diff --git a/.emacs.d/init.el b/.emacs.d/init.el index d444009..6e2feba 100644 --- a/.emacs.d/init.el +++ b/.emacs.d/init.el @@ -124,7 +124,7 @@ ;; Org styling, hide markup etc. org-hide-emphasis-markers t org-pretty-entities t - org-ellipsis " >" + org-ellipsis " →" ;; Agenda styling org-agenda-tags-column 0 @@ -148,6 +148,7 @@ (use-package nix-mode :straight t :mode "\\.nix\\'") (use-package yaml-mode :straight t) +(use-package svelte-mode :straight t) (use-package terraform-mode :straight t) (use-package yasnippet :straight t) (yas-global-mode 1) diff --git a/.emacs.d/theme-day.el b/.emacs.d/theme-day.el new file mode 100644 index 0000000..c4ebbc6 --- /dev/null +++ b/.emacs.d/theme-day.el @@ -0,0 +1,47 @@ +;;; theme-day.el --- switch themes based on time of day and mode. -*- lexical-binding: t; -*- + +;; Copyright (C) 2022 Gabriel Simmer + +;; Author: Gabriel Simmer +;; Keywords: themes, utility +;; Version: 0.0.1 + +;;; Commentary: + +;; This package provides a quick way of switching between predefined themes +;; with a simple toggle. Future versions may include a way of doing so automatically +;; at certain times of the day. + +;;; Code: +(require 'cl-lib) + +(defvar theme-day-keep-enabled '() "List of themes to keep enabled when toggling") +(defconst theme-day-light 'modus-operandi + "The theme to use during the day - preferably something lighter") +(defconst theme-day-night 'modus-vivendi + "The theme to use at night - preferably something dark") +(defvar theme-day-current-theme theme-day-light) + +(defun swap-theme (new &optional keep) + "Swaps out enabled theme(s) for new, keeping any specified" + (setq enabled-themes (cl-intersection keep custom-enabled-themes)) + (push new enabled-themes) + (customize-set-variable 'custom-enabled-themes enabled-themes)) + +(defun theme-day-toggle () + (if (eq theme-day-current-theme theme-day-light) + (progn + (theme-day-swap theme-day-night) + (setq theme-day-current-theme theme-day-night)) + (progn + (theme-day-swap theme-day-light) + (setq theme-day-current-theme theme-day-light)))) + +(defun theme-day-swap (theme) + "Trigger theme swap" + (swap-theme theme theme-day-keep-enabled)) + +(defun theme-day () (interactive) (theme-day-toggle)) + +(provide 'theme-day) +;;; theme-day.el ends here diff --git a/Dots.org b/Dots.org deleted file mode 100644 index 37063dd..0000000 --- a/Dots.org +++ /dev/null @@ -1,391 +0,0 @@ -* Dotfiles - -#+PROPERTY: header-args :mkdirp yes - -/now do it with orgmode!/ - -original old configs are in =archive/=. - -** Table of Contents - -:properties: -:toc: :include all :ignore this -:end: -:contents: -- [[#my-setup][My Setup]] - - [[#zsh][zsh]] - - [[#wezterm][WezTerm]] - - [[#systemd-units][Systemd Units]] - - [[#sublime-text][Sublime Text]] - - [[#emacs][emacs]] -:end: - -** My Setup - - ...is a little in flux. - - Over the past several months, I've been investing time into [[https://blog.gabrielsimmer.com/posts/emacs-induction/][learning emacs]], replacing - Sublime in my workflow. As a part of this I've also considered using Guix (see: =seedfile.org=), - but am not quite there in my journey, so they aren't included here. - -*** zsh - - zsh is my choice of shell, with some written-in-Rust replacements for - a few CLI tools. - - =.zshrc= - -#+begin_src shell :tangle .zshrc -export ZSH="/home/gsimmer/.oh-my-zsh" - -ZSH_THEME="frisk" - -plugins=(git fzf zsh-autosuggestions) - -source $ZSH/oh-my-zsh.sh - -export GOPATH="/home/gsimmer/projects/go" -export CARGOPATH="/home/gsimmer/.cargo/bin" -export PATH="/home/gsimmer/.local/bin:$GOPATH/bin:$CARGOPATH:$PATH" - -# Starship init. -#eval "$(starship init zsh)" - -# aliases for various Rust-based utils. -if [ $(which exa) != 'exa not found' ]; then - alias ls=exa -fi -if [ $(which bat) != 'bat not found' ]; then - alias cat=bat -fi -if [ $(which rg) != 'rg not found' ]; then - alias grep=rg -fi - -export NVM_DIR="$HOME/.nvm" -[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh" # This