Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Kabbone:ea0beb96735eedc69e15576a9b5668a0ad940115
Branches Tags
Kabbone:main Kabbone:refactor
...
compare: Kabbone:main
Branches Tags
Kabbone:main Kabbone:refactor

46 Commits
ea0beb9673 ... main

Author SHA1 Message Date
Kabbone
f6aa846798 flake update 2026-01-30 12:33:24 +01:00
Kabbone
31691c17fb noctalia: add pwvucontrol 2026-01-30 12:28:43 +01:00
Kabbone
920876d436 flake update 2026-01-23 13:00:48 +01:00
Kabbone
f68bfe1ab6 flake update 2026-01-11 09:08:48 +01:00
Kabbone
9c4168dc5b flake update and uncomment zsh config 2026-01-05 08:28:33 +01:00
Kabbone
86f76f418a lifebook: enable virutalisation 2025-12-29 20:33:48 +01:00
Kabbone
1fed2ab17c flake update and correcting microvm url 2025-12-29 15:29:34 +01:00
Kabbone
4cc6f0d183 add cloud-hypervisor and small niri floating fix 2025-12-29 15:29:12 +01:00
Kabbone
fdf38fdfae flake update 2025-12-28 16:39:47 +01:00
Kabbone
7559b4354c fix niri home import 2025-12-28 16:39:34 +01:00
Kabbone
e912b656a3 niri final touches on desktop 2025-12-27 15:56:43 +01:00
Kabbone
b62c5850dc initial niri config 2025-12-26 18:51:26 +01:00
Kabbone
ab6e1aa16e set environment for niri and cleanups 2025-12-26 17:54:45 +01:00
Kabbone
77b5652449 flake update 2025-12-26 12:59:13 +01:00
Kabbone
726e4e9432 add wallpaper 2025-12-26 12:38:25 +01:00
Kabbone
95e20a7dfe fix zsh ini for Wayland 2025-12-26 12:29:27 +01:00
Kabbone
e14992e9fd noctalia configuration and basic niri setup 2025-12-26 12:28:22 +01:00
Kabbone
c1f4c25cb6 lifebook: move to niri 
disable ssh agent in desktop config
 2025-12-23 14:29:54 +01:00
Kabbone
1dc51c4bc4 lifebook: switch to xe 2025-12-23 10:39:41 +01:00
Kabbone
ef662a0cab disable privacyextension on jupiter 2025-12-23 09:37:50 +01:00
Kabbone
bebe13d760 give hosts dns domain list 2025-12-22 12:41:31 +01:00
Kabbone
4c21950c3a flake update 
remove nbf5
 2025-12-22 10:47:57 +01:00
Kabbone
ac664dce9b flake update 2025-12-13 10:30:58 +01:00
Kabbone
a9d12ea535 enable imaginary and cleanup 2025-12-07 11:53:30 +01:00
Kabbone
1827e4eebf remove whiteboard collab 2025-12-07 11:43:17 +01:00
Kabbone
861dd0bab4 update to nextcloud32 and enable whiteboard 2025-12-07 11:24:36 +01:00
Kabbone
55342f4912 update to 25.11 with config changes 2025-12-06 16:48:39 +01:00
Kabbone
01e47e808e flake update 2025-11-30 18:02:54 +01:00
Kabbone
76774565a9 flake update 2025-11-23 11:01:03 +01:00
Kabbone
e288514e33 flake update 2025-11-15 19:57:16 +01:00
Kabbone
4e4b696177 fix element window on specific workspace 2025-11-15 19:53:10 +01:00
Kabbone
c83ec90489 move back to element 2025-11-13 19:44:46 +01:00
Kabbone
d71af6a1c9 flake update 2025-11-13 15:50:50 +01:00
Kabbone
35d2f5afe0 update flake and some update fixes 2025-11-02 16:05:39 +01:00
Kabbone
d69e4f2d3e openrgb need insecure package 2025-10-26 15:54:43 +01:00
Kabbone
8300a32027 flake update 
add nheko instead of element
 2025-10-26 15:45:57 +01:00
Kabbone
9108daaffb server: mealie: use unstable 2025-10-19 13:08:48 +02:00
Kabbone
2a3079f35e desktop: move to nheko with gnome-keyring 2025-10-18 14:58:03 +02:00
Kabbone
687fd92a94 new flake structure and overlays for unstable 2025-10-18 14:55:26 +02:00
Kabbone
e8c9cd32fd flake update 2025-10-14 20:05:37 +02:00
Kabbone
675e3cfb86 nas: syncthing: correct nginx settings 2025-10-12 18:17:51 +02:00
Kabbone
9a593ba9a1 syncthing: add lifebook key 2025-10-12 18:13:12 +02:00
Kabbone
bc7fbcfc7d lifebook: start syncthing 2025-10-12 18:04:45 +02:00
Kabbone
a43fdc77f8 hades: start syncthing 2025-10-12 17:58:15 +02:00
Kabbone
c2f53e4533 hades: start syncthing 2025-10-12 17:54:23 +02:00
Kabbone
43cfd4b6d3 nas: start syncthing 2025-10-12 17:34:32 +02:00
43 changed files with 1374 additions and 514 deletions
Expand all files Collapse all files

3
.gitattributes vendored Normal file
View File

@@ -0,0 +1,3 @@
*.jpg filter=lfs diff=lfs merge=lfs -text
*.svg filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text

254
flake.lock generated
View File

@@ -10,11 +10,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1754433428,
"narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=",
"lastModified": 1762618334,
"narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=",
"owner": "ryantm",
"repo": "agenix",
"rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d",
"rev": "fcdea223397448d35d9b31f798479227e80183f6",
"type": "github"
},
"original": {
@@ -25,11 +25,11 @@
},
"crane": {
"locked": {
"lastModified": 1754269165,
"narHash": "sha256-0tcS8FHd4QjbCVoxN9jI+PjHgA4vc/IjkUSp+N3zy0U=",
"lastModified": 1769287525,
"narHash": "sha256-gABuYA6BzoRMLuPaeO5p7SLrpd4qExgkwEmYaYQY4bM=",
"owner": "ipetkov",
"repo": "crane",
"rev": "444e81206df3f7d92780680e45858e31d2f07a08",
"rev": "0314e365877a85c9e5758f9ea77a9972afbb4c21",
"type": "github"
},
"original": {
@@ -63,63 +63,24 @@
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"lastModified": 1767039857,
"narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
"owner": "NixOS",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
"type": "github"
},
"original": {
"owner": "edolstra",
"owner": "NixOS",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"lanzaboote",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754091436,
"narHash": "sha256-XKqDMN1/Qj1DKivQvscI4vmHfDfvYR2pfuFOJiCeewM=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "67df8c627c2c39c41dbec76a1f201929929ab0bd",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"lanzaboote",
"pre-commit-hooks-nix",
"pre-commit",
"nixpkgs"
]
},
@@ -165,11 +126,11 @@
]
},
"locked": {
"lastModified": 1760130406,
"narHash": "sha256-GKMwBaFRw/C1p1VtjDz4DyhyzjKUWyi1K50bh8lgA2E=",
"lastModified": 1769723138,
"narHash": "sha256-kgkwjs33YfJasADIrHjHcTIDs3wNX0xzJhnUP+oldEw=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "d305eece827a3fe317a2d70138f53feccaf890a1",
"rev": "175532b6275b34598a0ceb1aef4b9b4006dd4073",
"type": "github"
},
"original": {
@@ -185,27 +146,52 @@
]
},
"locked": {
"lastModified": 1758463745,
"narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=",
"lastModified": 1769580047,
"narHash": "sha256-tNqCP/+2+peAXXQ2V8RwsBkenlfWMERb+Uy6xmevyhM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3",
"rev": "366d78c2856de6ab3411c15c1cb4fb4c2bf5c826",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.11",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_3": {
"inputs": {
"nixpkgs": [
"impermanence",
"nixpkgs"
]
},
"locked": {
"lastModified": 1768598210,
"narHash": "sha256-kkgA32s/f4jaa4UG+2f8C225Qvclxnqs76mf8zvTVPg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "c47b2cc64a629f8e075de52e4742de688f930dc6",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.05",
"repo": "home-manager",
"type": "github"
}
},
"impermanence": {
"inputs": {
"home-manager": "home-manager_3",
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1737831083,
"narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=",
"lastModified": 1769548169,
"narHash": "sha256-03+JxvzmfwRu+5JafM0DLbxgHttOQZkUtDWBmeUkN8Y=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170",
"rev": "7b1d382faf603b6d264f58627330f9faa5cba149",
"type": "github"
},
"original": {
@@ -222,11 +208,11 @@
]
},
"locked": {
"lastModified": 1759815224,
"narHash": "sha256-HbdOyjqHm38j6o5mV24i0bn+r5ykS+VJBnWJuZ0fE+A=",
"lastModified": 1769596123,
"narHash": "sha256-kcElu+HiwNIJiaNH41IdemFaaGyU3TqI4ebx5CQMHFs=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "ee974f496a080c61b3164992c850f43741edcc52",
"rev": "d6bf85533180720680544a0791c7334e315c4fd6",
"type": "github"
},
"original": {
@@ -238,20 +224,18 @@
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
],
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"pre-commit": "pre-commit",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1756744479,
"narHash": "sha256-EyZXusK/wRD3V9vDh00W2Re3Eg8UQ+LjVBQrrH9dq1U=",
"lastModified": 1769417433,
"narHash": "sha256-0WZ7I/N9InaBHL96/qdiJxg8mqFW3vRla8Z062JmQFE=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "747b7912f49e2885090c83364d88cf853a020ac1",
"rev": "1902463415745b992dbaf301b2a35a1277be1584",
"type": "github"
},
"original": {
@@ -263,22 +247,21 @@
},
"microvm": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
],
"spectrum": "spectrum"
},
"locked": {
"lastModified": 1760115376,
"narHash": "sha256-DCKRMxudVOddhA0AlDmRLeoUmPONkUBYv1MiK7mWbY8=",
"owner": "astro",
"lastModified": 1769624238,
"narHash": "sha256-qeXiVWfblS5w/gxwklncxfXPrdpyPJ3OGvgXKekXzaM=",
"owner": "microvm-nix",
"repo": "microvm.nix",
"rev": "5103fad040940b6b01891ed44b1d8bebd71249c6",
"rev": "43406f57d740f96428a8df14d2fba80f437ca79a",
"type": "github"
},
"original": {
"owner": "astro",
"owner": "microvm-nix",
"repo": "microvm.nix",
"type": "github"
}
@@ -307,11 +290,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1760106635,
"narHash": "sha256-2GoxVaKWTHBxRoeUYSjv0AfSOx4qw5CWSFz2b+VolKU=",
"lastModified": 1769302137,
"narHash": "sha256-QEDtctEkOsbx8nlFh4yqPEOtr4tif6KTqWwJ37IM2ds=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "9ed85f8afebf2b7478f25db0a98d0e782c0ed903",
"rev": "a351494b0e35fd7c0b7a1aae82f0afddf4907aa8",
"type": "github"
},
"original": {
@@ -323,27 +306,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1759994382,
"narHash": "sha256-wSK+3UkalDZRVHGCRikZ//CyZUJWDJkBDTQX1+G77Ow=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5da4a26309e796daa7ffca72df93dbe53b8164c7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1760038930,
"narHash": "sha256-Oncbh0UmHjSlxO7ErQDM3KM0A5/Znfofj2BSzlHLeVw=",
"lastModified": 1768564909,
"narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "0b4defa2584313f3b781240b29d61f6f9f7e0df3",
"rev": "e4bae1bd10c9c57b2cf517953ab70060a828ee6f",
"type": "github"
},
"original": {
@@ -353,12 +320,61 @@
"type": "github"
}
},
"pre-commit-hooks-nix": {
"nixpkgs-unstable": {
"locked": {
"lastModified": 1769461804,
"narHash": "sha256-msG8SU5WsBUfVVa/9RPLaymvi5bI8edTavbIq3vRlhI=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "bfc1b8a4574108ceef22f02bafcf6611380c100d",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1769598131,
"narHash": "sha256-e7VO/kGLgRMbWtpBqdWl0uFg8Y2XWFMdz0uUJvlML8o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fa83fd837f3098e3e678e6cf017b2b36102c7211",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"noctalia": {
"inputs": {
"flake-compat": [
"lanzaboote",
"flake-compat"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1769743095,
"narHash": "sha256-yZ1bR3ducegfyauYnZ6JRbLQnIwxMWM7P2PioyEtsMk=",
"owner": "noctalia-dev",
"repo": "noctalia-shell",
"rev": "4dea7d37801d705cf977ce69fd3ee87a3c995fe5",
"type": "github"
},
"original": {
"owner": "noctalia-dev",
"repo": "noctalia-shell",
"type": "github"
}
},
"pre-commit": {
"inputs": {
"flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
@@ -366,11 +382,11 @@
]
},
"locked": {
"lastModified": 1750779888,
"narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=",
"lastModified": 1769069492,
"narHash": "sha256-Efs3VUPelRduf3PpfPP2ovEB4CXT7vHf8W+xc49RL/U=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
"rev": "a1ef738813b15cf8ec759bdff5761b027e3e1d23",
"type": "github"
},
"original": {
@@ -389,8 +405,9 @@
"lanzaboote": "lanzaboote",
"microvm": "microvm",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"nixpkgs-unstable": "nixpkgs-unstable"
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"noctalia": "noctalia"
}
},
"rust-overlay": {
@@ -401,11 +418,11 @@
]
},
"locked": {
"lastModified": 1754189623,
"narHash": "sha256-fstu5eb30UYwsxow0aQqkzxNxGn80UZjyehQVNVHuBk=",
"lastModified": 1769309768,
"narHash": "sha256-AbOIlNO+JoqRJkK1VrnDXhxuX6CrdtIu2hSuy4pxi3g=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "c582ff7f0d8a7ea689ae836dfb1773f1814f472a",
"rev": "140c9dc582cb73ada2d63a2180524fcaa744fad5",
"type": "github"
},
"original": {
@@ -444,21 +461,6 @@
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",

