Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

claude restructure

Browse Source
This commit is contained in:
Kabbone
2026-04-23 20:08:25 +02:00
parent d66b67ba4c
commit 5fb7ab4ee0
11 changed files with 255 additions and 493 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
flake.nix
View File

@@ -7,7 +7,7 @@
# │ └─ default.nix
{
description = "Kabbone's peronal NixOS Flake config";
description = "Kabbone's personal NixOS Flake config";
inputs = {
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Nix Packages
@@ -48,12 +48,12 @@
noctalia = {
url = "github:noctalia-dev/noctalia-shell";
inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = {
outputs = {
self,
nixpkgs,
nixpkgs-unstable,
@@ -66,18 +66,17 @@
impermanence,
lanzaboote,
...
} @ inputs: rec {
inherit (self) outputs;
} @ inputs:
let
systems = [
# "aarch64-linux"
"x86_64-linux"
];
forAllSystems = nixpkgs.lib.genAttrs systems;
#in {
in {
# Your custom packages
# Accessible through 'nix build', 'nix shell', etc
packages = forAllSystems (system: import ./packages nixpkgs.legacyPackages.${system});
packages = forAllSystems (system: import ./packages { pkgs = nixpkgs.legacyPackages.${system}; });
# Formatter for your nix files, available through 'nix fmt'
# Other options beside 'alejandra' include 'nixpkgs-fmt'
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
@@ -96,19 +95,17 @@
import ./hosts { # Imports ./hosts/default.nix
inherit (nixpkgs) lib;
inherit inputs nixpkgs nixpkgs-unstable nixos-hardware home-manager home-manager-unstable agenix jovian-nixos microvm impermanence lanzaboote; # Also inherit home-manager so it does not need to be defined here.
nix.allowedUsers = [ "@wheel" ];
security.sudo.execWheelOnly = true;
}
);
hydraJobs = {
"steamdeck" = nixosConfigurations.steamdeck.config.system.build.toplevel;
"hades" = nixosConfigurations.hades.config.system.build.toplevel;
"nasbak" = nixosConfigurations.nasbak.config.system.build.toplevel;
"jupiter" = nixosConfigurations.jupiter.config.system.build.toplevel;
"lifebook" = nixosConfigurations.lifebook.config.system.build.toplevel;
"kabtop" = nixosConfigurations.kabtop.config.system.build.toplevel;
"dmz" = nixosConfigurations.dmz.config.system.build.toplevel;
"steamdeck" = self.nixosConfigurations.steamdeck.config.system.build.toplevel;
"hades" = self.nixosConfigurations.hades.config.system.build.toplevel;
"nasbak" = self.nixosConfigurations.nasbak.config.system.build.toplevel;
"jupiter" = self.nixosConfigurations.jupiter.config.system.build.toplevel;
"lifebook" = self.nixosConfigurations.lifebook.config.system.build.toplevel;
"kabtop" = self.nixosConfigurations.kabtop.config.system.build.toplevel;
"dmz" = self.nixosConfigurations.dmz.config.system.build.toplevel;
};
};
}

127
hosts/configuration_common.nix Normal file
View File

@@ -0,0 +1,127 @@
#
# Common configuration shared by all hosts (desktop and server).
# Imported by configuration_desktop.nix and configuration_server.nix.
#
{ config, lib, pkgs, inputs, user, location, agenix, ... }:
{
imports = [
../modules/hardware/hydraCache.nix
];
users.users.${user} = {
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de"
];
};
time.timeZone = "Europe/Berlin";
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_TIME = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
fonts.packages = with pkgs; [
carlito
vegur
source-code-pro
font-awesome
hack-font
corefonts
intel-one-mono
cascadia-code
];
environment = {
variables = {
TERMINAL = "alacritty";
EDITOR = "nvim";
VISUAL = "nvim";
BROWSER = "firefox";
};
systemPackages = with pkgs; [
vim
git
killall
pciutils
usbutils
wget
bind
dig
agenix.packages.${pkgs.system}.default
cryptsetup
powerline
powerline-fonts
powerline-symbols
tree
direnv
linuxPackages_latest.cpupower
btop
];
};
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
};
programs.zsh.enable = true;
nix = {
settings = {
auto-optimise-store = true;
allowed-users = [ "@wheel" ];
};
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
package = pkgs.nixVersions.stable;
extraOptions = ''
experimental-features = nix-command flakes
'';
};
nixpkgs.config.allowUnfree = true;
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
];
security = {
sudo.execWheelOnly = true;
rtkit.enable = true;
pki.certificateFiles = [
./rootCA.pem
];
};
system = {
stateVersion = "23.05";
autoUpgrade = {
flake = "git+https://git.kabtop.de/Kabbone/nixos-config";
randomizedDelaySec = "5m";
allowReboot = true;
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
};
};
}

