diff --git a/flake.nix b/flake.nix
index 56e7a65..451fb86 100755
--- a/flake.nix
+++ b/flake.nix
@@ -344,6 +344,29 @@
};
};
+ AspireTC705 = nixpkgs.lib.nixosSystem {
+ system = "x86_64-linux";
+ modules = [
+ ./host/AspireTC705/configuration.nix
+ ./hardware-configuration.nix
+ home-manager.nixosModules.home-manager
+ (
+ { ... }:
+ {
+ nix = {
+ registry.nixpkgs.flake = nixpkgs;
+ nixPath = [ "nixpkgs=${nixpkgs.outPath}" ];
+ };
+ }
+ )
+ ];
+ specialArgs = {
+ inherit home-manager;
+ inherit nixpkgs-stable;
+ inherit (inputs) nom;
+ };
+ };
+
Rory-portable = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
diff --git a/host/Arc/configuration.nix b/host/Arc/configuration.nix
index d4c593d..4a7ba93 100644
--- a/host/Arc/configuration.nix
+++ b/host/Arc/configuration.nix
@@ -12,13 +12,15 @@ args@{
# base imports
../../modules/base-client.nix
../../packages/vim.nix
- ../../modules/users/Arci.nix
+ #../../modules/users/Arci.nix
+ ../../modules/users/geba.nix
# hardware-specific imports
#./optional/hardware-specific/nvidia.nix
#./optional/gui/x11.nix
./optional/gui/wayland.nix
+ ./printing.nix
];
boot = {
@@ -36,8 +38,9 @@ args@{
};
programs.noisetorch.enable = true;
programs.gamemode.enable = true;
- users.users.Rory.extraGroups = [ "gamemode" ];
- users.users.Arci.extraGroups = [ "gamemode" ];
+ #users.users.Rory.extraGroups = [ "gamemode" ];
+ #users.users.Arci.extraGroups = [ "gamemode" ];
+ users.users.geba.extraGroups = [ "gamemode" ];
environment.sessionVariables = {
ZSH_DISABLE_COMPFIX = "true";
@@ -61,8 +64,8 @@ args@{
services = {
displayManager.gdm.enable = true;
- displayManager.lightdm.enable = false;
xserver = {
+ displayManager.lightdm.enable = false;
enable = true;
updateDbusEnvironment = true;
xkb.layout = "us";
@@ -92,7 +95,7 @@ args@{
environment.systemPackages = with pkgs; [
eog
#mpv
- libreoffice
+ #libreoffice
qt6.qtwayland
#easyeffects
@@ -124,15 +127,16 @@ args@{
firefox-bin
#ungoogled-chromium #needed for Rider in order to debug WASM
+ google-chrome
unrar-wrapper
#mangohud
#prismlauncher
#vesktop
#mindustry
- thunderbird
+ #thunderbird
- blueman
- ft2-clone
+ #blueman
+ #ft2-clone
(callPackage ../../packages/nheko-git.nix {
inherit nhekoSrc;
@@ -143,7 +147,7 @@ args@{
programs.steam = {
enable = false;
- gamescopeSession.enable = true;
+ gamescopeSession.enable = false;
extraCompatPackages = with pkgs; [
steam-play-none
proton-ge-bin
@@ -221,8 +225,8 @@ args@{
#};
# };
- virtualisation.libvirtd.enable = true;
- programs.virt-manager.enable = true;
+ virtualisation.libvirtd.enable = false;
+ programs.virt-manager.enable = false;
monitoring = {
monitorAll = false;
@@ -238,7 +242,7 @@ args@{
services.gvfs.enable = true;
zramSwap = {
enable = true;
- memoryPercent = 200;
+ memoryPercent = 300;
};
services.pcscd.enable = true;
diff --git a/host/Arc/optional/gui/wayland.nix b/host/Arc/optional/gui/wayland.nix
index f3bc56d..639906f 100644
--- a/host/Arc/optional/gui/wayland.nix
+++ b/host/Arc/optional/gui/wayland.nix
@@ -52,6 +52,8 @@
virt-viewer
keepassxc
networkmanagerapplet
+ mpv
+ #obs-studio
];
#environment.etc."hyprPlugins" = {
diff --git a/host/Arc/printing.nix b/host/Arc/printing.nix