96
flake.nix
View File

@@ -9,21 +9,20 @@
{
description = "Kabbone's peronal NixOS Flake config";
inputs = # All flake references used to build my NixOS setup. These are dependencies.
{
inputs = {
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # Nix Packages
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
microvm = {
url = "github:astro/microvm.nix";
url = "github:microvm-nix/microvm.nix";
inputs.nixpkgs.follows = "nixpkgs";
};
impermanence.url = "github:nix-community/impermanence";
home-manager = { # User Package Management
url = "github:nix-community/home-manager/release-25.05";
url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs";
};
@@ -47,28 +46,69 @@
inputs.nixpkgs.follows = "nixpkgs";
};
noctalia = {
url = "github:noctalia-dev/noctalia-shell";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = {
self,
nixpkgs,
nixpkgs-unstable,
nixos-hardware,
home-manager,
home-manager-unstable,
agenix,
jovian-nixos,
microvm,
impermanence,
lanzaboote,
...
} @ inputs: rec {
inherit (self) outputs;
systems = [
# "aarch64-linux"
"x86_64-linux"
];
forAllSystems = nixpkgs.lib.genAttrs systems;
#in {
# Your custom packages
# Accessible through 'nix build', 'nix shell', etc
packages = forAllSystems (system: import ./packages nixpkgs.legacyPackages.${system});
# Formatter for your nix files, available through 'nix fmt'
# Other options beside 'alejandra' include 'nixpkgs-fmt'
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
# Your custom packages and modifications, exported as overlays
overlays = import ./overlays {inherit inputs;};
# Reusable nixos modules you might want to export
# These are usually stuff you would upstream into nixpkgs
#nixosModules = import ./modules/kabbone;
# Reusable home-manager modules you might want to export
# These are usually stuff you would upstream into home-manager
#homeManagerModules = import ./modules/home-manager;
nixosConfigurations = ( # NixOS configurations
import ./hosts { # Imports ./hosts/default.nix
inherit (nixpkgs) lib;
inherit inputs nixpkgs nixpkgs-unstable nixos-hardware home-manager home-manager-unstable agenix jovian-nixos microvm impermanence lanzaboote; # Also inherit home-manager so it does not need to be defined here.
nix.allowedUsers = [ "@wheel" ];
security.sudo.execWheelOnly = true;
}
);
hydraJobs = {
"steamdeck" = nixosConfigurations.steamdeck.config.system.build.toplevel;
"hades" = nixosConfigurations.hades.config.system.build.toplevel;
"nasbak" = nixosConfigurations.nasbak.config.system.build.toplevel;
"jupiter" = nixosConfigurations.jupiter.config.system.build.toplevel;
"lifebook" = nixosConfigurations.lifebook.config.system.build.toplevel;
"kabtop" = nixosConfigurations.kabtop.config.system.build.toplevel;
"dmz" = nixosConfigurations.dmz.config.system.build.toplevel;
};
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, nixos-hardware, home-manager, home-manager-unstable, agenix, jovian-nixos, microvm, impermanence, lanzaboote, ... }: # Function that tells my flake which to use and what do what to do with the dependencies.
rec {
nixosConfigurations = ( # NixOS configurations
import ./hosts { # Imports ./hosts/default.nix
inherit (nixpkgs) lib;
inherit inputs nixpkgs nixpkgs-unstable nixos-hardware home-manager home-manager-unstable agenix jovian-nixos microvm impermanence lanzaboote; # Also inherit home-manager so it does not need to be defined here.
nix.allowedUsers = [ "@wheel" ];
security.sudo.execWheelOnly = true;
}
);
hydraJobs = {
"steamdeck" = nixosConfigurations.steamdeck.config.system.build.toplevel;
"hades" = nixosConfigurations.hades.config.system.build.toplevel;
"nasbak" = nixosConfigurations.nasbak.config.system.build.toplevel;
"jupiter" = nixosConfigurations.jupiter.config.system.build.toplevel;
"lifebook" = nixosConfigurations.lifebook.config.system.build.toplevel;
"kabtop" = nixosConfigurations.kabtop.config.system.build.toplevel;
"dmz" = nixosConfigurations.dmz.config.system.build.toplevel;
};
};
};
}

14
hosts/configuration_desktop.nix
View File

@@ -47,6 +47,7 @@
};
security = {
pam.services.login.enableGnomeKeyring = true;
rtkit.enable = true;
pki.certificateFiles = [
./rootCA.pem
@@ -160,18 +161,9 @@
programs = { # No xbacklight, this is the alterantive
zsh.enable = true;
dconf.enable = true;
ssh = {
startAgent = true;
agentTimeout = "1h";
};
};
#xdg.portal = { # Required for flatpak
# enable = true;
# extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
#};
nix = { # Nix Package Manager settings
settings ={
auto-optimise-store = true; # Optimise syslinks
@@ -187,6 +179,10 @@
'';
};
nixpkgs.config.allowUnfree = true; # Allow proprietary software.
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
"mbedtls-2.28.10"
];
system = { # NixOS settings
autoUpgrade = { # Allow auto update

24
hosts/default.nix
View File

@@ -96,28 +96,6 @@ in
];
};
nbf5 = lib.nixosSystem { # Laptop profile
inherit system;
specialArgs = { inherit inputs pkgs-stable user location nixos-hardware agenix; };
modules = [
agenix.nixosModules.default
./nbf5
./configuration_server.nix
../modules/hardware/hydraCache.nix
nixos-hardware.nixosModules.common-cpu-intel
nixos-hardware.nixosModules.common-pc-ssd
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit user; };
home-manager.users.${user} = {
imports = [(import ./home_server.nix)] ++ [(import ./nbf5/home.nix)];
};
}
];
};
steamdeck = nixpkgs-unstable.lib.nixosSystem { # steamdeck profile
inherit system;
specialArgs = { inherit inputs pkgs-stable user location nixos-hardware agenix jovian-nixos lanzaboote; };
@@ -165,7 +143,7 @@ in
kabtop = lib.nixosSystem { # Desktop profile
inherit system;
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs impermanence; };
specialArgs = { inherit inputs user location nixos-hardware agenix nixpkgs pkgs-unstable impermanence; };
modules = [
agenix.nixosModules.default
microvm.nixosModules.host

31
hosts/desktop/default.nix
View File

@@ -17,12 +17,12 @@
# └─ default.nix
#
{ config, nixpkgs, pkgs, user, lib, pkgs-kabbone, ... }:
{ inputs, lib, config, pkgs, user, nixpkgs, pkgs-kabbone, ... }:
{
imports = # For now, if applying to other system, swap files
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix
[(import ../../modules/wm/sway/default.nix)] ++ # Window Manager
[(import ../../modules/wm/niri/default.nix)] ++ # Window Manager
(import ../../modules/wm/virtualisation) ++ # libvirt + Docker
[(import ../../modules/wm/virtualisation/kvm-amd.nix)] ++ # kvm module options
#[(import ../../modules/kabbone/corosync-qdevice.nix)] ++ # corosync qdevice quorum
@@ -57,7 +57,7 @@
environment = {
systemPackages = [
pkgs.linux-firmware
pkgs-kabbone.corosync-qdevice
#pkgs-kabbone.corosync-qdevice
];
};
@@ -77,7 +77,28 @@
enable = true;
motherboard = "amd";
};
syncthing = {
enable = true;
group = "users";
user = "kabbone";
dataDir = "/home/${config.services.syncthing.user}/Sync";
configDir = "/home/${config.services.syncthing.user}/.config/syncthing";
overrideDevices = true; # overrides any devices added or deleted through the WebUI
overrideFolders = true; # overrides any folders added or deleted through the WebUI
openDefaultPorts = true;
settings = {
devices = {
"jupiter.home.opel-online.de" = { id = "T53WU6Z-3NT74ZE-PZVZB2N-7FBTZ5K-HESC2ZM-W4ABDAS-NWXHTGI-ST4CDQR"; };
"lifebook.home.opel-online.de" = { id = "RKPZG3H-BDUZID3-DV26MKR-UOARIQC-JBCAFXP-J5QFM4H-5EGBSM5-VEGXHQ4"; };
};
folders = {
"Sync" = { # Name of folder in Syncthing, also the folder ID
path = "/home/${config.services.syncthing.user}/Sync"; # Which folder to add to Syncthing
devices = [ "jupiter.home.opel-online.de" "lifebook.home.opel-online.de" ]; # Which devices to share the folder with
ignorePerms = false; # By default, Syncthing doesn't sync file permissions. This line enables it for this folder.
};
};
};
};
};
}