214
hosts/configuration_desktop.nix
View File

@@ -1,201 +1,61 @@
#
# Main system configuration. More information available in configuration.nix(5) man page.
#
# flake.nix
# ├─ ./hosts
# │ └─ configuration.nix *
# └─ ./modules
# └─ ./editors
# └─ ./nvim
# └─ default.nix
# Desktop/laptop configuration. Imports configuration_common.nix for shared settings.
# Host-specific window manager and hardware configs are imported per-host.
#
{ config, lib, pkgs, pkgs-stable, inputs, user, location, agenix, ... }:
{
imports = # Import window or display manager.
[
#../modules/editors/nvim # ! Comment this out on first install !
];
users.users.${user} = { # System User
isNormalUser = true;
extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" "dialout" "tss" ];
shell = pkgs.zsh; # Default shell
uid = 2000;
# initialPassword = "password95";
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de"
];
};
time.timeZone = "Europe/Berlin"; # Time zone and internationalisation
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = { # Extra locale settings that need to be overwritten
LC_TIME = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us"; # or us/azerty/etc
};
security = {
pam.services.login.enableGnomeKeyring = true;
rtkit.enable = true;
pki.certificateFiles = [
./rootCA.pem
];
#tpm2 = {
# enable = true;
# pkcs11.enable = true;
# tctiEnvironment.enable = true;
# };
};
#sound = { # ALSA sound enable
## #enable = true;
# mediaKeys = { # Keyboard Media Keys (for minimal desktop) enable = true;
# enable = true;
# };
#};
fonts.packages = with pkgs; [ # Fonts
carlito # NixOS
vegur # NixOS
source-code-pro
font-awesome # Icons
hack-font
corefonts # MS
intel-one-mono
cascadia-code
imports = [
./configuration_common.nix
];
environment = {
variables = {
TERMINAL = "alacritty";
EDITOR = "nvim";
VISUAL = "nvim";
BROWSER = "firefox";
};
systemPackages = (with pkgs; [ # Default packages install system-wide
vim
git
killall
pciutils
usbutils
wget
file
powertop
cpufrequtils
lm_sensors
libva-utils
at-spi2-core
bind
dig
qmk-udev-rules
gptfdisk
agenix.packages.x86_64-linux.default
age-plugin-yubikey
pwgen
cryptsetup
powerline
powerline-fonts
powerline-symbols
tree
direnv
linuxPackages_latest.cpupower
linuxPackages_latest.turbostat
btop
sbctl
ausweisapp
e2fsprogs
])
++
(with pkgs-stable; [
orca-slicer
]);
users.users.${user} = {
isNormalUser = true;
uid = 2000;
extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" "dialout" "tss" ];
};
security.pam.services.login.enableGnomeKeyring = true;
environment.systemPackages = with pkgs; [
file
powertop
cpufrequtils
lm_sensors
libva-utils
at-spi2-core
qmk-udev-rules
gptfdisk
age-plugin-yubikey
pwgen
sbctl
ausweisapp
e2fsprogs
] ++ (with pkgs-stable; [
orca-slicer
]);
nixpkgs.config.permittedInsecurePackages = [
"mbedtls-2.28.10"
];
services = {
pipewire = { # Sound
pipewire = {
enable = true;
alsa = {
enable = true;
# support32Bit = true;
};
alsa.enable = true;
pulse.enable = true;
wireplumber.enable = true;
};
openssh = { # SSH: secure shell (remote connection to shell of server)
enable = true; # local: $ ssh <user>@<ip>
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
# extraConfig = ''
# HostKeyAlgorithms +ssh-rsa
# ''; # Temporary extra config so ssh will work in guacamole
};
pcscd.enable = true;
yubikey-agent.enable = true;
udev.packages = [ pkgs.yubikey-personalization pkgs.nitrokey-udev-rules ];
flatpak.enable = true; # download flatpak file from website - sudo flatpak install <path> - reboot if not showing up
# sudo flatpak uninstall --delete-data <app-id> (> flatpak list --app) - flatpak uninstall --unused
# List:
# com.obsproject.Studio
# com.parsecgaming.parsec
# com.usebottles.bottles
flatpak.enable = true;
gvfs.enable = true;
fwupd.enable = true;
};
programs = { # No xbacklight, this is the alterantive
zsh.enable = true;
dconf.enable = true;
};
programs.dconf.enable = true;
nix = { # Nix Package Manager settings
settings ={
auto-optimise-store = true; # Optimise syslinks
};
gc = { # Automatic garbage collection
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
package = pkgs.nixVersions.stable; # Enable nixFlakes on system
extraOptions = ''
experimental-features = nix-command flakes
'';
};
nixpkgs.config.allowUnfree = true; # Allow proprietary software.
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
"mbedtls-2.28.10"
];
system = { # NixOS settings
autoUpgrade = { # Allow auto update
enable = false;
flake = "git+https://git.kabtop.de/Kabbone/nixos-config";
randomizedDelaySec = "5m";
allowReboot = true;
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
#channel = "https://nixos.org/channels/nixos-unstable";
};
stateVersion = "23.05";
};
system.autoUpgrade.enable = false;
}

