems = nixpkgs.lib.genAttrs systems; forAllSystems = nixpkgs.lib.genAttrs systems;
#in { in {
# Your custom packages # Your custom packages
# Accessible through 'nix build', 'nix shell', etc # Accessible through 'nix build', 'nix shell', etc
packages = forAllSystems (system: import ./packages nixpkgs.legacyPackages.${system}); packages = forAllSystems (system: import ./packages { pkgs = nixpkgs.legacyPackages.${system}; });
# Formatter for your nix files, available through 'nix fmt' # Formatter for your nix files, available through 'nix fmt'
# Other options beside 'alejandra' include 'nixpkgs-fmt' # Other options beside 'alejandra' include 'nixpkgs-fmt'
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra); formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
@@ -96,19 +95,17 @@
import ./hosts { # Imports ./hosts/default.nix import ./hosts { # Imports ./hosts/default.nix
inherit (nixpkgs) lib; inherit (nixpkgs) lib;
inherit inputs nixpkgs nixpkgs-unstable nixos-hardware home-manager home-manager-unstable agenix jovian-nixos microvm impermanence lanzaboote; # Also inherit home-manager so it does not need to be defined here. inherit inputs nixpkgs nixpkgs-unstable nixos-hardware home-manager home-manager-unstable agenix jovian-nixos microvm impermanence lanzaboote; # Also inherit home-manager so it does not need to be defined here.
nix.allowedUsers = [ "@wheel" ];
security.sudo.execWheelOnly = true;
} }
); );
hydraJobs = { hydraJobs = {
"steamdeck" = nixosConfigurations.steamdeck.config.system.build.toplevel; "steamdeck" = self.nixosConfigurations.steamdeck.config.system.build.toplevel;
"hades" = nixosConfigurations.hades.config.system.build.toplevel; "hades" = self.nixosConfigurations.hades.config.system.build.toplevel;
"nasbak" = nixosConfigurations.nasbak.config.system.build.toplevel; "nasbak" = self.nixosConfigurations.nasbak.config.system.build.toplevel;
"jupiter" = nixosConfigurations.jupiter.config.system.build.toplevel; "jupiter" = self.nixosConfigurations.jupiter.config.system.build.toplevel;
"lifebook" = nixosConfigurations.lifebook.config.system.build.toplevel; "lifebook" = self.nixosConfigurations.lifebook.config.system.build.toplevel;
"kabtop" = nixosConfigurations.kabtop.config.system.build.toplevel; "kabtop" = self.nixosConfigurations.kabtop.config.system.build.toplevel;
"dmz" = nixosConfigurations.dmz.config.system.build.toplevel; "dmz" = self.nixosConfigurations.dmz.config.system.build.toplevel;
}; };
}; };
} }

127
hosts/configuration_common.nix Normal file
View File

@@ -0,0 +1,127 @@
#
# Common configuration shared by all hosts (desktop and server).
# Imported by configuration_desktop.nix and configuration_server.nix.
#
{ config, lib, pkgs, inputs, user, location, agenix, ... }:
{
imports = [
../modules/hardware/hydraCache.nix
];
users.users.${user} = {
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de"
];
};
time.timeZone = "Europe/Berlin";
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_TIME = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
fonts.packages = with pkgs; [
carlito
vegur
source-code-pro
font-awesome
hack-font
corefonts
intel-one-mono
cascadia-code
];
environment = {
variables = {
TERMINAL = "alacritty";
EDITOR = "nvim";
VISUAL = "nvim";
BROWSER = "firefox";
};
systemPackages = with pkgs; [
vim
git
killall
pciutils
usbutils
wget
bind
dig
agenix.packages.${pkgs.system}.default
cryptsetup
powerline
powerline-fonts
powerline-symbols
tree
direnv
linuxPackages_latest.cpupower
btop
];
};
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
};
programs.zsh.enable = true;
nix = {
settings = {
auto-optimise-store = true;
allowed-users = [ "@wheel" ];
};
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
package = pkgs.nixVersions.stable;
extraOptions = ''
experimental-features = nix-command flakes
'';
};
nixpkgs.config.allowUnfree = true;
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
];
security = {
sudo.execWheelOnly = true;
rtkit.enable = true;
pki.certificateFiles = [
./rootCA.pem
];
};
system = {
stateVersion = "23.05";
autoUpgrade = {
flake = "git+https://git.kabtop.de/Kabbone/nixos-config";
randomizedDelaySec = "5m";
allowReboot = true;
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
};
};
}