3
hosts/desktop/home.nix
View File

@@ -17,7 +17,7 @@
imports =
[
#../../modules/wm/hyprland/home.nix # Window Manager
../../modules/wm/sway/home.nix # Window Manager
../../modules/wm/niri/home.nix # Window Manager
../../modules/home.nix # Window Manager
];
@@ -30,7 +30,6 @@
thunderbird
streamlink
streamlink-twitch-gui-bin
element-desktop
#nheko
pulsemixer
#yubioath-flutter

2
hosts/dmz/hardware-configuration.nix
View File

@@ -83,7 +83,7 @@
"10-lan" = {
matchConfig.Name = "ens18";
ntp = [ "192.168.101.1" ];
#domains = [ "home.opel-online.de" ];
domains = [ "home.opel-online.de" ];
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;

11
hosts/home.nix
View File

@@ -55,15 +55,17 @@
# Apps
galculator
tdesktop
telegram-desktop
hdparm
python3Full
python3
android-tools
calibre
mtpfs
vimiv-qt
freecad
discord
vesktop
element-desktop
# Fileanagement
kdePackages.ark
@@ -80,7 +82,6 @@
gimp
# Flatpak
prusa-slicer
#vscodium
(vscode-with-extensions.override {
vscode = vscodium;
@@ -89,8 +90,8 @@
github.copilot
#ms-python.python
ms-vscode.cpptools
dracula-theme.theme-dracula
catppuccin.catppuccin-vsc-icons
catppuccin.catppuccin-vsc
];
})

2
hosts/home_server.nix
View File

@@ -42,7 +42,7 @@
# Apps
hdparm
python3Full
python3
# File Management
rsync # Syncer $ rsync -r dir1/ dir2/

13
hosts/jupiter/hardware-configuration.nix
View File

@@ -195,10 +195,21 @@
"10-lan" = {
matchConfig.Name = "ens18";
ntp = [ "192.168.2.1" ];
#domains = [ "home.opel-online.de" ];
domains = [ "home.opel-online.de" ];
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;
IPv6PrivacyExtensions=false;
};
ipv6AcceptRAConfig = {
DHCPv6Client = "always";
UseDNS = true;
};
dhcpV4Config = {
UseDNS = true;
};
dhcpV6Config = {
UseDNS = true;
};
};
};

2
hosts/kabtop/default.nix
View File

@@ -17,7 +17,7 @@
# └─ default.nix
#
{ config, pkgs, user, agenix, impermanence, ... }:
{ config, pkgs, pkgs-unstable, user, agenix, impermanence, ... }:
{
imports = # For now, if applying to other system, swap files

2
hosts/kubemaster-1/hardware-configuration.nix
View File

@@ -83,7 +83,7 @@
"10-lan" = {
matchConfig.Name = "enp0s31f6";
ntp = [ "192.168.2.1" ];
#domains = [ "home.opel-online.de" ];
domains = [ "home.opel-online.de" ];
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;

34
hosts/lifebook/default.nix
View File

@@ -17,14 +17,13 @@
# └─ default.nix
#
{ lib, config, pkgs, user, ... }:
{ inputs, lib, config, pkgs, user, ... }:
{
imports = # For now, if applying to other system, swap files
[(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix
#[(import ../../modules/wm/hyprland/default.nix)] ++ # Window Manager
[(import ../../modules/wm/sway/default.nix)] ++ # Window Manager
[(import ../../modules/wm/virtualisation/docker.nix)] ++ # Docker
[(import ../../modules/wm/niri/default.nix)] ++ # Window Manager
(import ../../modules/wm/virtualisation) ++ # libvirt + Docker
[(import ../../modules/wm/virtualisation/kvm-intel.nix)] ++ # kvm module options
(import ../../modules/hardware); # Hardware devices
@@ -55,6 +54,7 @@
systemPackages = with pkgs; [
linux-firmware
intel-media-driver
intel-compute-runtime
];
};
@@ -64,7 +64,7 @@
systemd.sleep.extraConfig = "HibernateDelaySec=1h";
services = {
logind.lidSwitch = "suspend-then-hibernate"; # Laptop does not go to sleep when lid is closed
logind.settings.Login.HandleLidSwitch = "suspend-then-hibernate"; # Laptop does not go to sleep when lid is closed
blueman.enable = true;
avahi = { # Needed to find wireless printer
enable = true;
@@ -76,6 +76,28 @@
};
};
#tailscale.enable = true;
syncthing = {
enable = true;
group = "users";
user = "kabbone";
dataDir = "/home/${config.services.syncthing.user}/Sync";
configDir = "/home/${config.services.syncthing.user}/.config/syncthing";
overrideDevices = true; # overrides any devices added or deleted through the WebUI
overrideFolders = true; # overrides any folders added or deleted through the WebUI
openDefaultPorts = true;
settings = {
devices = {
"jupiter.home.opel-online.de" = { id = "T53WU6Z-3NT74ZE-PZVZB2N-7FBTZ5K-HESC2ZM-W4ABDAS-NWXHTGI-ST4CDQR"; };
"hades.home.opel-online.de" = { id = "3VPCBVW-RH7XKFM-TWJGQHC-ZRAQ575-CQKGGKP-NAB4VXE-KCKJFUT-AMCUQQA"; };
};
folders = {
"Sync" = { # Name of folder in Syncthing, also the folder ID
path = "/home/${config.services.syncthing.user}/Sync"; # Which folder to add to Syncthing
devices = [ "jupiter.home.opel-online.de" "hades.home.opel-online.de" ]; # Which devices to share the folder with
ignorePerms = false; # By default, Syncthing doesn't sync file permissions. This line enables it for this folder.
};
};
};
};
};
}

3
hosts/lifebook/hardware-configuration.nix
View File

@@ -34,7 +34,8 @@
kernelModules = [ "kvm-intel" ];
kernelParams = [ "luks.options=fido2-device=auto" "sysrq_always_enabled=1" "pcie_aspm=force" ];
extraModprobeConfig = ''
options i915 enable_guc=3
options i915 force_probe=!9a49
options xe force_probe=9a49
'';
tmp.useTmpfs = false;
tmp.cleanOnBoot = true;

3
hosts/lifebook/home.nix
View File

@@ -17,7 +17,7 @@
imports =
[
#../../modules/wm/hyprland/home.nix # Window Manager
../../modules/wm/sway/home.nix # Window Manager
../../modules/wm/niri/home.nix # Window Manager
../../modules/home.nix # Window Manager
];
@@ -30,7 +30,6 @@
thunderbird
streamlink
streamlink-twitch-gui-bin
element-desktop
intel-gpu-tools
pulsemixer

2
hosts/nasbackup/hardware-configuration.nix
View File

@@ -201,7 +201,7 @@
"10-lan" = {
matchConfig.Name = "ens18";
ntp = [ "192.168.2.1" ];
#domains = [ "home.opel-online.de" ];
domains = [ "home.opel-online.de" ];
networkConfig = {
DHCP = "yes";
IPv6AcceptRA = true;

1
hosts/steamdeck/home.nix
View File

@@ -35,7 +35,6 @@
thunderbird
streamlink
streamlink-twitch-gui-bin
element-desktop
pulsemixer
#yuzu-early-access

21
modules/programs/alacritty.nix
View File

@@ -13,17 +13,16 @@
programs = {
alacritty = {
enable = true;
package = pkgs.alacritty;
settings = {
env.term = "screen-256color";
font = rec { # Font - Laptop has size manually changed at home.nix
#normal.family = "FiraCode Nerd Font";
normal.family = "Cascadia Code";
#normal.family = "Intel One Mono";
#bold = { style = "Bold"; };
# size = 8;
};
};
#settings = {
# env.term = "screen-256color";
# font = rec { # Font - Laptop has size manually changed at home.nix
# #normal.family = "FiraCode Nerd Font";
# normal.family = "Cascadia Code";
# #normal.family = "Intel One Mono";
# #bold = { style = "Bold"; };
# # size = 8;
# };
#};
};
};
}

2
modules/programs/default.nix
View File

@@ -11,7 +11,7 @@
#
[
./alacritty.nix
# ./alacritty.nix
# ./rofi.nix
./firefox.nix
#./waybar.nix

2
modules/programs/firefox.nix
View File

@@ -18,7 +18,7 @@
# ExtensionSettings = {};
# };
#};
package = pkgs.firefox-wayland;
# package = pkgs.firefox-wayland;
# profiles.kabbone = {
# #id = 271987;
# name = "kabbone";

7
modules/services/default.nix
View File

@@ -11,14 +11,15 @@
#
[
./dunst.nix
./flameshot.nix
#./dunst.nix
#./flameshot.nix
#./picom.nix
#./polybar.nix
#./sxhkd.nix
#./udiskie.nix
#./redshift.nix
./kanshi.nix
#./kanshi.nix
./keyring.nix
]
# picom, polybar and sxhkd are pulled from desktop module

14
modules/services/keyring.nix Normal file
View File

@@ -0,0 +1,14 @@
#
# Screenshots
#
{ pkgs, user, ... }:
{
services = { # sxhkd shortcut = Printscreen button (Print)
gnome-keyring = {
enable = true;
};
};
home.packages = with pkgs; [ gcr seahorse ];
}

1
modules/services/nas/default.nix
View File

@@ -14,6 +14,7 @@
./nfs.nix
./nginx.nix
./vaultwarden.nix
./syncthing.nix
]
# picom, polybar and sxhkd are pulled from desktop module

21
modules/services/nas/syncthing.nix
View File

@@ -16,13 +16,13 @@
openDefaultPorts = true;
settings = {
devices = {
"hades" = { id = "DEVICE-ID-GOES-HERE"; };
"lifebook" = { id = "DEVICE-ID-GOES-HERE"; };
"hades.home.opel-online.de" = { id = "3VPCBVW-RH7XKFM-TWJGQHC-ZRAQ575-CQKGGKP-NAB4VXE-KCKJFUT-AMCUQQA"; };
"lifebook.home.opel-online.de" = { id = "RKPZG3H-BDUZID3-DV26MKR-UOARIQC-JBCAFXP-J5QFM4H-5EGBSM5-VEGXHQ4"; };
};
folders = {
"Sync" = { # Name of folder in Syncthing, also the folder ID
path = "/home/${config.services.syncthing.user}/Sync"; # Which folder to add to Syncthing
devices = [ "hades" "lifebook" ]; # Which devices to share the folder with
path = "/mnt/Mars/${config.services.syncthing.user}/Sync"; # Which folder to add to Syncthing
devices = [ "hades.home.opel-online.de" "lifebook.home.opel-online.de" ]; # Which devices to share the folder with
ignorePerms = false; # By default, Syncthing doesn't sync file permissions. This line enables it for this folder.
};
};
@@ -34,7 +34,18 @@
"syncthing.home.opel-online.de" = {
useACMEHost = "home.opel-online.de";
forceSSL = true;
locations."/".proxyPass = "${toString config.services.syncthing.guiAddress}";
locations."/" = {
recommendedProxySettings = false;
proxyPass = "http://${toString config.services.syncthing.guiAddress}";
extraConfig = ''
proxy_set_header Host localhost;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
'';
};
};
};
};