new file mode 100644
index 0000000..4f86347
--- /dev/null
+++ b/host/Arc/printing.nix
@@ -0,0 +1,54 @@
+{ pkgs, ... }:
+
+{
+ imports = [ ];
+
+ users.users = {
+ Rory = {
+ extraGroups = [
+ "lp"
+ "scanner"
+ ];
+ };
+ };
+
+ environment.systemPackages = with pkgs; [
+ xsane
+ simple-scan
+ ];
+
+ hardware = {
+ sane.enable = true;
+ sane.extraBackends = [
+ pkgs.hplipWithPlugin
+ pkgs.sane-airscan
+ ];
+ };
+
+ programs.system-config-printer.enable = true;
+
+ services = {
+ gvfs.enable = true;
+ saned.enable = true;
+ system-config-printer.enable = true;
+ ipp-usb.enable = true;
+ printing = {
+ enable = true;
+ browsing = true;
+ drivers = with pkgs; [ hplip ];
+ };
+ avahi = {
+ enable = true;
+ nssmdns4 = true;
+ reflector = true;
+ publish = {
+ workstation = true;
+ userServices = true;
+ hinfo = true;
+ enable = true;
+ domain = true;
+ addresses = true;
+ };
+ };
+ };
+}
diff --git a/host/AspireTC705/configuration.nix b/host/AspireTC705/configuration.nix
new file mode 100644
index 0000000..06296a3
--- /dev/null
+++ b/host/AspireTC705/configuration.nix
@@ -0,0 +1,205 @@
+args@{
+ config,
+ pkgs,
+ lib,
+ nhekoSrc,
+ mtxclientSrc,
+ ...
+}:
+
+{
+ imports = [
+ # base imports
+ ../../modules/base-client.nix
+ ../../packages/vim.nix
+ ../../modules/users/geba.nix
+ ../../modules/software-templates/eid-mw.nix
+
+ ./printing.nix
+ ];
+
+ boot = {
+ kernelPackages = pkgs.linuxPackages_latest;
+ loader = {
+ grub = {
+ configurationLimit = 10;
+ enable = true;
+ device = "nodev"; # nodev for EFI only
+ # EFI
+ efiSupport = true;
+ efiInstallAsRemovable = true;
+ };
+ };
+ };
+ programs.noisetorch.enable = true;
+ programs.gamemode.enable = true;
+ users.users.geba.extraGroups = [ "gamemode" ];
+
+ environment.sessionVariables = {
+ ZSH_DISABLE_COMPFIX = "true";
+ };
+
+ networking = {
+ hostName = "AspireTC705";
+ networkmanager.enable = true;
+ wireless.enable = true;
+ firewall = {
+ enable = false;
+ # allowedTCPPorts = [ ... ];
+ # allowedUDPPorts = [ ... ];
+ };
+
+ #useDHCP = true; # Doesn't work with NetworkManager, investigate
+ };
+
+ time.timeZone = "Europe/Brussels";
+ i18n.defaultLocale = "en_US.UTF-8";
+
+ services = {
+ displayManager.gdm.enable = true;
+ xserver = {
+ displayManager.lightdm.enable = false;
+ enable = true;
+ updateDbusEnvironment = true;
+ xkb.layout = "us";
+ };
+ libinput.enable = true;
+
+ openssh = {
+ enable = true;
+ extraConfig = ''
+ MaxAuthTries 32
+ '';
+ settings.PermitRootLogin = "yes";
+ };
+ pipewire = {
+ enable = true;
+ audio.enable = true;
+ pulse.enable = true;
+ wireplumber.enable = true;
+ jack.enable = true;
+ alsa.enable = true;
+ };
+
+ desktopManager.plasma6.enable = true;
+ };
+
+ services.desktopManager.gnome.enable = false;
+ environment.systemPackages = with pkgs; [
+ anydesk
+ eog
+ libreoffice
+ qt6.qtwayland
+
+ easyeffects
+ kitty
+ vscode
+
+ # - Utilities
+ #inkscape-with-extensions
+ gimp
+
+ # - Languages
+ steam-run
+ file-roller
+
+ google-chrome
+ unrar-wrapper
+ keepassxc
+ thunderbird
+
+ blueman
+ # Wrapper script to tell to Chrome/Chromium to use p11-kit-proxy to load
+ # security devices, so they can be used for TLS client auth.