214
hosts/configuration_desktop.nix
View File

@@ -1,201 +1,61 @@
# #
# Main system configuration. More information available in configuration.nix(5) man page. # Desktop/laptop configuration. Imports configuration_common.nix for shared settings.
# # Host-specific window manager and hardware configs are imported per-host.
# flake.nix
# ├─ ./hosts
# │ └─ configuration.nix *
# └─ ./modules
# └─ ./editors
# └─ ./nvim
# └─ default.nix
# #
{ config, lib, pkgs, pkgs-stable, inputs, user, location, agenix, ... }: { config, lib, pkgs, pkgs-stable, inputs, user, location, agenix, ... }:
{ {
imports = # Import window or display manager. imports = [
[ ./configuration_common.nix
#../modules/editors/nvim # ! Comment this out on first install !
];
users.users.${user} = { # System User
isNormalUser = true;
extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" "dialout" "tss" ];
shell = pkgs.zsh; # Default shell
uid = 2000;
# initialPassword = "password95";
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de"
];
};
time.timeZone = "Europe/Berlin"; # Time zone and internationalisation
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = { # Extra locale settings that need to be overwritten
LC_TIME = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us"; # or us/azerty/etc
};
security = {
pam.services.login.enableGnomeKeyring = true;
rtkit.enable = true;
pki.certificateFiles = [
./rootCA.pem
];
#tpm2 = {
# enable = true;
# pkcs11.enable = true;
# tctiEnvironment.enable = true;
# };
};
#sound = { # ALSA sound enable
## #enable = true;
# mediaKeys = { # Keyboard Media Keys (for minimal desktop) enable = true;
# enable = true;
# };
#};
fonts.packages = with pkgs; [ # Fonts
carlito # NixOS
vegur # NixOS
source-code-pro
font-awesome # Icons
hack-font
corefonts # MS
intel-one-mono
cascadia-code
]; ];
environment = { users.users.${user} = {
variables = { isNormalUser = true;
TERMINAL = "alacritty"; uid = 2000;
EDITOR = "nvim"; extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" "dialout" "tss" ];
VISUAL = "nvim";
BROWSER = "firefox";
};
systemPackages = (with pkgs; [ # Default packages install system-wide
vim
git
killall
pciutils
usbutils
wget
file
powertop
cpufrequtils
lm_sensors
libva-utils
at-spi2-core
bind
dig
qmk-udev-rules
gptfdisk
agenix.packages.x86_64-linux.default
age-plugin-yubikey
pwgen
cryptsetup
powerline
powerline-fonts
powerline-symbols
tree
direnv
linuxPackages_latest.cpupower
linuxPackages_latest.turbostat
btop
sbctl
ausweisapp
e2fsprogs
])
++
(with pkgs-stable; [
orca-slicer
]);
}; };
security.pam.services.login.enableGnomeKeyring = true;
environment.systemPackages = with pkgs; [
file
powertop
cpufrequtils
lm_sensors
libva-utils
at-spi2-core
qmk-udev-rules
gptfdisk
age-plugin-yubikey
pwgen
sbctl
ausweisapp
e2fsprogs
] ++ (with pkgs-stable; [
orca-slicer
]);
nixpkgs.config.permittedInsecurePackages = [
"mbedtls-2.28.10"
];
services = { services = {
pipewire = { # Sound pipewire = {
enable = true; enable = true;
alsa = { alsa.enable = true;
enable = true;
# support32Bit = true;
};
pulse.enable = true; pulse.enable = true;
wireplumber.enable = true; wireplumber.enable = true;
}; };
openssh = { # SSH: secure shell (remote connection to shell of server)
enable = true; # local: $ ssh <user>@<ip>
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
# extraConfig = ''
# HostKeyAlgorithms +ssh-rsa
# ''; # Temporary extra config so ssh will work in guacamole
};
pcscd.enable = true; pcscd.enable = true;
yubikey-agent.enable = true; yubikey-agent.enable = true;
udev.packages = [ pkgs.yubikey-personalization pkgs.nitrokey-udev-rules ]; udev.packages = [ pkgs.yubikey-personalization pkgs.nitrokey-udev-rules ];
flatpak.enable = true; # download flatpak file from website - sudo flatpak install <path> - reboot if not showing up flatpak.enable = true;
# sudo flatpak uninstall --delete-data <app-id> (> flatpak list --app) - flatpak uninstall --unused
# List:
# com.obsproject.Studio
# com.parsecgaming.parsec
# com.usebottles.bottles
gvfs.enable = true; gvfs.enable = true;
fwupd.enable = true; fwupd.enable = true;
}; };
programs = { # No xbacklight, this is the alterantive programs.dconf.enable = true;
zsh.enable = true;
dconf.enable = true;
};
system.autoUpgrade.enable = false;
nix = { # Nix Package Manager settings
settings ={
auto-optimise-store = true; # Optimise syslinks
};
gc = { # Automatic garbage collection
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
package = pkgs.nixVersions.stable; # Enable nixFlakes on system
extraOptions = ''
experimental-features = nix-command flakes
'';
};
nixpkgs.config.allowUnfree = true; # Allow proprietary software.
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
"mbedtls-2.28.10"
];
system = { # NixOS settings
autoUpgrade = { # Allow auto update
enable = false;
flake = "git+https://git.kabtop.de/Kabbone/nixos-config";
randomizedDelaySec = "5m";
allowReboot = true;
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
#channel = "https://nixos.org/channels/nixos-unstable";
};
stateVersion = "23.05";
};
} }