3
modules/services/server/mealie.nix
View File

@@ -1,9 +1,10 @@
{ config, pkgs, ... }:
{ config, pkgs, pkgs-unstable, ... }:
{
services.mealie = {
enable = true;
#package = pkgs-unstable.mealie;
listenAddress = "127.0.0.1";
credentialsFile = config.age.secrets."services/mealie/credentialsFile".path;
settings = {

30
modules/services/server/nextcloud.nix
View File

@@ -9,15 +9,16 @@
enable = true;
hostName = "cloud.kabtop.de";
https = true;
package = pkgs.nextcloud31;
package = pkgs.nextcloud32;
database.createLocally = false;
notify_push.enable = false;
enableImagemagick = true;
maxUploadSize = "512M";
caching = {
redis = true;
apcu = false;
apcu = true;
};
imaginary.enable = true;
settings = {
log_type = "file";
logfile = "nextcloud.log";
@@ -28,7 +29,7 @@
host = "/run/redis-nextcloud/redis.sock";
port = 0;
};
"memcache.local" = "\\OC\\Memcache\\Redis";
"memcache.local" = "\\OC\\Memcache\\APCu";
"memcache.distributed" = "\\OC\\Memcache\\Redis";
"memcache.locking" = "\\OC\\Memcache\\Redis";
"enable_previews" = true;
@@ -60,19 +61,8 @@
phpOptions = {
"opcache.interned_strings_buffer" = "16";
};
#autoUpdateApps.enable = true;
};
# services.onlyoffice = {
# enable = true;
# hostname = "docs.cloud.kabtop.de";
# postgresName = "onlyoffice";
# postgresHost = "localhost";
# postgresUser = "onlyoffice";
# postgresPasswordFile = config.age.secrets."services/nextcloud/onlyofficedb".path;
# jwtSecretFile = config.age.secrets."services/nextcloud/onlyofficejwt".path;
# };
services.redis = {
vmOverCommit = true;
servers.nextcloud = {
@@ -89,10 +79,6 @@
enableACME = true;
forceSSL = true;
};
# "${config.services.onlyoffice.hostname}" = {
# enableACME = true;
# forceSSL = true;
# };
};
};
@@ -104,14 +90,6 @@
file = ../../../secrets/services/nextcloud/adminpassFile.age;
owner = "nextcloud";
};
# age.secrets."services/nextcloud/onlyofficedb" = {
# file = ../../../secrets/services/nextcloud/onlyofficedb.age;
# owner = "onlyoffice";
# };
# age.secrets."services/nextcloud/onlyofficejwt" = {
# file = ../../../secrets/services/nextcloud/onlyofficejwt.age;
# owner = "onlyoffice";
# };
systemd.services."nextcloud-setup" = {
requires = ["postgresql.service"];

18
modules/shell/git.nix
View File

@@ -7,18 +7,20 @@
programs = {
git = {
enable = true;
userName = "Kabbone";
userEmail = "tobias@opel-online.de";
lfs.enable = true;
settings = {
user.name = "Kabbone";
user.email = "tobias@opel-online.de";
};
lfs = {
enable = true;
skipSmudge = true;
};
signing = {
format = "ssh";
key = "/home/${user}/.ssh/id_ed25519_sk_rk_red";
signByDefault = true;
};
extraConfig = {
gpg = { format = "ssh"; };
credential = { helper = "cache --timeout=3600"; };
};
difftastic.enable = true;
};
difftastic.enable = true;
};
}

BIN
modules/shell/themes/wall.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 242 KiB

5
modules/shell/zsh.nix
View File

@@ -8,7 +8,6 @@
programs = {
zsh = {
enable = true;
dotDir = "~/.config/zsh_nix";
autosuggestion.enable = true; # Auto suggest options and highlights syntact, searches in history for options
syntaxHighlighting.enable = true;
history.size = 10000;
@@ -16,11 +15,11 @@
oh-my-zsh = { # Extra plugins for zsh
enable = true;
plugins = [ "git" ];
custom = "$HOME/.config/zsh_nix/custom";
#custom = "$HOME/.config/zsh_nix/custom";
};
initContent = ''
if [[ $DISPLAY ]]; then
if [[ $WAYLAND_DISPLAY ]]; then
[[ $- != *i* ]] && return
[[ -z "$TMUX" ]] && (tmux attach || tmux new-session)
fi

BIN
modules/themes/nixos-wallpaper-catppuccin-mocha.jpg LFS Normal file
View File

Binary file not shown.

2
modules/themes/wall.jpg
View File

@@ -1 +1 @@
nixos-wallpaper-catppuccin-mocha.svg
nixos-wallpaper-catppuccin-mocha.jpg