loads nvm -[ -s "$NVM_DIR/bash_completion" ] && \. "$NVM_DIR/bash_completion" # This loads nvm bash_completion - -export FLYCTL_INSTALL="/home/gsimmer/.fly" -export PATH="$FLYCTL_INSTALL/bin:$PATH" -#+end_src - -*** wezterm - - WezTerm is my terminal of choice these days, and is configured with Lua. - Most of the tweaks from the default config are around using Monokai Pro - colours. - - =.config/wezterm/wezterm.lua= - -#+begin_src lua :tangle .config/wezterm/wezterm.lua -local wezterm = require 'wezterm'; - -return { - automatically_reload_config = true, - font = wezterm.font("IBM Plex Mono"), - window_close_confirmation = "NeverPrompt", - font_size = 12, - initial_cols = 120, - initial_rows = 35, - colors = { - foreground = "#f7f1ff", - background = "#222222", - cursor_bg = "#8b888f", - cursor_fg = "#f7f1ff", - cursor_border = "#8b888f", - selection_fg = "#363537", - selection_bg = "#69676c", - scrollbar_thumb = "#222222", - split = "#fce566", - tab_bar = { - background = "#222222", - active_tab = { - bg_color = "#f7f1ff", - fg_color = "#69676c", - intensity = "Normal", - underline = "None", - italic = false, - strikethrough = false, - }, - - inactive_tab = { - bg_color = "#69676c", - fg_color = "#f7f1ff", - - }, - - inactive_tab_hover = { - bg_color = "#69676c", - fg_color = "#f7f1ff", - italic = true, - } - } - } -} -#+end_src - -*** systemd units - - When I move to Guix I expect I'll need to port these to Herd, but in the meantime... - -**** clock - - This runs a small webserver that renders a date that is fetched and displayed - on a Raspberry Pi with a small eink display. - - You can read more about it [[https://dev.to/gmemstr/tiny-eink-dashboard-29a4][here]]. - - =.config/systemd/user/clock.service= - -#+begin_src :tangle .config/systemd/user/clock.service -[Unit] -Description=eink Clock Server Daemon - -[Service] -WorkingDirectory=/mnt/wd/Projects/eink-dashboard -ExecStart=python server/main.py - -[Install] -WantedBy=default.target -#+end_src - -**** backup - - This runs the rclone command to back up my large data SSD to my NAS. Coupled with - a timer. - - =.config/systemd/user/backup.service= -#+begin_src :tangle .config/systemd/user/backup.service -[Unit] -Description=Backup Service for Projects -Wants=gsimmer.timer - -[Service] -Type=oneshot -WorkingDirectory=/mnt/fhg -ExecStart=bash rclone-pi.sh - -[Install] -WantedBy=default.target -#+end_src - - =.config/systemd/user/gsimmer.timer= - -#+begin_src :tangle .config/systemd/user/gsimmer.timer -[Unit] -Description=Runs backup script for project directories to Raspberry Pi. -Requires=backup.service - -[Timer] -Unit=backup.service -OnBootSec=15min -OnUnitActive=1w - -[Install] -WantedBy=timers.target -#+end_src - -*** emacs - - Ah, the star of the show! I'm still working on this configuration, - and plan to split it into seperate files for each package. In the - meantime, enjoy the monolith. - - =..emacs.d/init.el= - -#+begin_src elisp :tangle .emacs.d/init.el -(setq inhibit-startup-message t) -;; neccesary non-package related config -(setq auto-save-default nil) -(setq make-backup-files nil) -(global-set-key (kbd "") 'keyboard-escape-quit) -(set-face-attribute 'default nil :font "IBM Plex Mono" :height 120) -(scroll-bar-mode -1) -(tool-bar-mode -1) -(set-fringe-mode 10) -(menu-bar-mode -1) - -(setq org-edit-src-content-indentation 0 - org-src-tab-acts-natively t - org-src-preserve-indentation t) - -;; stupid hacks -(global-set-key (kbd "C-c y") 'clipboard-yank) -(global-set-key (kbd "C-c x") 'kill-ring-save) - -;; straight.el bootstrapping -(defvar bootstrap-version) -(let ((bootstrap-file - (expand-file-name "straight/repos/straight.el/bootstrap.el" user-emacs-directory)) - (bootstrap-version 5)) - (unless (file-exists-p bootstrap-file) - (with-current-buffer - (url-retrieve-synchronously - "https://raw.githubusercontent.com/raxod502/straight.el/develop/install.el" - 'silent 