157
hosts/configuration_server.nix
View File

@@ -1,155 +1,38 @@
# #
# Main system configuration. More information available in configuration.nix(5) man page. # Server configuration. Imports configuration_common.nix for shared settings.
# # Service modules are imported per-host.
# flake.nix
# ├─ ./hosts
# │ └─ configuration.nix *
# └─ ./modules
# └─ ./editors
# └─ ./nvim
# └─ default.nix
# #
{ config, lib, pkgs, inputs, user, location, agenix, ... }: { config, lib, pkgs, inputs, user, location, agenix, ... }:
{ {
imports = # Import window or display manager. imports = [
[ ./configuration_common.nix
#../modules/editors/nvim # ! Comment this out on first install ! ];
];
users.users.${user} = { # System User users.users.${user} = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" ];
shell = pkgs.zsh; # Default shell
uid = 3000; uid = 3000;
# initialPassword = "password95"; extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" ];
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de"
];
};
security.sudo.wheelNeedsPassword = true; # User does not need to give password when using sudo.
time.timeZone = "Europe/Berlin"; # Time zone and internationalisation
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = { # Extra locale settings that need to be overwritten
LC_TIME = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
};
}; };
console = { security.sudo.wheelNeedsPassword = true;
font = "Lat2-Terminus16";
keyMap = "us"; # or us/azerty/etc
};
security = { environment.systemPackages = with pkgs; [
rtkit.enable = true; ffmpeg
pki.certificateFiles = [ smartmontools
./rootCA.pem htop
];
};
fonts.packages = with pkgs; [ # Fonts
carlito # NixOS
vegur # NixOS
source-code-pro
font-awesome # Icons
hack-font
corefonts # MS
intel-one-mono
cascadia-code
]; ];
environment = { services.openssh = {
variables = { ports = [ 2220 ];
TERMINAL = "alacritty"; openFirewall = true;
EDITOR = "nvim";
VISUAL = "nvim";
BROWSER = "firefox";
};
systemPackages = with pkgs; [ # Default packages install system-wide
vim
git
killall
pciutils
usbutils
wget
powertop
cpufrequtils
lm_sensors
bind
dig
agenix.packages.x86_64-linux.default
ffmpeg
smartmontools
cryptsetup
powerline
powerline-fonts
powerline-symbols
tree
direnv
linuxPackages_latest.cpupower
btop
htop
];
}; };
services = { nix.extraOptions = ''
openssh = { # SSH: secure shell (remote connection to shell of server) keep-outputs = true
enable = true; # local: $ ssh <user>@<ip> keep-derivations = true
settings = { '';
PasswordAuthentication = false;
PermitRootLogin = "no";
};
ports = [ 2220 ];
openFirewall = true;
};
#flatpak.enable = true; # download flatpak file from website - sudo flatpak install <path> - reboot if not showing up system.autoUpgrade.enable = true;
# sudo flatpak uninstall --delete-data <app-id> (> flatpak list --app) - flatpak uninstall --unused
};
programs = {
zsh.enable = true;
};
nix = { # Nix Package Manager settings
settings ={
auto-optimise-store = true; # Optimise syslinks
};
gc = { # Automatic garbage collection
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
package = pkgs.nixVersions.stable; # Enable nixFlakes on system
extraOptions = ''
experimental-features = nix-command flakes
keep-outputs = true
keep-derivations = true
'';
};
nixpkgs.config.allowUnfree = true; # Allow proprietary software.
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
];
system = { # NixOS settings
autoUpgrade = { # Allow auto update
enable = true;
flake = "git+https://git.kabtop.de/Kabbone/nixos-config";
randomizedDelaySec = "5m";
allowReboot = true;
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
};
stateVersion = "23.05";
};
} }