693
modules/wm/niri/config.kdl Normal file
View File

@@ -0,0 +1,693 @@
// This config is in the KDL format: https://kdl.dev
// "/-" comments out the following node.
// Check the wiki for a full description of the configuration:
// https://yalter.github.io/niri/Configuration:-Introduction
// Input device configuration.
// Find the full list of options on the wiki:
// https://yalter.github.io/niri/Configuration:-Input
input {
keyboard {
xkb {
// You can set rules, model, layout, variant and options.
// For more information, see xkeyboard-config(7).
// For example:
layout "us,de"
options "grp:win_space_toggle"
// If this section is empty, niri will fetch xkb settings
// from org.freedesktop.locale1. You can control these using
// localectl set-x11-keymap.
}
// Enable numlock on startup, omitting this setting disables it.
//numlock
}
// Next sections include libinput settings.
// Omitting settings disables them, or leaves them at their default values.
// All commented-out settings here are examples, not defaults.
touchpad {
// off
tap
// dwt
// dwtp
// drag false
// drag-lock
// natural-scroll
// accel-speed 0.2
// accel-profile "flat"
scroll-method "two-finger"
// disabled-on-external-mouse
}
mouse {
// off
// natural-scroll
// accel-speed 0.2
// accel-profile "flat"
// scroll-method "no-scroll"
}
trackpoint {
// off
// natural-scroll
// accel-speed 0.2
// accel-profile "flat"
// scroll-method "on-button-down"
// scroll-button 273
// scroll-button-lock
// middle-emulation
}
touch {
map-to-output "eDP-1"
}
// Uncomment this to make the mouse warp to the center of newly focused windows.
// warp-mouse-to-focus
// Focus windows and outputs automatically when moving the mouse into them.
// Setting max-scroll-amount="0%" makes it work only on windows already fully on screen.
focus-follows-mouse max-scroll-amount="0%"
workspace-auto-back-and-forth
}
// You can configure outputs by their name, which you can find
// by running `niri msg outputs` while inside a niri instance.
// The built-in laptop monitor is usually called "eDP-1".
// Find more information on the wiki:
// https://yalter.github.io/niri/Configuration:-Outputs
// Remember to uncomment the node by removing "/-"!
// Lenovo main
output "DP-2" {
mode "2560x1440"
scale 1.0
transform "normal"
position x=0 y=250
variable-refresh-rate
};
// Eizo right
output "DP-3" {
mode "1920x1200"
scale 1.0
transform "270"
position x=2560 y=0
};
output "eDP-1" {
// Uncomment this line to disable this output.
// off
// Resolution and, optionally, refresh rate of the output.
// The format is "<width>x<height>" or "<width>x<height>@<refresh rate>".
// If the refresh rate is omitted, niri will pick the highest refresh rate
// for the resolution.
// If the mode is omitted altogether or is invalid, niri will pick one automatically.
// Run `niri msg outputs` while inside a niri instance to list all outputs and their modes.
mode "1920x1080"
// You can use integer or fractional scale, for example use 1.5 for 150% scale.
scale 1.2
// Transform allows to rotate the output counter-clockwise, valid values are:
// normal, 90, 180, 270, flipped, flipped-90, flipped-180 and flipped-270.
transform "normal"
// Position of the output in the global coordinate space.
// This affects directional monitor actions like "focus-monitor-left", and cursor movement.
// The cursor can only move between directly adjacent outputs.
// Output scale and rotation has to be taken into account for positioning:
// outputs are sized in logical, or scaled, pixels.
// For example, a 3840×2160 output with scale 2.0 will have a logical size of 1920×1080,
// so to put another output directly adjacent to it on the right, set its x to 1920.
// If the position is unset or results in an overlap, the output is instead placed
// automatically.
position x=0 y=0
}
cursor {
xcursor-theme "Breeze_Hacked"
xcursor-size 24
hide-when-typing
hide-after-inactive-ms 1000
}
// Settings that influence how windows are positioned and sized.
// Find more information on the wiki:
// https://yalter.github.io/niri/Configuration:-Layout
layout {
// Set gaps around windows in logical pixels.
gaps 8
// When to center a column when changing focus, options are:
// - "never", default behavior, focusing an off-screen column will keep at the left
// or right edge of the screen.
// - "always", the focused column will always be centered.
// - "on-overflow", focusing a column will center it if it doesn't fit
// together with the previously focused column.
center-focused-column "never"
// You can customize the widths that "switch-preset-column-width" (Mod+R) toggles between.
preset-column-widths {
// Proportion sets the width as a fraction of the output width, taking gaps into account.
// For example, you can perfectly fit four windows sized "proportion 0.25" on an output.
// The default preset widths are 1/3, 1/2 and 2/3 of the output.
proportion 0.33333
proportion 0.5
proportion 0.66667
// Fixed sets the width in logical pixels exactly.
// fixed 1920
}
// You can also customize the heights that "switch-preset-window-height" (Mod+Shift+R) toggles between.
preset-window-heights {
proportion 0.5
proportion 1.0
}
// You can change the default width of the new windows.
//default-column-width { proportion 1.0; }
// If you leave the brackets empty, the windows themselves will decide their initial width.
default-column-width {}
// By default focus ring and border are rendered as a solid background rectangle
// behind windows. That is, they will show up through semitransparent windows.
// This is because windows using client-side decorations can have an arbitrary shape.
//
// If you don't like that, you should uncomment `prefer-no-csd` below.
// Niri will draw focus ring and border *around* windows that agree to omit their
// client-side decorations.
//
// Alternatively, you can override it with a window rule called
// `draw-border-with-background`.
// You can change how the focus ring looks.
focus-ring {
// Uncomment this line to disable the focus ring.
// off
// How many logical pixels the ring extends out from the windows.
width 2
// Colors can be set in a variety of ways:
// - CSS named colors: "red"
// - RGB hex: "#rgb", "#rgba", "#rrggbb", "#rrggbbaa"
// - CSS-like notation: "rgb(255, 127, 0)", rgba(), hsl() and a few others.
// Color of the ring on the active monitor.
active-color "#7fc8ff"
// Color of the ring on inactive monitors.
//
// The focus ring only draws around the active window, so the only place
// where you can see its inactive-color is on other monitors.
inactive-color "#505050"
// You can also use gradients. They take precedence over solid colors.
// Gradients are rendered the same as CSS linear-gradient(angle, from, to).
// The angle is the same as in linear-gradient, and is optional,
// defaulting to 180 (top-to-bottom gradient).
// You can use any CSS linear-gradient tool on the web to set these up.
// Changing the color space is also supported, check the wiki for more info.
//
// active-gradient from="#80c8ff" to="#c7ff7f" angle=45
// You can also color the gradient relative to the entire view
// of the workspace, rather than relative to just the window itself.
// To do that, set relative-to="workspace-view".
//
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
}
// You can also add a border. It's similar to the focus ring, but always visible.
border {
// The settings are the same as for the focus ring.
// If you enable the border, you probably want to disable the focus ring.
off
width 2
active-color "#ffc87f"
inactive-color "#505050"
// Color of the border around windows that request your attention.
urgent-color "#9b0000"
// Gradients can use a few different interpolation color spaces.
// For example, this is a pastel rainbow gradient via in="oklch longer hue".
//
// active-gradient from="#e5989b" to="#ffb4a2" angle=45 relative-to="workspace-view" in="oklch longer hue"
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
}
// You can enable drop shadows for windows.
shadow {
// Uncomment the next line to enable shadows.
// on
// By default, the shadow draws only around its window, and not behind it.
// Uncomment this setting to make the shadow draw behind its window.
//
// Note that niri has no way of knowing about the CSD window corner
// radius. It has to assume that windows have square corners, leading to
// shadow artifacts inside the CSD rounded corners. This setting fixes
// those artifacts.
//
// However, instead you may want to set prefer-no-csd and/or
// geometry-corner-radius. Then, niri will know the corner radius and
// draw the shadow correctly, without having to draw it behind the
// window. These will also remove client-side shadows if the window
// draws any.
//
// draw-behind-window true
// You can change how shadows look. The values below are in logical
// pixels and match the CSS box-shadow properties.
// Softness controls the shadow blur radius.
softness 30
// Spread expands the shadow.
spread 5
// Offset moves the shadow relative to the window.
offset x=0 y=5
// You can also change the shadow color and opacity.
color "#0007"
}
// Struts shrink the area occupied by windows, similarly to layer-shell panels.
// You can think of them as a kind of outer gaps. They are set in logical pixels.
// Left and right struts will cause the next window to the side to always be visible.
// Top and bottom struts will simply add outer gaps in addition to the area occupied by
// layer-shell panels and regular gaps.
struts {
// left 64
// right 64
// top 6
// bottom 64
}
}
// Add lines like this to spawn processes at startup.
// Note that running niri as a session supports xdg-desktop-autostart,
// which may be more convenient to use.
// See the binds section below for more spawn examples.
// This line starts waybar, a commonly used bar for Wayland compositors.
spawn-at-startup "noctalia-shell"
spawn-at-startup "firefox"
spawn-at-startup "element-desktop"
spawn-at-startup "thunderbird"
// To run a shell command (with variables, pipes, etc.), use spawn-sh-at-startup:
// spawn-sh-at-startup "qs -c ~/source/qs/MyAwesomeShell"
hotkey-overlay {
// Uncomment this line to disable the "Important Hotkeys" pop-up at startup.
skip-at-startup
}
// Uncomment this line to ask the clients to omit their client-side decorations if possible.
// If the client will specifically ask for CSD, the request will be honored.
// Additionally, clients will be informed that they are tiled, removing some client-side rounded corners.
// This option will also fix border/focus ring drawing behind some semitransparent windows.
// After enabling or disabling this, you need to restart the apps for this to take effect.
prefer-no-csd
// You can change the path where screenshots are saved.
// A ~ at the front will be expanded to the home directory.
// The path is formatted with strftime(3) to give you the screenshot date and time.
screenshot-path "~/Pictures/Screenshots/Screenshot from %Y-%m-%d %H-%M-%S.png"
// You can also set this to null to disable saving screenshots to disk.
// screenshot-path null
// Animation settings.
// The wiki explains how to configure individual animations:
// https://yalter.github.io/niri/Configuration:-Animations
animations {
// Uncomment to turn off all animations.
// off
// Slow down all animations by this factor. Values below 1 speed them up instead.
// slowdown 3.0
}
// Window rules let you adjust behavior for individual windows.
// Find more information on the wiki:
// https://yalter.github.io/niri/Configuration:-Window-Rules
// Work around WezTerm's initial configure bug
// by setting an empty default-column-width.
workspace "browser" {
open-on-output "DP-2"
}
workspace "chat" {
open-on-output "DP-3"
}
workspace "terminal" {
}
window-rule {
// This regular expression is intentionally made as specific as possible,
// since this is the default config, and we want no false positives.
// You can get away with just app-id="wezterm" if you want.
//match app-id=r#"^org\.wezfurlong\.wezterm$"#
match app-id="Alacritty"
match title="Firefox"
default-column-width { proportion 1.0; }
}
window-rule {
match title="Firefox"
default-column-width { proportion 1.0; }
open-on-workspace "browser"
}
window-rule {
match app-id="Element"
match app-id="thunderbird"
default-column-width { proportion 1.0; }
open-on-workspace "chat"
}
// Open the Firefox picture-in-picture player as floating by default.
window-rule {
// This app-id regular expression will work for both:
// - host Firefox (app-id is "firefox")
// - Flatpak Firefox (app-id is "org.mozilla.firefox")
match app-id=r#"firefox$"# title="^Picture-in-Picture$"
match title="galculator"
match title="OpenSSH Askpass"
open-floating true
}
// Example: block out two password managers from screen capture.
// (This example rule is commented out with a "/-" in front.)
/-window-rule {
match app-id=r#"^org\.keepassxc\.KeePassXC$"#
match app-id=r#"^org\.gnome\.World\.Secrets$"#
block-out-from "screen-capture"
// Use this instead if you want them visible on third-party screenshot tools.
// block-out-from "screencast"
}
// Example: enable rounded corners for all windows.
// (This example rule is commented out with a "/-" in front.)
/-window-rule {
geometry-corner-radius 12
clip-to-geometry true
}
binds {
// Keys consist of modifiers separated by + signs, followed by an XKB key name
// in the end. To find an XKB name for a particular key, you may use a program
// like wev.
//
// "Mod" is a special modifier equal to Super when running on a TTY, and to Alt
// when running as a winit window.
//
// Most actions that you can bind here can also be invoked programmatically with
// `niri msg action do-something`.
// Mod-Shift-/, which is usually the same as Mod-?,
// shows a list of important hotkeys.
Mod+Shift+Slash { show-hotkey-overlay; }
// Suggested binds for running programs: terminal, app launcher, screen locker.
Mod+Return hotkey-overlay-title="Open a Terminal: alacritty" { spawn "alacritty"; }
Mod+D hotkey-overlay-title="Run an Application: fuzzel" { spawn "fuzzel"; }
XF86AudioPlay allow-when-locked=true { spawn-sh "playerctl play-pause"; }
XF86AudioStop allow-when-locked=true { spawn-sh "playerctl stop"; }
XF86AudioPrev allow-when-locked=true { spawn-sh "playerctl previous"; }
XF86AudioNext allow-when-locked=true { spawn-sh "playerctl next"; }
Mod+Alt+L { spawn-sh "noctalia-shell ipc call lockScreen lock"; }
XF86AudioLowerVolume allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume decrease"; }
XF86AudioRaiseVolume allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume increase"; }
XF86MonBrightnessUp allow-when-locked=true { spawn-sh "noctalia-shell ipc call brightness increase"; }
XF86MonBrightnessDown allow-when-locked=true { spawn-sh "noctalia-shell ipc call brightness decrease"; }
XF86AudioMute allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume muteOutput"; }
XF86AudioMicMute allow-when-locked=true { spawn-sh "noctalia-shell ipc call volume muteInput"; }
// Open/close the Overview: a zoomed-out view of workspaces and windows.
// You can also move the mouse into the top-left hot corner,
// or do a four-finger swipe up on a touchpad.
Mod+O repeat=false { toggle-overview; }
Mod+Q repeat=false { close-window; }
Mod+Left { focus-column-left; }
Mod+Down { focus-window-down; }
Mod+Up { focus-window-up; }
Mod+Right { focus-column-right; }
Mod+H { focus-column-left; }
Mod+J { focus-window-down; }
Mod+K { focus-window-up; }
Mod+L { focus-column-right; }
// colemak-dh
Mod+M { focus-column-left; }
Mod+N { focus-window-down; }
Mod+E { focus-window-up; }
Mod+I { focus-column-right; }
Mod+Ctrl+Left { move-column-left; }
Mod+Ctrl+Down { move-window-down; }
Mod+Ctrl+Up { move-window-up; }
Mod+Ctrl+Right { move-column-right; }
Mod+Ctrl+H { move-column-left; }
Mod+Ctrl+J { move-window-down; }
Mod+Ctrl+K { move-window-up; }
Mod+Ctrl+L { move-column-right; }
// colemak-dh
Mod+Ctrl+M { move-column-left; }
Mod+Ctrl+N { move-window-down; }
Mod+Ctrl+E { move-window-up; }
Mod+Ctrl+I { move-column-right; }
// Alternative commands that move across workspaces when reaching
// the first or last window in a column.
// Mod+J { focus-window-or-workspace-down; }
// Mod+K { focus-window-or-workspace-up; }
// Mod+Ctrl+J { move-window-down-or-to-workspace-down; }
// Mod+Ctrl+K { move-window-up-or-to-workspace-up; }
Mod+Home { focus-column-first; }
Mod+End { focus-column-last; }
Mod+Ctrl+Home { move-column-to-first; }
Mod+Ctrl+End { move-column-to-last; }
Mod+Shift+Left { focus-monitor-left; }
Mod+Shift+Down { focus-monitor-down; }
Mod+Shift+Up { focus-monitor-up; }
Mod+Shift+Right { focus-monitor-right; }
Mod+Shift+H { focus-monitor-left; }
Mod+Shift+J { focus-monitor-down; }
Mod+Shift+K { focus-monitor-up; }
Mod+Shift+L { focus-monitor-right; }
//colemak-dh
Mod+Shift+M { focus-monitor-left; }
Mod+Shift+N { focus-monitor-down; }
Mod+Shift+I { focus-monitor-up; }
Mod+Shift+O { focus-monitor-right; }
Mod+Shift+Ctrl+Left { move-column-to-monitor-left; }
Mod+Shift+Ctrl+Down { move-column-to-monitor-down; }
Mod+Shift+Ctrl+Up { move-column-to-monitor-up; }
Mod+Shift+Ctrl+Right { move-column-to-monitor-right; }
Mod+Shift+Ctrl+H { move-column-to-monitor-left; }
Mod+Shift+Ctrl+J { move-column-to-monitor-down; }
Mod+Shift+Ctrl+K { move-column-to-monitor-up; }
Mod+Shift+Ctrl+L { move-column-to-monitor-right; }
// colemak-dh
Mod+Shift+Ctrl+M { move-column-to-monitor-left; }
Mod+Shift+Ctrl+N { move-column-to-monitor-down; }
Mod+Shift+Ctrl+E { move-column-to-monitor-up; }
Mod+Shift+Ctrl+I { move-column-to-monitor-right; }
// Alternatively, there are commands to move just a single window:
// Mod+Shift+Ctrl+Left { move-window-to-monitor-left; }
// ...
// And you can also move a whole workspace to another monitor:
// Mod+Shift+Ctrl+Left { move-workspace-to-monitor-left; }
// ...
Mod+Page_Down { focus-workspace-down; }
Mod+Page_Up { focus-workspace-up; }
Mod+U { focus-workspace-down; }
//Mod+I { focus-workspace-up; }
Mod+Ctrl+Page_Down { move-column-to-workspace-down; }
Mod+Ctrl+Page_Up { move-column-to-workspace-up; }
Mod+Ctrl+U { move-column-to-workspace-down; }
//Mod+Ctrl+I { move-column-to-workspace-up; }
// Alternatively, there are commands to move just a single window:
// Mod+Ctrl+Page_Down { move-window-to-workspace-down; }
// ...
Mod+Shift+Page_Down { move-workspace-down; }
Mod+Shift+Page_Up { move-workspace-up; }
Mod+Shift+U { move-workspace-down; }
//Mod+Shift+I { move-workspace-up; }
// You can bind mouse wheel scroll ticks using the following syntax.
// These binds will change direction based on the natural-scroll setting.
//
// To avoid scrolling through workspaces really fast, you can use
// the cooldown-ms property. The bind will be rate-limited to this value.
// You can set a cooldown on any bind, but it's most useful for the wheel.
Mod+WheelScrollDown cooldown-ms=150 { focus-workspace-down; }
Mod+WheelScrollUp cooldown-ms=150 { focus-workspace-up; }
Mod+Ctrl+WheelScrollDown cooldown-ms=150 { move-column-to-workspace-down; }
Mod+Ctrl+WheelScrollUp cooldown-ms=150 { move-column-to-workspace-up; }
Mod+WheelScrollRight { focus-column-right; }
Mod+WheelScrollLeft { focus-column-left; }
Mod+Ctrl+WheelScrollRight { move-column-right; }
Mod+Ctrl+WheelScrollLeft { move-column-left; }
// Usually scrolling up and down with Shift in applications results in
// horizontal scrolling; these binds replicate that.
Mod+Shift+WheelScrollDown { focus-column-right; }
Mod+Shift+WheelScrollUp { focus-column-left; }
Mod+Ctrl+Shift+WheelScrollDown { move-column-right; }
Mod+Ctrl+Shift+WheelScrollUp { move-column-left; }
// Similarly, you can bind touchpad scroll "ticks".
// Touchpad scrolling is continuous, so for these binds it is split into
// discrete intervals.
// These binds are also affected by touchpad's natural-scroll, so these
// example binds are "inverted", since we have natural-scroll enabled for
// touchpads by default.
// Mod+TouchpadScrollDown { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.02+"; }
// Mod+TouchpadScrollUp { spawn-sh "wpctl set-volume @DEFAULT_AUDIO_SINK@ 0.02-"; }
// You can refer to workspaces by index. However, keep in mind that
// niri is a dynamic workspace system, so these commands are kind of
// "best effort". Trying to refer to a workspace index bigger than
// the current workspace count will instead refer to the bottommost
// (empty) workspace.
//
// For example, with 2 workspaces + 1 empty, indices 3, 4, 5 and so on
// will all refer to the 3rd workspace.
Mod+1 { focus-workspace "browser"; }
Mod+2 { focus-workspace "chat"; }
Mod+3 { focus-workspace "terminal"; }
Mod+4 { focus-workspace 4; }
Mod+5 { focus-workspace 5; }
Mod+6 { focus-workspace 6; }
Mod+7 { focus-workspace 7; }
Mod+8 { focus-workspace 8; }
Mod+9 { focus-workspace 9; }
Mod+Ctrl+1 { move-column-to-workspace "browser"; }
Mod+Ctrl+2 { move-column-to-workspace "chat"; }
Mod+Ctrl+3 { move-column-to-workspace "terminal"; }
Mod+Ctrl+4 { move-column-to-workspace 4; }
Mod+Ctrl+5 { move-column-to-workspace 5; }
Mod+Ctrl+6 { move-column-to-workspace 6; }
Mod+Ctrl+7 { move-column-to-workspace 7; }
Mod+Ctrl+8 { move-column-to-workspace 8; }
Mod+Ctrl+9 { move-column-to-workspace 9; }
// Alternatively, there are commands to move just a single window:
// Mod+Ctrl+1 { move-window-to-workspace 1; }
// Switches focus between the current and the previous workspace.
// Mod+Tab { focus-workspace-previous; }
// The following binds move the focused window in and out of a column.
// If the window is alone, they will consume it into the nearby column to the side.
// If the window is already in a column, they will expel it out.
Mod+BracketLeft { consume-or-expel-window-left; }
Mod+BracketRight { consume-or-expel-window-right; }
// Consume one window from the right to the bottom of the focused column.
Mod+Comma { consume-window-into-column; }
// Expel the bottom window from the focused column to the right.
Mod+Period { expel-window-from-column; }
Mod+R { switch-preset-column-width; }
// Cycling through the presets in reverse order is also possible.
// Mod+R { switch-preset-column-width-back; }
Mod+Shift+R { switch-preset-window-height; }
Mod+Ctrl+R { reset-window-height; }
Mod+F { maximize-column; }
Mod+Shift+F { fullscreen-window; }
// Expand the focused column to space not taken up by other fully visible columns.
// Makes the column "fill the rest of the space".
Mod+Ctrl+F { expand-column-to-available-width; }
Mod+C { center-column; }
// Center all fully visible columns on screen.
Mod+Ctrl+C { center-visible-columns; }
// Finer width adjustments.
// This command can also:
// * set width in pixels: "1000"
// * adjust width in pixels: "-5" or "+5"
// * set width as a percentage of screen width: "25%"
// * adjust width as a percentage of screen width: "-10%" or "+10%"
// Pixel sizes use logical, or scaled, pixels. I.e. on an output with scale 2.0,
// set-column-width "100" will make the column occupy 200 physical screen pixels.
Mod+Minus { set-column-width "-10%"; }
Mod+Equal { set-column-width "+10%"; }
// Finer height adjustments when in column with other windows.
Mod+Shift+Minus { set-window-height "-10%"; }
Mod+Shift+Equal { set-window-height "+10%"; }
// Move the focused window between the floating and the tiling layout.
Mod+V { toggle-window-floating; }
Mod+Shift+V { switch-focus-between-floating-and-tiling; }
// Toggle tabbed column display mode.
// Windows in this column will appear as vertical tabs,
// rather than stacked on top of each other.
Mod+W { toggle-column-tabbed-display; }
// Actions to switch layouts.
// Note: if you uncomment these, make sure you do NOT have
// a matching layout switch hotkey configured in xkb options above.
// Having both at once on the same hotkey will break the switching,
// since it will switch twice upon pressing the hotkey (once by xkb, once by niri).
// Mod+Space { switch-layout "next"; }
// Mod+Shift+Space { switch-layout "prev"; }
Print { screenshot; }
Ctrl+Print { screenshot-screen; }
Alt+Print { screenshot-window; }
// Applications such as remote-desktop clients and software KVM switches may
// request that niri stops processing the keyboard shortcuts defined here
// so they may, for example, forward the key presses as-is to a remote machine.
// It's a good idea to bind an escape hatch to toggle the inhibitor,
// so a buggy application can't hold your session hostage.
//
// The allow-inhibiting=false property can be applied to other binds as well,
// which ensures niri always processes them, even when an inhibitor is active.
Mod+Escape allow-inhibiting=false { toggle-keyboard-shortcuts-inhibit; }
// The quit action will show a confirmation dialog to avoid accidental exits.
Mod+Shift+E { quit; }
Ctrl+Alt+Delete { quit; }
// Powers off the monitors. To turn them back on, do any input like
// moving the mouse or pressing any other key.
Mod+Shift+P { power-off-monitors; }
}
include "./noctalia.kdl"