'inhibit-cookies) - (goto-char (point-max)) - (eval-print-last-sexp))) - (load bootstrap-file nil 'nomessage)) - -;; package list we want installed -;; first grab use-package :3 -(straight-use-package 'use-package) -(use-package el-patch :straight t) -(use-package monokai-pro-theme - :straight t - :config (load-theme 'monokai-pro-spectrum t)) -(use-package doom-modeline - :straight t - :init (doom-modeline-mode 1) - :custom (doom-mode-line-height 14)) -(use-package all-the-icons :straight t) -(use-package paredit - :straight t - :config - (add-hook 'emacs-lisp-mode-hook #'paredit-mode) - (add-hook 'lisp-interaction-mode-hook #'paredit-mode) - (add-hook 'ielm-mode-hook #'paredit-mode) - (add-hook 'lisp-mode-hook #'paredit-mode) - (add-hook 'eval-expression-minibuffer-setup-hook #'paredit-mode)) -(use-package which-key - :straight t - :config (which-key-mode)) -(use-package projectile - :straight t - :init (projectile-mode +1) - :config (setq projectile-project-search-path '("~/projects")) - :bind (:map projectile-mode-map - ("s-p" . projectile-command-map) - ("C-c p" . projectile-command-map))) - -(use-package treemacs - :straight t - :init (with-eval-after-load 'winum - (define-key winum-keymap (kbd "M-0") #'treemacs-select-window)) - :bind - (:map global-map - ("M-0" . treemacs-select-window) - ("C-x t t" . treemacs) - ("C-x t C-t" . treemacs-find-file))) -(use-package treemacs-projectile - :straight t - :after (treemacs projectile)) - -;; I hate that I need this, but WSL is /special/. -(when (and (eq system-type 'gnu/linux) - (getenv "WSLENV")) - (use-package exec-path-from-shell :straight t) - (exec-path-from-shell-initialize) -) - -;; lsp-mode stuff -(use-package eglot :straight t - :config (add-hook 'go-mode-hook 'eglot-ensure)) -(use-package company :straight t - :config - (add-hook 'after-init-hook 'global-company-mode) - (setq company-idle-delay 0) - (setq company-minimum-prefix-length 1)) -(use-package go-mode :straight t) -#+end_src - -*** sublime text - - Although I've moved to emacs for what I would use Sublime for, I still - keep this configuration around for quick setup in the case I need it - (e.g a virtual machine). - - Most of these settings are for Monokai Pro. - - =.config/sublime-text-3/Packages/User/Preferences.sublime-settings= - -#+begin_src json :tangle .config/sublime-text-3/Packages/User/Preferences.sublime-setting -{ - "auto_complete_delay": 20, - "color_scheme": "Monokai Pro (Filter Spectrum).sublime-color-scheme", - "font_face": "Iosevka Regular", - "font_size": 13, - "ignored_packages": - [ - "Rust", - "Vintage" - ], - "monokai_pro_file_icons": true, - "monokai_pro_highlight_open_folders": true, - "monokai_pro_minimal": true, - "monokai_pro_sidebar_headings": true, - "monokai_pro_style_title_bar": true, - "monokai_pro_ui_font_face": "IBM Plex Mono", - "rulers": - [ - 80 - ], - "theme": "Monokai Pro (Filter Spectrum).sublime-theme", - "mini_diff": "auto", - "hardware_acceleration": "opengl", - "themed_title_bar": true, -} -#+end_src - - I also keep a Package Control file to auto install stuff. - - =.config/sublime-text-3/Packages/User/Package Control.sublime-settings= - -#+begin_src json :tangle .config/sublime-text-3/Packages/User/Package Control.sublime-settings -{ - "bootstrapped": true, - "debug": true, - "in_process_packages": - [ - ], - "installed_packages": - [ - "Dockerfile Syntax Highlighting", - "Emmet", - "GitGutter", - "Gofmt", - "Golang Build", - "HexViewer", - "LSP", - "LSP-bash", - "LSP-intelephense", - "LSP-pyright", - "LSP-SourceKit", - "LSP-typescript", - "LSP-yaml", - "Package Control", - "paredit", - "Rust Enhanced", - "SideBarEnhancements", - "SublimeLinter", - "Swift", - "Theme - Monokai Pro", - "TOML", - "TypeScript", - ], -} -#+end_src - - And a Markdown specific configuration to bring the distraction-free - mode to the default windowed view. - - =.config/sublime-text-3/Packages/User/Markdown.sublime-settings= - -#+begin_src