171
hosts/default.nix
View File

@@ -4,7 +4,9 @@
# flake.nix # flake.nix
# └─ ./hosts # └─ ./hosts
# ├─ default.nix * # ├─ default.nix *
# ├─ configuration.nix # ├─ configuration_common.nix
# ├─ configuration_desktop.nix
# ├─ configuration_server.nix
# ├─ home.nix # ├─ home.nix
# └─ ./desktop OR ./laptop OR ./vm # └─ ./desktop OR ./laptop OR ./vm
# ├─ ./default.nix # ├─ ./default.nix
@@ -15,34 +17,39 @@
let let
user = "kabbone"; user = "kabbone";
userdmz = "diablo"; location = builtins.getEnv "HOME" + "/.setup";
userserver = "mephisto";
location = "$HOME/.setup";
system = "x86_64-linux"; # System architecture system = "x86_64-linux";
pkgs = import nixpkgs { pkgs = import nixpkgs {
inherit system; inherit system;
config.allowUnfree = true; # Allow proprietary software config.allowUnfree = true;
}; };
pkgs-unstable = import nixpkgs-unstable { pkgs-unstable = import nixpkgs-unstable {
inherit system; inherit system;
config.allowUnfree = true; # Allow proprietary software config.allowUnfree = true;
}; };
pkgs-stable = import nixpkgs { pkgs-stable = pkgs;
inherit system;
config.allowUnfree = true; # Allow proprietary software
};
pkgs-kabbone = import ../packages { pkgs-kabbone = import ../packages {
inherit system; inherit system;
inherit pkgs; inherit pkgs;
}; };
lib = nixpkgs.lib; # Helper: returns [hm-module, config-attrset] for the modules list.
users.defaultShell = "pkgs.zsh"; # hm - the home-manager flake input to use (stable or unstable)
# hmImports - list of home.nix paths for this host
mkHM = hm: hmImports: [
hm.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user}.imports = hmImports;
}
];
in in
{ {
@@ -55,22 +62,11 @@ in
lanzaboote.nixosModules.lanzaboote lanzaboote.nixosModules.lanzaboote
./desktop ./desktop
./configuration_desktop.nix ./configuration_desktop.nix
../modules/hardware/hydraCache.nix
../modules/hardware/remoteBuilder.nix ../modules/hardware/remoteBuilder.nix
nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd nixos-hardware.nixosModules.common-gpu-amd
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager [ ./home.nix ./desktop/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home.nix)] ++ [(import ./desktop/home.nix)];
};
}
];
}; };
lifebook = lib.nixosSystem { # Laptop profile lifebook = lib.nixosSystem { # Laptop profile
@@ -81,19 +77,9 @@ in
lanzaboote.nixosModules.lanzaboote lanzaboote.nixosModules.lanzaboote
./lifebook ./lifebook
./configuration_desktop.nix ./configuration_desktop.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager [ ./home.nix ./lifebook/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home.nix)] ++ [(import ./lifebook/home.nix)];
};
}
];
}; };
steamdeck = nixpkgs-unstable.lib.nixosSystem { # steamdeck profile steamdeck = nixpkgs-unstable.lib.nixosSystem { # steamdeck profile
@@ -105,151 +91,81 @@ in
lanzaboote.nixosModules.lanzaboote lanzaboote.nixosModules.lanzaboote
./steamdeck ./steamdeck
./configuration_desktop.nix ./configuration_desktop.nix
../modules/hardware/hydraCache.nix ] ++ (mkHM home-manager-unstable [ ./home.nix ./steamdeck/home.nix ]);
home-manager-unstable.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home.nix)] ++ [(import ./steamdeck/home.nix)];
};
}
];
}; };
kabtop = lib.nixosSystem { # Desktop profile kabtop = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs pkgs-unstable impermanence; }; specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
microvm.nixosModules.host microvm.nixosModules.host
./kabtop ./kabtop
./configuration_server.nix ./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager [ ./home_server.nix ./kabtop/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./kabtop/home.nix)];
};
}
];
}; };
nasbak = lib.nixosSystem { # Desktop profile nasbak = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix; }; specialArgs = { inherit inputs user location nixos-hardware agenix; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
./nasbackup ./nasbackup
./configuration_server.nix ./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager [ ./home_server.nix ./nasbackup/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./nasbackup/home.nix)];
};
}
];
}; };
jupiter = lib.nixosSystem { # Desktop profile jupiter = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix pkgs-kabbone; }; specialArgs = { inherit inputs user location nixos-hardware agenix pkgs-kabbone; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
./jupiter ./jupiter
./configuration_server.nix ./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager [ ./home_server.nix ./jupiter/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./jupiter/home.nix)];
};
}
];
}; };
kabtopci = lib.nixosSystem { # Desktop profile kabtopci = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; }; specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
microvm.nixosModules.host microvm.nixosModules.host
./kabtopci ./kabtopci
./configuration_server.nix ./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager [ ./home_server.nix ./kabtopci/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./kabtopci/home.nix)];
};
}
];
}; };
kubemaster-1 = lib.nixosSystem { # Desktop profile kubemaster-1 = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; }; specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
microvm.nixosModules.host microvm.nixosModules.host
./kubemaster-1 ./kubemaster-1
./configuration_server.nix ./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager [ ./home_server.nix ./kubemaster-1/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./kubemaster-1/home.nix)];
};
}
];
}; };
dmz = lib.nixosSystem { # Desktop profile dmz = lib.nixosSystem { # Server profile
inherit system; inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; }; specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
modules = [ modules = [
agenix.nixosModules.default agenix.nixosModules.default
microvm.nixosModules.host microvm.nixosModules.host
./dmz ./dmz
./configuration_server.nix ./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
] ++ (mkHM home-manager [ ./home_server.nix ./dmz/home.nix ]);
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./dmz/home.nix)];
};
}
];
}; };
# vm = lib.nixosSystem { # VM profile # vm = lib.nixosSystem { # VM profile
@@ -259,14 +175,7 @@ in
# ./vm # ./vm
# ./configuration.nix # ./configuration.nix
# #
# home-manager.nixosModules.home-manager { # (mkHM home-manager [ ./home.nix ./vm/home.nix ])
# home-manager.useGlobalPkgs = true;
# home-manager.useUserPackages = true;
# home-manager.extraSpecialArgs = { inherit user; };
# home-manager.users.${user} = {
# imports = [(import ./home.nix)] ++ [(import ./vm/home.nix)];
# };
# }
# ]; # ];
# }; # };
} }