67
modules/wm/niri/default.nix Normal file
View File

@@ -0,0 +1,67 @@
#
# Sway configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ └─ default.nix
# └─ ./modules
# └─ ./desktop
# └─ ./hyprland
# └─ hyprland.nix *
#
{ config, inputs, lib, user, pkgs, ... }:
{
imports = [ ../noctalia.nix ];
environment = {
systemPackages = with pkgs; [
alacritty
xdg-desktop-portal-gnome
xdg-desktop-portal-gtk
swaylock
swayidle
slurp
grim
lxqt.lxqt-openssh-askpass
clinfo
glib
brightnessctl
playerctl
xwayland-satellite
breeze-hacked-cursor-theme
];
loginShellInit = ''
export GTK_IM_MODULE="simple"
export ELECTRON_OZONE_PLATFORM_HINT="auto"
export NIXOS_OZONE_WL="1"
export WLR_RENDERER="vulkan"
export _JAVA_AWT_WM_NONREPARENTING="1"
'';
};
services = {
iio-niri = {
enable = false;
};
greetd = {
enable = true;
useTextGreeter = true;
settings = {
default_session = {
command = "${pkgs.tuigreet}/bin/tuigreet --time --cmd niri-session";
};
};
};
};
programs = {
niri.enable = true;
ssh.enableAskPassword = true;
ssh.askPassword = "${pkgs.lxqt.lxqt-openssh-askpass}/bin/lxqt-openssh-askpass";
};
security.pam.services.swaylock = {};
}

47
modules/wm/niri/home.nix Normal file
View File

@@ -0,0 +1,47 @@
#
# Sway NixOS & Home manager configuration
#
# flake.nix
# ├─ ./hosts
# │ └─ ./laptop
# │ └─ home.nix
# └─ ./modules
# └─ ./desktop
# └─ ./sway
# └─ home.nix *
#
{ config, lib, pkgs, ... }:
{
programs = {
swaylock = {
enable = true;
settings = {
color = "000000";
image = "$HOME/.config/lockwall";
indicator-caps-lock = true;
show-keyboard-layout = true;
};
};
};
services = {
swayidle = {
enable = true;
events = [
{ event = "before-sleep"; command = "${pkgs.swaylock}/bin/swaylock"; }
{ event = "lock"; command = "${pkgs.swaylock}/bin/swaylock -fF"; }
];
timeouts = [
{ timeout = 300; command = "${pkgs.swaylock}/bin/swaylock -fF"; }
{ timeout = 600; command = "${pkgs.niri}/bin/niri msg action power-off-monitors"; }
];
};
};
xdg.configFile = {
"niri/config.kdl".source = ./config.kdl;
};
}