json :tangle .config/sublime-text-3/Packages/User/Markdown.sublime-settings -{ - "auto_complete": false, - "ignored_packages": ["Vintage", "Emmet", "SublimeCodeIntel"], - "draw_centered": true, - "spell_check": true, - "tab_completion": false, - "auto_complete_triggers": [], - "word_wrap": true, - "line_numbers": false, - "gutter": false, - "wrap_width": 80, - "word_wrap": true, - "scroll_past_end": true -} -#+end_src - diff --git a/Home.org b/Home.org new file mode 100644 index 0000000..1f3a287 --- /dev/null +++ b/Home.org @@ -0,0 +1,96 @@ +#+title: Home Manager Configurations +#+cdPROPERTY: header-args :mkdirp yes + +* Abstract + +I use home-manager to manage my... home. 'nuff said? + +* London + +#+begin_src nix :tangle home-manager/london.nix +{ config, pkgs, callPackage, ... }: + +{ + nixpkgs.overlays = [ + (import (builtins.fetchTarball { + url = https://github.com/nix-community/emacs-overlay/archive/master.tar.gz; + })) + ]; + + home.username = "gsimmer"; + home.homeDirectory = "/home/gsimmer"; + + nixpkgs.config.allowUnfree = true; + + programs.bash.enable = false; + programs.zsh = { + enable = true; + shellAliases = { + cat = "bat"; + }; + oh-my-zsh = { + enable = true; + plugins = [ "git" ]; + theme = "robbyrussell"; + }; + }; + + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + + services.lorri.enable = true; + + programs.git = { + enable = true; + userName = "Gabriel Simmer"; + userEmail = "gsimmer@protonmail.com"; + signing = { + key = "C81B106D46C5B875"; + signByDefault = true; + }; + }; + + programs.emacs = { + enable = true; + package = pkgs.emacsGit; + }; + + programs.exa = { + enable = true; + enableAliases = true; + }; + + programs.bat = { + enable = true; + }; + + home.packages = with pkgs; [ + discord + spotify + bitwarden-cli + mullvad-vpn + transmission-qt + vlc + obs-studio + python3 + lmms + prismlauncher + ripgrep + ]; + + # This value determines the Home Manager release that your + # configuration is compatible with. This helps avoid breakage + # when a new Home Manager release introduces backwards + # incompatible changes. + # + # You can update Home Manager without changing this value. See + # the Home Manager release notes for a list of state version + # changes in each release. + home.stateVersion = "22.05"; + + # Let Home Manager install and manage itself. + programs.home-manager.enable = true; +} +#+end_src diff --git a/Systems.org b/Systems.org index b416bb8..7520ab9 100644 --- a/Systems.org +++ b/Systems.org @@ -1,3 +1,4 @@ +#+title: NixOS System Configurations #+PROPERTY: header-args :mkdirp yes * Systems @@ -10,7 +11,10 @@ this is pretty close to the default configuration. London is my primary desktop. + Be sure to import the hardware configuration the Nix installer generates. + #+begin_src nix :tangle nix/configuration.nix +# Tangled in ../Systems.org { config, pkgs, ... }: { @@ -18,55 +22,115 @@ this is pretty close to the default configuration. [ ./hardware-configuration.nix ]; +#+end_src - nixpkgs.config.allowUnfree = true; +Bootloader is GRUB so I can dual boot Windows. =enableCryptodisk= is annoying but apparently neccesary. - boot.kernelPackages = pkgs.linuxPackages_latest; +#+begin_src nix :tangle nix/configuration.nix + boot.loader.grub = { + enable = true; + version = 2; + device = "nodev"; + useOSProber = true; + efiSupport = true; + enableCryptodisk = true; + canTouchEfiVariables = true; + efiSysMountPoint = "/boot/efi"; + }; +#+end_src - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; +Basic system stuff that I won't really touch by hand. Importantly, enabled nix flakes. - networking.hostName = "london"; +#+begin_src nix :tangle nix/configuration.nix + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + boot.kernelPackages = pkgs.linuxPackages_6_0; - # i18n stuff. - time.timeZone = "Europe/London"; - i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; + # Setup keyfile + boot.initrd.secrets = { + "/crypto_keyfile.bin" = null; }; - # Networking stuff. - networking.useDHCP = false; - networking.interfaces.enp4s0.useDHCP = true; - services.tailscale.enable = true; + # Enable swap on luks + boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".device = "/dev/disk/by-uuid/63100442-37df-4579-a787-cb2f2c67b3d1"; + boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".keyFile = "/crypto_keyfile.bin"; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + time.timeZone = "Europe/London"; + i18n.defaultLocale = "en_GB.utf8"; +#+end_src + +Networking stuff. I use Tailscale as a mesh VPN, and Mullvad for "privacy". + +#+begin_src nix :tangle nix/configuration.nix + networking.hostName = "LONDON"; # Define your hostname. + # Enable networking + networking.networkmanager.enable = true; + systemd.services.NetworkManager-wait-online.enable = false; + networking.firewall.checkReversePath = "loose"; + + networking.firewall.allowedTCPPorts = [ 3389 ]; # for RDP + + services.mullvad-vpn.enable = true; + services.tailscale.enable = true; +#+end_src + +Next, X11! I haven't quite made the switch to Wayland. Theoretically Plasma supports it but it doesn't seem to want to work. Long term I want to run Sway on an ultrawide. I also enable RDP in case I need to remote back into my desktop (if I can't use SSH for whatever reason). Also enable the nvidia drivers here. + +#+begin_src nix :tangle nix/configuration.nix + # Enable the X11 windowing system. services.xserver.enable = true; - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.opengl = { - enable = true; - extraPackages = with pkgs; [ - vaapiIntel - vaapiVdpau - libvdpau-va-gl - ]; - setLdLibraryPath = true; - driSupport32Bit = true; - }; - # Required for Proton games to function. - programs.steam.enable = true; - - # Enable the GNOME Desktop Environment. - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome.enable = true; + # Enable the KDE Plasma Desktop Environment. + services.xserver.displayManager.sddm.enable = true; + services.xserver.desktopManager.plasma5.enable = true; + services.xrdp.enable = true; + services.xrdp.defaultWindowManager = "startplasma-x11"; + # Configure keymap in X11 - services.xserver.layout = "us"; + services.xserver = { + layout = "us"; + xkbVariant = ""; + }; - # Disabled and replaced with Pipewire. + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.opengl.enable = true; +#+end_src + +Basic user setup. I use home-manager for my profile applications so just give me vim and that's it (I actually use emacs, but it doesn't hurt to have a fallback). + +#+begin_src nix :tangle nix/configuration.nix + programs.zsh.enable = true; + environment.shells = with pkgs; [ zsh ]; + users.users.gsimmer = { + shell = pkgs.zsh; + isNormalUser = true; + description = "Gabriel Simmer"; + extraGroups = [ "networkmanager" "wheel" ]; + packages = with pkgs; [ vim ]; + }; +#+end_src + +Misc. utilities. Printing, sound, Docker, Steam, fonts. Why is Steam installed at a system level? I don't know. I think I got confused. This will be move to home-manager at some point. + +#+begin_src nix :tangle nix/configuration.nix + environment.systemPackages = with pkgs; [ + os-prober + tailscale + cifs-utils + pinentry-curses + ]; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable sound with pipewire. + sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { @@ -74,52 +138,55 @@ this is pretty close to the default configuration. alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; - jack.