1
hosts/home.nix
View File

@@ -47,6 +47,7 @@
screen screen
yubioath-flutter yubioath-flutter
nitrokey-app nitrokey-app
claude-code
tailscale tailscale
wireguard-tools wireguard-tools

2
modules/editors/nvim/default.nix
View File

@@ -17,6 +17,8 @@
vimAlias = true; vimAlias = true;
vimdiffAlias = true; vimdiffAlias = true;
withNodeJs = true; withNodeJs = true;
withRuby = true;
withPython3 = true;
# plugins = with pkgs.vimPlugins; [ # plugins = with pkgs.vimPlugins; [
# #

18
modules/wm/default.nix
View File

@@ -1,16 +1,16 @@
{ pkgs, lib, config, ... }: { pkgs, lib, config, ... }:
with lib;
{ {
# NOTE: Dynamic imports based on option values are not supported in NixOS modules.
# To conditionally load a WM, either import all WM modules and use mkIf in each,
# or select the WM module directly in the host configuration.
imports = [];
options = { options = {
desktop = { desktop = {
wm = lib.mkOption { type = types.str; default = "sway"; }; wm = mkOption { type = types.str; default = "sway"; };
taskbar = lib.mkOption { type = types.str; default = "waybar"; }; taskbar = mkOption { type = types.str; default = "waybar"; };
launcher = lib.mkOption { type = types.str; default = "bemenu"; }; launcher = mkOption { type = types.str; default = "bemenu"; };
}; };
}; };
config = {
imports =
(import ./ + (desktop.wm)) ++
};
} }

2
overlays/default.nix
View File

@@ -1,6 +1,6 @@
{inputs, ...}: { {inputs, ...}: {
# This one brings our custom packages from the 'pkgs' directory # This one brings our custom packages from the 'pkgs' directory
additions = final: _prev: import ../pkgs {pkgs = final;}; additions = final: _prev: import ../packages {pkgs = final;};
modifications = final: prev: { modifications = final: prev: {
mealie = final.unstable.mealie; mealie = final.unstable.mealie;

1
result Symbolic link
View File

@@ -0,0 +1 @@
/nix/store/0j8av8h7rid2p83sdzbb5bi0x1ldfd9p-nixos-system-hades-25.11.20260415.1766437

18
systemSettings.nix
View File

@@ -1,18 +0,0 @@
# options for systemsettings
{ pkgs, lib, config, ... }:
{
options = {
systemSettings.enable = lib.mkEnableOption "enables standard systemsettings";
};
config = lib.mkIf config.systemSettings.enable {
system = lib.mkDefault "x86_64-linux";
profile = lib.mkDefault "personal";
timezone = "Europe/Berlin";
locale = "en_US.UTF-8";
bootMode = lib.mkDefault "uefi";
bootMountPath = "/boot";
};
}