188
modules/wm/noctalia.nix Normal file
View File

@@ -0,0 +1,188 @@
#
# Bar
#
{ config, pkgs, inputs, user, ...}:
{
# install package
environment.systemPackages = with pkgs; [
pwvucontrol
# ... maybe other stuff
];
services = {
tuned.enable = true;
upower.enable = true;
};
home-manager.users.${user} = { # Home-manager waybar config
# import the home manager module
imports = [
inputs.noctalia.homeModules.default
];
services = {
mako.enable = true; # notification daemon
polkit-gnome.enable = true; # polkit
};
# configure options
programs = {
fuzzel = {
enable = true; # Super+D in the default setting (app launcher)
};
noctalia-shell = {
enable = true;
# enable the systemd service
systemd.enable = true;
settings = {
# configure noctalia here
appLauncher = {
terminalCommand = "alacritty -e";
};
bar = {
density = "compact";
position = "top";
showCapsule = false;
widgets = {
left = [
{
id = "ControlCenter";
useDistroLogo = true;
}
{
hideUnoccupied = false;
id = "Workspace";
labelMode = "none";
}
{
id = "ActiveWindow";
}
];
center = [
{
formatHorizontal = "HH:mm";
formatVertical = "HH mm";
id = "Clock";
useMonospacedFont = true;
usePrimaryColor = true;
}
];
right = [
{
id = "MediaMini";
}
{
id = "SystemMonitor";
showNetworkStats = true;
compactMode = false;
}
{
id = "WiFi";
}
{
id = "Bluetooth";
}
{
id = "Battery";
warningThreshold = 20;
displayMode = "alwaysShow";
}
{
id = "Volume";
displayMode = "alwaysShow";
}
{
id = "NotificationHistory";
hideWhenZero = true;
}
{
id = "Tray";
}
];
};
};
colorSchemes.predefinedScheme = "Catppuccin";
general = {
avatarImage = "/home/kabbone/.face";
radiusRatio = 0.2;
lockOnSusepnd = true;
};
location = {
monthBeforeDay = true;
name = "Munich, Germany";
showWeekNumberInCalendar = true;
firstDayOfWeek = 0;
};
wallpaper = {
enabled = true;
overviewEnabled = false;
directory = "/home/${user}/.setup/modules/themes/";
};
brightness = {
enforceMinimum = true;
brightnessStep = 5;
};
controlCenter = {
shortcuts = {
left = [
{
id = "WiFi";
}
{
id = "Bluetooth";
}
{
id = "ScreenRecorder";
}
{
id = "PowerProfile";
}
{
id = "KeepAwake";
}
];
};
};
dock = {
enabled = false;
};
sessionMenu = {
enableCountdown = false;
};
templates = {
fuzzel = true;
alacritty = true;
qt = true;
gtk = true;
discord = true;
code = true;
telegram = true;
niri = true;
firefox = true;
};
};
};
};
home.file.".cache/noctalia/wallpapers.json" = {
text = builtins.toJSON {
defaultWallpaper = "/home/${user}/.setup/modules/themes/wall.jpg";
};
};
};
}

5
modules/wm/sway/home.nix
View File

@@ -108,7 +108,7 @@
assigns = {
"workspace number 1" = [{ app_id = "thunderbird"; }];
"workspace number 2" = [{ app_id = "firefox"; }];
"workspace number 3" = [{ class = "Element"; }];
"workspace number 3" = [{ app_id = "Element"; }];
};
window.commands = [
@@ -276,7 +276,6 @@
};
rofi = {
enable = true;
package = pkgs.rofi-wayland;
extraConfig = {
modi = "window,drun,ssh";
kb-primary-paste = "Control+V,Shift+Insert";
@@ -302,7 +301,7 @@
{ event = "lock"; command = "${pkgs.swaylock}/bin/swaylock -fF"; }
{ event = "after-resume"; command = "${pkgs.sway}/bin/swaymsg 'output * dpms on'"; }
{ event = "unlock"; command = "${pkgs.sway}/bin/swaymsg 'output * dpms on'"; }
];
];
timeouts = [
{ timeout = 300; command = "${pkgs.swaylock}/bin/swaylock -fF"; }
{ timeout = 600; command = "${pkgs.sway}/bin/swaymsg 'output * dpms off'"; resumeCommand = "${pkgs.sway}/bin/swaymsg 'output * dpms on'"; }

193
modules/wm/virtualisation/qemu.nix
View File

@@ -14,11 +14,6 @@
#qemuPackage = pkgs.qemu_kvm; # Default
qemu = {
runAsRoot = false;
ovmf.enable = true;
# ovmf.packages = [ pkgs.OVMFFull ];
# verbatimConfig = ''
# nvram = [ "${pkgs.OVMF}/FV/OVMF_CODE.fd:${pkgs.OVMF}/FV/OVMF_VARS.fd" ]
# '';
};
};
spiceUSBRedirection.enable = true; # USB passthrough
@@ -31,197 +26,13 @@
virt-viewer
qemu
OVMF
OVMF-cloud-hypervisor
gvfs # Used for shared folders between linux and windows
cloud-hypervisor
];
};
services = { # Enable file sharing between OS
gvfs.enable = true;
};
#boot ={
# kernelParams = [ "intel_iommu=on" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ]; # or amd_iommu (cpu)
# kernelModules = [ "vendor-reset" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd"];
# extraModulePackages = [ config.boot.kernelPackages.vendor-reset ]; # Presumably fix for GPU Reset Bug
# extraModprobeConfig = "options vfio-pci ids=1002:67DF,1002:AAF0"; # grep PCI_ID /sys/bus/pci/devices/*/uevent
# kernelPatches = [
# {
# name = "vendor-reset-reqs-and-other-stuff";
# patch = null;
# extraConfig = ''
# FTRACE y
# KPROBES y
# FUNCTION_TRACER y
# HWLAT_TRACER y
# TIMERLAT_TRACER y
# IRQSOFF_TRACER y
# OSNOISE_TRACER y
# PCI_QUIRKS y
# KALLSYMS y
# KALLSYMS_ALL y
# '';
# }
# ];
#};
}
#SHARED FOLDER
#FOR WINDOWS
# 3 options:
#
# 1. Make use of host samba server
# 1.0 Samba is installed by default. The network-shared folder is at /home/<user>/share.
# 1.1 On host, set a password for the autentication of the samba server
# 1.2 $ smbpasswd -a <user>
# 1.3 Give password twice
# 1.4 On windows, open file explorer, right click "This PC", Map network drive...
# 1.5 fill in address: \\<ip-address>\share
# 1.6 Log in with details entered beforehand
#
# 2. Since this setup make use of iommu, you can pass through external usb hard drives or a specific PCI storage devices
# 2.1 Open details of virtual desktop in virt-manager
# 2.2 Add hardware
# 2.3 USB Host Device
# 2.4 Select device and launch virtual desktop
#
# 3. Set up shared folders in windows guest that can be accessed by host
# 3.0. Enable above service gvfs (this is used in the file manager to actually connect to the windows directory)
# 3.1. Log in to Windows
# 3.2. Go to "Network and Sharing Center"
# 3.3. Click "Change advanced sharing settings" and enable all settings for Private, Guest or Public and All Networks
# 3.3.1. Under "All Networks" you can disable "Password protected sharing" but it seems for optimal use, it's better to still give the password in the file manager
# 3.4. (possibly optional), select a folder and click "Properties", "Sharing", "Advanced Sharing"
# 3.4.1. Enable "Share this file"
# 3.4.2. Under "Permissions", allow full control. Apply
# 3.5. Click "Share" and use de drop down to add "Everyone" and change "Permission Level" to "Read/Write". Share, Done
# 3.6. Search for services and open menu
# 3.6.1. Search for below serices. Right click and select "Properties". "Startup type" = Automatic
# 3.6.1.1. SSDP Discovery
# 3.6.1.2. uPnPDevice Host
# 3.6.1.3. Functions Discovery Provider Host
# 3.6.1.4. Functions Discovery Resource Publication
# 3.7. Find IP of virtual device and make sure you can ping it.
# 3.8. In file manager add connection
# 3.8.1. For example in PCManFM
# 3.8.2. Search for smb://*ip*/
# 3.8.3. You can even specify specific folder smb://*ip*/users/Matthias/Desktop/share
# 3.8.4. If prompted to log in, do it, otherwise it might close on its own.
# 3.9. If there are any issues, maybe disable firewall on guest
# 3.10. Recommended to bookmark location for later
# Note:
# There is no passthrough, its recommended to install the windows kvm guest drivers.
# Can be found on github.com/virtio-win/virtio-win-pkg-scripts/blob/master/README.md
# Add this as CD storage in virt manager
# It can than be accest in the windows and the guest driver exe's can be run.
# Also, change video in virt-manager to virtio. This will fix the resolution
#FOR LINUX
# 2 options
#
# 1. Make use of host samba server
# 1.0 Samba is installed by default. The network-shared folder is at /home/<user>/share.
# 1.1 On host, set a password for the autentication of the samba server
# 1.2 $ smbpasswd -a <user>
# 1.3 Give password twice
# 1.4 On virtual machine open file manager
# 1.5 Search for smb://<ip-address>/share
# 1.6 Log in with details entered beforehand
#
# 2. Passing through a filesystem
# 2.1 Open details of virtual desktop on virt-manager
# 2.2 Add hardware
# 2.3 Select Filesystem: Type = mount / Mode = mapped / Source path = /home/<user>/share / Target path = /sharepoint
# 2.4 Boot into virtual machine
# 2.5 Create a directory to mount /sharepoint
# 2.6 $ sudo mount -t 9p -o trans=virtio /sharepoint /<mountpoint>
#SINGLE GPU PASSTHROUGH
# General Guide: gitlab.com/risingprismtv/single-gpu-passthrough/-/wikis/home
# 1. Download ISO
# 2. Download latest Video BIOS from techpowerup.com/vgabios (Sapphire RX580 8Gb)
# 2.1. $ Sudo mkdir /var/lib/libvirt/vbios/
# 2.2. $ Sudo mv ~/Downloads/*.rom /var/lib/libvirt/vbios/GPU.rom
# 2.3. $ Cd /var/lib/libvirt/vbios/
# 2.4. $ Sudo chmod -R 660 GPU.rom
# 3. Launch virt-manager
# 4. File - Add Connection
# 5. Create Virtual Machine
# 5.1 Select ISO and mark it as win10
# 5.2 Give temporary RAM
# 5.3 Customize configuration before install
# 5.4 Overview - Firmware - UEFI x86_64: /usr/*/OVMF_CODE.fd
# 5.5 Allow XML Editing via Edit - Preferences
# 5.6 Edit XML - Remove rtc & pit line. Change hpet to "yes"
# 6. Start Installation (let it run without interference and do steps below)
# 6.1 Press Esc, type exit, select boot-manager DVD ROM
# 6.2 Do installation, select Pro version.
# 6.3 Install hooks (Step 7 in guide)
# 7. Close VM
# 8. Edit VM
# 8.1 Remove everything spice (Display, Video QXL, Serial, Channel Spice)
# 8.2 Remove CD Rom
# 8.3 Add PCI hardware (GPU: 01:00:0 & 01:00:1 (most likely))
# 8.3 Add Mouse, Keyboard (PCI USB Controller in PCI Host Device or USB Host Device)
# 9. Select GPU and open XML
# 9.1 Add line "<rom file='/var/lib/libvirt/vbios/GPU.rom'/>" under "</source>"
# 9.2 Do for both 01:00:0 and 01:00:1
# 10. Edit CPU
# 10.1 Disable "Copy host CPU configuration" and select "host-passthrough"
# 10.2 Edit topology: Sockets=1 Cores=Total/2 Threads=2
# 10.3 Edit XML cpu under topology
# 10.3.1 Add "<feature policy='require' name='topoext'/>" for AMDCPU
# 10.3.2 Add "<feature policy='disable' name='smep'/>" for Intel CPU
# 11 Change memory to prefered (12GB for 16GB Total)
# 12 Start VM
# 13 Install correct video drivers
#MACOS ON VIRT-MANAGER
# General Guide: nixos.wiki/wiki/OSX-KVM
# Repository: github.com/kholia/OSX-KVM
# IMPORTANT: if you wish to start the virtual machine with virt-manager gui, clone to /home/<user>/.
# 1. git clone https://github.com/kholia/OSX-KVM
# 2. create a shell.nix (maybe best to store inside cloned directory)
# 3. shell.nix content:
# with import <nixpkgs> {};
# mkShell {
# buildInputs = [
# qemu
# python3
# iproute2
# ];
# }
# 4. In nixos configuration add:
# virtualisation.libvirtd.enable = true;
# users.extraUsers.<user>.extraGroups = [ "libvirtd" ];
# boot.extraModprobeConfig = ''
# options kvm_intel nested=1
# options kvm_intel emulate_invalid_guest_state=0
# options kvm ignore_msrs=1
# '';
# 5. Run the shell: $ nix-shell
# 6. As mentioned in the README, run ./fetch-macOS.py
# 6.1 Can be a specific version
# 7. Create base image for the macOs installer
# 8. $ qemu-img convert BaseSystem.dmg -O raw BaseSystem.img
# 9. Create disk for macOS
# 9.1 $ qemu-img create -f qcow2 mac_hdd_ng.img 128G
# 10. Set up networking. If something like virbr0 does not get detected start virt-manager. Commands:
# $ sudo ip tuntap add dev tap0 mode tap
# $ sudo ip link set tap0 up promisc on
# $ sudo ip link set dev virbr0 up
# $ sudo ip link set dev tap0 master virbr0
# 11. Boot the system
# 11.1 $ ./OpenCore-Boot.sh
# 12. Choose the first option to start the MacOS installer: macOS Base Systen
# 12.1 Use Disk Utility to esase the correct drive.
# 13. Go back and select the option to reinstall macOS
# 13.1 After the initial installation, a reboot will happen. Do nothing and wait or select the second option 'MacOs install'.
# 13.2 This will finalize the installaton but it will probably reboot multiple times. The second option will now have changed to the name of your drive. Use this as the boot option
# 14. To add the installation to virt-manager:
# 14.1 $ sed "s/CHANGEME/$USER/g" macOS-libvirt-Catalina.xml > macOS.xml
# 14.2 Inside macOS.xml change the emulator from /usr/bin/qemu-system-x86_64 to /run/libvirt/nix-emulators/qemu-system-x86_64
# 14.3 $ virt-xml-validate macOS.xml
# 15. $ virsh --connect qemu:///system define macOS.xml
# 16.(optional if permission is needed to the libvirt-qemu user)
# 16.1 $ sudo setfacl -m u:libvirt-qemu:rx /home/$USER
# 16.2 $ sudo setfacl -R -m u:libvirt-qemu:rx /home/$USER/OSX-KVM