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; }; - programs.zsh.enable = true; - users.users.gsimmer = { - isNormalUser = true; - shell = pkgs.zsh; - extraGroups = [ "wheel" "networkmanager" ]; + virtualisation = { + docker = { + enable = true; + rootless = { + enable = true; + setSocketVariable = true; + }; + }; + }; + + programs.dconf.enable = true; + + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = false; }; - environment.systemPackages = with pkgs; [ - vim - wget - firefox - emacs - curl - podman - tailscale + fonts.fonts = with pkgs; [ + ibm-plex + jetbrains-mono ]; - services.flatpak.enable = true; - xdg.portal.enable = true; - programs.mtr.enable = true; + + services.yubikey-agent.enable = true; + services.pcscd.enable = true; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; programs.gnupg.agent = { enable = true; + pinentryFlavor = "curses"; enableSSHSupport = true; }; - - networking.firewall.enable = false; - - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.05"; # Did you read the comment? - + system.stateVersion = "22.05"; } #+end_src -My goal here is to leverage the hardware configuration generated by -the NixOS to seperate out the specific-to-my-current-hardware configuration. +Hardware configuration generated by the NixOS installer. #+begin_src nix :tangle nix/hardware-configuration.nix +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. { config, lib, pkgs, modulesPath, ... }: { @@ -127,63 +194,51 @@ the NixOS to seperate out the specific-to-my-current-hardware configuration. [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - services.xserver = { - libinput = { - enable = true; - mouse = { accelProfile = "flat"; }; - }; - }; - fileSystems."/" = - { device = "/dev/disk/by-uuid/eb8699bd-a9e9-4166-8879-559b244caa20"; + { device = "/dev/disk/by-uuid/cd6f3e34-65ce-4be5-b4d4-6818e70dcff3"; fsType = "ext4"; - options = [ "noatime" "nodiratime" "discard" ]; }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/D582-4408"; + boot.initrd.luks.devices."luks-0cd5d85e-e232-4f75-a8b3-087737657fef".device = "/dev/disk/by-uuid/0cd5d85e-e232-4f75-a8b3-087737657fef"; + + fileSystems."/boot/efi" = + { device = "/dev/disk/by-uuid/AB23-FA19"; fsType = "vfat"; - options = [ "noatime" "nodiratime" "discard" ]; - }; - - fileSystems."/mnt/wd" = - { device = "/dev/disk/by-partlabel/WD"; - fsType = "ext4"; - options = [ "noatime" "nodiratime" "discard" ]; - }; - - fileSystems."/mnt/fhg" = - { device = "/dev/disk/by-label/FHG"; - fsType = "ext4"; - options = [ "noatime" "nodiratime" "discard" ]; }; + fileSystems."/home/gsimmer/FHG" = { + device = "/dev/disk/by-label/FHG"; + fsType = "ext4"; + }; + swapDevices = - [ { device = "/dev/disk/by-uuid/8a0c74ad-a88f-4ecd-a6ac-d7985355bce6"; } + [ { device = "/dev/disk/by-uuid/c50f2d93-2f31-4afc-ad26-4730a8f4b7f0"; } ]; - # high-resolution display + networking.useDHCP = lib.mkDefault true; + + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.video.hidpi.enable = lib.mkDefault true; } #+end_src ** Raspberry Pis - I have two Raspberry Pis - a 3B+ ("watcher"), and a 4 ("panda"). Watcher - serves as a watchdog for my self hosted services, usually living on Panda. +/This section is deprecated, as my Pis now run Raspbian with k3s./ + +I have two Raspberry Pis - a 3B+ ("watcher"), and a 4 ("panda"). Watcher +serves as a watchdog for my self hosted services, usually living on Panda. *** The Installer Image - Very minimal changes required here, only really need to enabled the SSH daemon - and add my key so I can push the actual configuration. +Very minimal changes required here, only really need to enabled the SSH daemon and add my key so I can push the actual configuration. - I might investigate bundling the "real" configurations into the live installer - image, so I have to run fewer commands. +I might investigate bundling the "real" configurations into the live installer image, so I have to run fewer commands. [[https://nixos.wiki/wiki/NixOS_on_ARM#Getting_the_installer][More info on the NixOS Wiki]] @@ -203,7 +258,6 @@ the NixOS to seperate out the specific-to-my-current-hardware configuration. openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIztwQxt+jqroFONSgq+xzPMuE2I5Dq/zWPQ8RcTYJr gabriel@gitgalaxy.com"]; }; } - #+end_src *** Watcher diff --git a/home-manager/london.nix b/home-manager/london.nix new file mode 100644 index 0000000..da6e621 --- /dev/null +++ b/home-manager/london.nix @@ -0,0 +1,85 @@ +{ config, pkgs, callPackage, ... }: + +{ + nixpkgs.overlays = [ + (import (builtins.fetchTarball { + url = https://github.com/nix-community/emacs-overlay/archive/master.tar.gz; + })) + ]; + + home.username = "gsimmer"; + home.homeDirectory = "/home/gsimmer"; + + nixpkgs.config.allowUnfree = true; + + programs.bash.enable = false; + programs.zsh = { + enable = true; + shellAliases = { + cat = "bat"; + }; + oh-my-zsh = { + enable = true; + plugins = [ "git" ]; + theme = "robbyrussell"; + }; + }; + + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; + + services.lorri.enable = true; + + programs.git = { + enable = true; + userName = "Gabriel Simmer"; + userEmail = "gsimmer@protonmail.com"; + signing = { + key = "C81B106D46C5B875"; + signByDefault = true; + }; + }; + + programs.emacs = { + enable = true; + package = pkgs.emacsGit; + }; + + programs.exa = { + enable = true; + enableAliases = true; + }; + + programs.bat = { + enable = true; + }; + + home.packages = with pkgs; [ + discord + spotify + bitwarden-cli + mullvad-vpn + transmission-qt + vlc + obs-studio + python3 + lmms + prismlauncher + ripgrep + ]; + + # This value determines the Home Manager release that your + # configuration is compatible with. This helps avoid breakage + # when a new Home Manager release introduces backwards + # incompatible changes. + # + # You can update Home Manager without changing this value. See + # the Home Manager release notes for a list of state version + # changes in each release. + home.stateVersion = "22.05"; + + # Let Home Manager install and manage itself. + programs.home-manager.enable = true; +} diff --git a/nix/configuration.nix b/nix/configuration.nix index 0f96091..9f9ed1c 100644 --- a/nix/configuration.nix +++ b/nix/configuration.nix @@ -1,3 +1,4 @@ +# Tangled in ../Systems.org { config, pkgs, ... }: { @@ -6,54 +7,89 @@ ./hardware-configuration.nix ]; - nixpkgs.config.allowUnfree = true; - - boot.kernelPackages = pkgs.linuxPackages_latest; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "london"; - - # i18n stuff. - time.timeZone = "Europe/London"; - i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; + boot.loader.grub = { + enable = true; + version = 2; + device = "nodev"; + useOSProber = true; + efiSupport = true; + enableCryptodisk = true; + canTouchEfiVariables = true; + efiSysMountPoint = "/boot/efi"; }; - # Networking stuff. - networking.useDHCP = false; - networking.interfaces.enp4s0.useDHCP = true; + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + boot.kernelPackages = pkgs.linuxPackages_6_0; + + # Setup keyfile + boot.initrd.secrets = { + "/crypto_keyfile.bin" = null; + }; + + # Enable swap on luks + boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".device = "/dev/disk/by-uuid/63100442-37df-4579-a787-cb2f2c67b3d1"; + boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".keyFile = "/crypto_keyfile.bin"; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + time.timeZone = "Europe/London"; + i18n.defaultLocale = "en_GB.utf8"; + + networking.hostName = "LONDON"; # Define your hostname. + # Enable networking + networking.networkmanager.enable = true; + systemd.services.NetworkManager-wait-online.enable = false; + networking.firewall.checkReversePath = "loose"; + + networking.firewall.allowedTCPPorts = [ 3389 ]; # for RDP + + services.mullvad-vpn.enable = true; services.tailscale.enable = true; # Enable the X11 windowing system. services.xserver.enable = true; - services.xserver.videoDrivers = [ "nvidia" ]; - hardware.opengl = { - enable = true; - extraPackages = with pkgs; [ - vaapiIntel - vaapiVdpau - libvdpau-va-gl - ]; - setLdLibraryPath = true; - driSupport32Bit = true; - }; - # Required for Proton games to function. - programs.steam.enable = true; - - # Enable the GNOME Desktop Environment. - services.xserver.displayManager.gdm.enable = true; - services.xserver.desktopManager.gnome.enable = true; + # Enable the KDE Plasma Desktop Environment. + services.xserver.displayManager.sddm.enable = true; + services.xserver.desktopManager.plasma5.enable = true; + services.xrdp.enable = true; + services.xrdp.defaultWindowManager = "startplasma-x11"; + # Configure keymap in X11 - services.xserver.layout = "us"; + services.xserver = { + layout = "us"; + xkbVariant = ""; + }; - # Disabled and replaced with Pipewire. + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.opengl.enable = true; + + programs.zsh.enable = true; + environment.shells = with pkgs; [ zsh ]; + users.users.gsimmer = { + shell = pkgs.zsh; + isNormalUser = true; + description = "Gabriel Simmer"; + extraGroups = [ "networkmanager" "wheel" ]; + packages = with pkgs; [ vim ]; + }; + + environment.systemPackages = with pkgs; [ + os-prober + tailscale + cifs-utils + pinentry-curses + ]; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable sound with pipewire. + sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { @@ -61,43 +97,44 @@ alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; - jack.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; }; - programs.zsh.enable = true; - users.users.gsimmer = { - isNormalUser = true; - shell = pkgs.zsh; - extraGroups = [ "wheel" "networkmanager" ]; + virtualisation = { + docker = { + enable = true; + rootless = { + enable = true; + setSocketVariable = true; + }; + }; + }; + + programs.dconf.enable = true; + + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = false; }; - environment.systemPackages = with pkgs; [ - vim - wget - firefox - emacs - curl - podman - tailscale + fonts.fonts = with pkgs; [ + ibm-plex + jetbrains-mono ]; - services.flatpak.enable = true; - xdg.portal.enable = true; - programs.mtr.enable = true; + + services.yubikey-agent.enable = true; + services.pcscd.enable = true; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; programs.gnupg.agent = { enable = true; + pinentryFlavor = "curses"; enableSSHSupport = true; }; - - networking.firewall.enable = false; - - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.05"; # Did you read the comment? - + system.stateVersion = "22.05"; } diff --git a/nix/hardware-configuration.nix b/nix/hardware-configuration.nix index c185543..f82c508 100644 --- a/nix/hardware-configuration.nix +++ b/nix/hardware-configuration.nix @@ -1,3 +1,6 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. { config, lib, pkgs, modulesPath, ... }: { @@ -5,46 +8,34 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - services.xserver = { - libinput = { - enable = true; - mouse = { accelProfile = "flat"; }; - }; - }; - fileSystems."/" = - { device = "/dev/disk/by-uuid/eb8699bd-a9e9-4166-8879-559b244caa20"; + { device = "/dev/disk/by-uuid/cd6f3e34-65ce-4be5-b4d4-6818e70dcff3"; fsType = "ext4"; - options = [ "noatime" "nodiratime" "discard" ]; }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/D582-4408"; + boot.initrd.luks.devices."luks-0cd5d85e-e232-4f75-a8b3-087737657fef".device = "/dev/disk/by-uuid/0cd5d85e-e232-4f75-a8b3-087737657fef"; + + fileSystems."/boot/efi" = + { device = "/dev/disk/by-uuid/AB23-FA19"; fsType = "vfat"; - options = [ "noatime" "nodiratime" "discard" ]; - }; - - fileSystems."/mnt/wd" = - { device = "/dev/disk/by-partlabel/WD"; - fsType = "ext4"; - options = [ "noatime" "nodiratime" "discard" ]; - }; - - fileSystems."/mnt/fhg" = - { device = "/dev/disk/by-label/FHG"; - fsType = "ext4"; - options = [ "noatime" "nodiratime" "discard" ]; }; + fileSystems."/home/gsimmer/FHG" = { + device = "/dev/disk/by-label/FHG"; + fsType = "ext4"; + }; + swapDevices = - [ { device = "/dev/disk/by-uuid/8a0c74ad-a88f-4ecd-a6ac-d7985355bce6"; } + [ { device = "/dev/disk/by-uuid/c50f2d93-2f31-4afc-ad26-4730a8f4b7f0"; } ]; - # high-resolution display + networking.useDHCP = lib.mkDefault true; + + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.video.hidpi.enable = lib.mkDefault true; }