157
hosts/configuration_server.nix
View File

@@ -1,155 +1,38 @@
#
# Main system configuration. More information available in configuration.nix(5) man page.
#
# flake.nix
# ├─ ./hosts
# │ └─ configuration.nix *
# └─ ./modules
# └─ ./editors
# └─ ./nvim
# └─ default.nix
# Server configuration. Imports configuration_common.nix for shared settings.
# Service modules are imported per-host.
#
{ config, lib, pkgs, inputs, user, location, agenix, ... }:
{
imports = # Import window or display manager.
[
#../modules/editors/nvim # ! Comment this out on first install !
];
imports = [
./configuration_common.nix
];
users.users.${user} = { # System User
users.users.${user} = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" ];
shell = pkgs.zsh; # Default shell
uid = 3000;
# initialPassword = "password95";
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de"
];
};
security.sudo.wheelNeedsPassword = true; # User does not need to give password when using sudo.
time.timeZone = "Europe/Berlin"; # Time zone and internationalisation
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = { # Extra locale settings that need to be overwritten
LC_TIME = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
};
extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" ];
};
console = {
font = "Lat2-Terminus16";
keyMap = "us"; # or us/azerty/etc
};
security.sudo.wheelNeedsPassword = true;
security = {
rtkit.enable = true;
pki.certificateFiles = [
./rootCA.pem
];
};
fonts.packages = with pkgs; [ # Fonts
carlito # NixOS
vegur # NixOS
source-code-pro
font-awesome # Icons
hack-font
corefonts # MS
intel-one-mono
cascadia-code
environment.systemPackages = with pkgs; [
ffmpeg
smartmontools
htop
];
environment = {
variables = {
TERMINAL = "alacritty";
EDITOR = "nvim";
VISUAL = "nvim";
BROWSER = "firefox";
};
systemPackages = with pkgs; [ # Default packages install system-wide
vim
git
killall
pciutils
usbutils
wget
powertop
cpufrequtils
lm_sensors
bind
dig
agenix.packages.x86_64-linux.default
ffmpeg
smartmontools
cryptsetup
powerline
powerline-fonts
powerline-symbols
tree
direnv
linuxPackages_latest.cpupower
btop
htop
];
services.openssh = {
ports = [ 2220 ];
openFirewall = true;
};
services = {
openssh = { # SSH: secure shell (remote connection to shell of server)
enable = true; # local: $ ssh <user>@<ip>
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
ports = [ 2220 ];
openFirewall = true;
};
nix.extraOptions = ''
keep-outputs = true
keep-derivations = true
'';
#flatpak.enable = true; # download flatpak file from website - sudo flatpak install <path> - reboot if not showing up
# sudo flatpak uninstall --delete-data <app-id> (> flatpak list --app) - flatpak uninstall --unused
};
programs = {
zsh.enable = true;
};
nix = { # Nix Package Manager settings
settings ={
auto-optimise-store = true; # Optimise syslinks
};
gc = { # Automatic garbage collection
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
package = pkgs.nixVersions.stable; # Enable nixFlakes on system
extraOptions = ''
experimental-features = nix-command flakes
keep-outputs = true
keep-derivations = true
'';
};
nixpkgs.config.allowUnfree = true; # Allow proprietary software.
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
];
system = { # NixOS settings
autoUpgrade = { # Allow auto update
enable = true;
flake = "git+https://git.kabtop.de/Kabbone/nixos-config";
randomizedDelaySec = "5m";
allowReboot = true;
rebootWindow = {
lower = "02:00";
upper = "05:00";
};
};
stateVersion = "23.05";
};
system.autoUpgrade.enable = true;
}