19
overlays/default.nix Normal file
View File

@@ -0,0 +1,19 @@
{inputs, ...}: {
# This one brings our custom packages from the 'pkgs' directory
additions = final: _prev: import ../pkgs {pkgs = final;};
modifications = final: prev: {
mealie = final.unstable.mealie;
};
# When applied, the unstable nixpkgs set (declared in the flake inputs) will
# be accessible through 'pkgs.unstable'
unstable-packages = final: _prev: {
unstable = import inputs.nixpkgs-unstable {
system = final.system;
config.allowUnfree = true;
};
};
}

2
packages/default.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, ... }:
{
corosync-qdevice = pkgs.callPackage ./corosync-qdevice.nix {};
# corosync-qdevice = pkgs.callPackage ./corosync-qdevice.nix {};
}

2
secrets/secrets.nix
View File

@@ -72,8 +72,6 @@ in
"services/matrix/mautrix-signal.age".publicKeys = servers ++ users;
"services/nextcloud/adminpassFile.age".publicKeys = servers ++ users;
"services/nextcloud/dbpassFile.age".publicKeys = servers ++ users;
"services/nextcloud/onlyofficedb.age".publicKeys = servers ++ users;
"services/nextcloud/onlyofficejwt.age".publicKeys = servers ++ users;
"services/gitea/databasePassword.age".publicKeys = servers ++ users;
"services/gitea/mailerPassword.age".publicKeys = servers ++ users;
"services/mealie/credentialsFile.age".publicKeys = servers ++ users;

22
secrets/services/nextcloud/onlyofficedb.age
View File

@@ -1,22 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 WiIaQQ lZiUbsShMgOmglJAnHysuX4duiQ6Xgzxdiw3bJ7jFmo
mxCxc4gGaiJ2Jsq19z5C+iCBg1wOvb4EOIjfFysQwP0
-> ssh-rsa VtjGpQ
k2JoFW6YOJSBUsS1oMX9mJwBtIEWRP0Pr264Z91IReEtGD1rVZQy1wHNeHiI8tCl
watqGdjDfcUZ8ENb85PYOH6lc41fm0PBEcl6SJaf/1tNB+bLevqpjbLl6WgLTJMu
b6Aj0U/jXNUBnzS456uKg1+NYQD9+qv/e/3grL4EsMjld/yz3OeYQNB6KOJ331ya
hNNGaLW+xP/mPhNWJ7wbmr5JlaVIvAUUS7mxpmESo8fgPJmZxW5BYe8NBKE0fa0+
gqb9+TQQj9MpBAlOMkNy5IvWCLzJP4qBmlqzVvr19rizkQnxGEOgiNbrkhOgRptW
p9MF/ivZPcow+KYTnyFEAvUWEBAWa/q3iSw5UkHM+BeqqziyywUI+LjRteAnjfUr
BgvOrqFYtX7T0ibqU5H4lh7MtFYB1Nspns2qqQy87VoS/XUTU1Aw/1O/iP91d/ir
QZVr+O81DTmsIhol24Clie9dGGuVkRhGtxSDXLulmBXg15sQxzpWceIIW5pVhW36
CrW2R5ykcuQbimV5HabFVv2LCRvL0C2VtoOPWwQNhLTLIbgPn++4hDqC0WPjfhmG
86WAaLOawBzGLi9y2+olAdNpbW5HIuqLCVWIp6R50TfnMJC+iNxAuJrYzwok0sfs
U/EmSJCkgBK5BJ6wvtl4PTPAlr334FVqBHl1h/+6AqU
-> piv-p256 grR75w Aj+66kPY47AX7fStxmq6fan4cm1claBURHF8DM8qiIx3
geVLPvrFIfD5hBffawZiZjVn6koi62GdSzgVvUI0YzQ
-> piv-p256 RQguQQ Aqcc27R3NtqI9lrIEVat7u7Mv1I1riz64p5dVVCWkBGR
n5peqlGNkuq8Np1TbcLPYbHEnYjaofrD2P0jsEDCEmM
--- kHzUoqnNd54GdQe5PyNyTo8rLRx0jNWOxu0VZTMiuK0
JÞЗ+îµ›¦¹FLñf@#U{<G
­ ôÝs™Q挤}Œì.r¼K",,žÚûPŒ°„ºb

21
secrets/services/nextcloud/onlyofficejwt.age
View File

@@ -1,21 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 WiIaQQ 3mYcp46XhB7NIut0UYHMZyHVjIvrSpBKAsuVHlmQ5Tg
LoyXtkbvA/p0wimSSZ+poHI26YwnLVudaXLbcgbSBg4
-> ssh-rsa VtjGpQ
Ro7l9vUINp81aIty5ZIT1IcPLRw+sMU60sDMv+Ot18LfVU2RrdzTWo1BeReqVrk0
SzaNKYNPfxZGPACzHzO4zktawA9hwh7ssO8airhCtqOdutYA6dWm99edc1/UAdv5
j3Aejp/jA+Cc48OPvFpYN7cDCpcW148ssmMUZg+AMYB6kCUAHZbEYNd937K1IC4c
w5kpAPMmIe8LLJWlwfORklxGJnqwpxIcSmsqbqWtG8/aAW8UjZty+uOKmFo3cPUm
MU27/VDXuT4cZyIKc9qgqVV9EUjH7qVX0DaZIcMdv8irxIka8khw1pHPbOTzY9rD
ljVLKBRYawPB8FcswLBepoLp+dLIpg/RuZ06CSwWXaYAsQoepi7MGO14Me3JPlJS
ASq/YRI+cXt1bAIg+IGTsrjAVLgBTRgF5WBpqq/MabeItX5nGcF9fAz+VejKzN5S
rzg775WogfINe1SxcVv3iSBXhEuiSf/0BbhaYF4dMVn96ajKcx7+bf1WeTk/VTg0
yzbw54xQMH1r1qLtS9atvLQBFAQ9bs+ok9BQk+EsAD9SYmb8B6rn8sWs+/dxlrlU
fPSL0Cy2xxmrSEJMryW1j3UXumcctTyf90tfRuxudgJAlWE1wwPGbYPNkFhVhaAo
GSYqAdFTt5vTvy35vup8SpJaDnKFIXMtiYkU9zWOGqc
-> piv-p256 grR75w AkBxAO8JNL4qdNClKeFVkKR7XG4nF4ZrnwGHuo9XhxFN
svVttVDi19qzlt0Qxiwlp1FPaheOoGQzbbN8BOFq1a8
-> piv-p256 RQguQQ AlRunGVpufX09FqbxrE9bF1jTLRH3/6qSagJwkxEzKTX
T1BuhPNG0fJh/nLwlBrM1+BgXbNwl0KPpaWqWrEYGsk
--- tIvUk5ygeiebsxieH7cGJEK6oBpJukwY73JF3VF6HP0
rV€q˜<06>oW1¶61Ù·naž#“ý÷ªGÐ%™òì+N»±ö¬úŒ¿AÏñœs¦”å«ø/