177
hosts/default.nix
View File

@@ -1,48 +1,55 @@
#
# These are the different profiles that can be used when building NixOS.
#
# flake.nix
# └─ ./hosts
# flake.nix
# └─ ./hosts
# ├─ default.nix *
# ├─ configuration.nix
# ├─ configuration_common.nix
# ├─ configuration_desktop.nix
# ├─ configuration_server.nix
# ├─ home.nix
# └─ ./desktop OR ./laptop OR ./vm
# ├─ ./default.nix
# └─ ./home.nix
# └─ ./home.nix
#
{ lib, inputs, nixpkgs, nixpkgs-unstable, nixos-hardware, home-manager, home-manager-unstable, agenix, jovian-nixos, microvm, impermanence, lanzaboote, ... }:
let
user = "kabbone";
userdmz = "diablo";
userserver = "mephisto";
location = "$HOME/.setup";
location = builtins.getEnv "HOME" + "/.setup";
system = "x86_64-linux"; # System architecture
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true; # Allow proprietary software
config.allowUnfree = true;
};
pkgs-unstable = import nixpkgs-unstable {
inherit system;
config.allowUnfree = true; # Allow proprietary software
config.allowUnfree = true;
};
pkgs-stable = import nixpkgs {
inherit system;
config.allowUnfree = true; # Allow proprietary software
};
pkgs-stable = pkgs;
pkgs-kabbone = import ../packages {
inherit system;
inherit pkgs;
};
lib = nixpkgs.lib;
users.defaultShell = "pkgs.zsh";
# Helper: returns [hm-module, config-attrset] for the modules list.
# hm - the home-manager flake input to use (stable or unstable)
# hmImports - list of home.nix paths for this host
mkHM = hm: hmImports: [
hm.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user}.imports = hmImports;
}
];
in
{
@@ -55,22 +62,11 @@ in
lanzaboote.nixosModules.lanzaboote
./desktop
./configuration_desktop.nix
../modules/hardware/hydraCache.nix
../modules/hardware/remoteBuilder.nix
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd
nixos-hardware.nixosModules.common-pc-ssd
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home.nix)] ++ [(import ./desktop/home.nix)];
};
}
];
] ++ (mkHM home-manager [ ./home.nix ./desktop/home.nix ]);
};
lifebook = lib.nixosSystem { # Laptop profile
@@ -81,19 +77,9 @@ in
lanzaboote.nixosModules.lanzaboote
./lifebook
./configuration_desktop.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home.nix)] ++ [(import ./lifebook/home.nix)];
};
}
];
] ++ (mkHM home-manager [ ./home.nix ./lifebook/home.nix ]);
};
steamdeck = nixpkgs-unstable.lib.nixosSystem { # steamdeck profile
@@ -105,151 +91,81 @@ in
lanzaboote.nixosModules.lanzaboote
./steamdeck
./configuration_desktop.nix
../modules/hardware/hydraCache.nix
home-manager-unstable.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home.nix)] ++ [(import ./steamdeck/home.nix)];
};
}
];
] ++ (mkHM home-manager-unstable [ ./home.nix ./steamdeck/home.nix ]);
};
kabtop = lib.nixosSystem { # Desktop profile
kabtop = lib.nixosSystem { # Server profile
inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs pkgs-unstable impermanence; };
specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
modules = [
agenix.nixosModules.default
microvm.nixosModules.host
./kabtop
./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-pc-ssd
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./kabtop/home.nix)];
};
}
];
] ++ (mkHM home-manager [ ./home_server.nix ./kabtop/home.nix ]);
};
nasbak = lib.nixosSystem { # Desktop profile
nasbak = lib.nixosSystem { # Server profile
inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix; };
modules = [
agenix.nixosModules.default
./nasbackup
./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./nasbackup/home.nix)];
};
}
];
] ++ (mkHM home-manager [ ./home_server.nix ./nasbackup/home.nix ]);
};
jupiter = lib.nixosSystem { # Desktop profile
jupiter = lib.nixosSystem { # Server profile
inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix pkgs-kabbone; };
modules = [
agenix.nixosModules.default
./jupiter
./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./jupiter/home.nix)];
};
}
];
] ++ (mkHM home-manager [ ./home_server.nix ./jupiter/home.nix ]);
};
kabtopci = lib.nixosSystem { # Desktop profile
kabtopci = lib.nixosSystem { # Server profile
inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; };
specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
modules = [
agenix.nixosModules.default
microvm.nixosModules.host
./kabtopci
./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-pc-ssd
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./kabtopci/home.nix)];
};
}
];
] ++ (mkHM home-manager [ ./home_server.nix ./kabtopci/home.nix ]);
};
kubemaster-1 = lib.nixosSystem { # Desktop profile
kubemaster-1 = lib.nixosSystem { # Server profile
inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; };
specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
modules = [
agenix.nixosModules.default
microvm.nixosModules.host
./kubemaster-1
./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./kubemaster-1/home.nix)];
};
}
];
] ++ (mkHM home-manager [ ./home_server.nix ./kubemaster-1/home.nix ]);
};
dmz = lib.nixosSystem { # Desktop profile
dmz = lib.nixosSystem { # Server profile
inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; };
specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
modules = [
agenix.nixosModules.default
microvm.nixosModules.host
./dmz
./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-pc-ssd
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./dmz/home.nix)];
};
}
];
] ++ (mkHM home-manager [ ./home_server.nix ./dmz/home.nix ]);
};
# vm = lib.nixosSystem { # VM profile
@@ -259,14 +175,7 @@ in
# ./vm
# ./configuration.nix
#
# home-manager.nixosModules.home-manager {
# home-manager.useGlobalPkgs = true;
# home-manager.useUserPackages = true;
# home-manager.extraSpecialArgs = { inherit user; };
# home-manager.users.${user} = {
# imports = [(import ./home.nix)] ++ [(import ./vm/home.nix)];
# };
# }
# (mkHM home-manager [ ./home.nix ./vm/home.nix ])
# ];
# };
}

1
hosts/home.nix
View File

@@ -47,6 +47,7 @@
screen
yubioath-flutter
nitrokey-app
claude-code
tailscale
wireguard-tools

2
modules/editors/nvim/default.nix
View File

@@ -17,6 +17,8 @@
vimAlias = true;
vimdiffAlias = true;
withNodeJs = true;
withRuby = true;
withPython3 = true;
# plugins = with pkgs.vimPlugins; [
#

18
modules/wm/default.nix
View File

@@ -1,16 +1,16 @@
{ pkgs, lib, config, ... }:
with lib;
{
# NOTE: Dynamic imports based on option values are not supported in NixOS modules.
# To conditionally load a WM, either import all WM modules and use mkIf in each,
# or select the WM module directly in the host configuration.
imports = [];
options = {
desktop = {
wm = lib.mkOption { type = types.str; default = "sway"; };
taskbar = lib.mkOption { type = types.str; default = "waybar"; };
launcher = lib.mkOption { type = types.str; default = "bemenu"; };
wm = mkOption { type = types.str; default = "sway"; };
taskbar = mkOption { type = types.str; default = "waybar"; };
launcher = mkOption { type = types.str; default = "bemenu"; };
};
};
config = {
imports =
(import ./ + (desktop.wm)) ++
};
}

2
overlays/default.nix
View File

@@ -1,6 +1,6 @@
{inputs, ...}: {
# This one brings our custom packages from the 'pkgs' directory
additions = final: _prev: import ../pkgs {pkgs = final;};
additions = final: _prev: import ../packages {pkgs = final;};
modifications = final: prev: {
mealie = final.unstable.mealie;

1
result Symbolic link
View File

@@ -0,0 +1 @@
/nix/store/0j8av8h7rid2p83sdzbb5bi0x1ldfd9p-nixos-system-hades-25.11.20260415.1766437

18
systemSettings.nix
View File

@@ -1,18 +0,0 @@
# options for systemsettings
{ pkgs, lib, config, ... }:
{
options = {
systemSettings.enable = lib.mkEnableOption "enables standard systemsettings";
};
config = lib.mkIf config.systemSettings.enable {
system = lib.mkDefault "x86_64-linux";
profile = lib.mkDefault "personal";
timezone = "Europe/Berlin";
locale = "en_US.UTF-8";
bootMode = lib.mkDefault "uefi";
bootMountPath = "/boot";
};
}