+ # Each user needs to run this themselves, it does not work on a system level
+ # due to a bug in Chromium:
+ #
+ # https://bugs.chromium.org/p/chromium/issues/detail?id=16387
+ (pkgs.writeShellScriptBin "setup-browser-eid" ''
+ NSSDB="''${HOME}/.pki/nssdb"
+ mkdir -p ''${NSSDB}
+
+ ${pkgs.nssTools}/bin/modutil -force -dbdir sql:$NSSDB -add p11-kit-proxy \
+ -libfile ${pkgs.p11-kit}/lib/p11-kit-proxy.so
+ '')
+ ];
+
+ programs.steam = {
+ enable = false;
+ gamescopeSession.enable = false;
+ extraCompatPackages = with pkgs; [
+ steam-play-none
+ proton-ge-bin
+ ];
+ };
+ virtualisation.waydroid.enable = false;
+
+ xdg = {
+ portal = {
+ enable = true;
+ extraPortals = with pkgs; [
+ #xdg-desktop-portal-gtk
+ xdg-desktop-portal-xapp
+ # (callPackage ../../modules/packages/xdg-desktop-portal-gtk.nix { })
+ ];
+ config = {
+ common = {
+ default = [ "gtk" ];
+ };
+ };
+ xdgOpenUsePortal = true;
+ };
+ #sounds.enable = true;
+ #mime.enable = true;
+ #menus.enable = true;
+ #icons.enable = true;
+ #autostart.enable = true;
+ };
+
+ nixpkgs = {
+ config = {
+ allowUnfree = true;
+ permittedInsecurePackages = [
+ "electron-25.9.0"
+ "olm-3.2.16"
+ "dotnet-sdk-wrapped-7.0.410"
+ "dotnet-sdk-7.0.410"
+ ];
+ };
+ };
+ security = {
+ polkit.enable = true;
+ sudo.wheelNeedsPassword = false;
+ };
+
+ hardware = {
+ pulseaudio.enable = false;
+ };
+
+ programs.dconf.enable = true;
+ services.power-profiles-daemon.enable = true;
+
+
+ services.gvfs.enable = true;
+ zramSwap = {
+ enable = true;
+ memoryPercent = 300;
+ };
+ services.pcscd.enable = true;
+
+ virtualisation.vmVariant = {
+ users = {
+ mutableUsers = false;
+ users.Rory.password = "password";
+ };
+ networking.interfaces.enp34s0 = lib.mkForce { };
+ };
+
+ system.stateVersion = "24.11"; # DO NOT EDIT!
+ system.activationScripts.web-eid-app = {
+ text = ''
+ mkdir -p /usr/lib/x86_64-linux-gnu
+ ln -sf ${pkgs.eid-mw}/lib/pkcs11/beidpkcs11.so /usr/lib/x86_64-linux-gnu/libbeidpkcs11.so.0
+ '';
+};
+}
diff --git a/host/AspireTC705/hooks/post-rebuild.sh b/host/AspireTC705/hooks/post-rebuild.sh
new file mode 100755
index 0000000..30733ad
--- /dev/null
+++ b/host/AspireTC705/hooks/post-rebuild.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env sh
+set -x
+
+git restore --staged hardware-configuration.nix
+git restore --staged Ran.ca
+git restore --staged modules/opensuse/
+git restore --staged opensuse/
\ No newline at end of file
diff --git a/host/AspireTC705/hooks/pre-rebuild.sh b/host/AspireTC705/hooks/pre-rebuild.sh
new file mode 100755
index 0000000..d4ec9d3
--- /dev/null
+++ b/host/AspireTC705/hooks/pre-rebuild.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env sh
+set -x
+
+git add -f hardware-configuration.nix
+git add -f Ran.ca
+git add -f modules/opensuse/
+git add -f opensuse/
\ No newline at end of file
diff --git a/host/AspireTC705/optional/hardware-specific/amd.nix b/host/AspireTC705/optional/hardware-specific/amd.nix
new file mode 100644
index 0000000..e4758a6
--- /dev/null
+++ b/host/AspireTC705/optional/hardware-specific/amd.nix
@@ -0,0 +1,42 @@
+{
+ config,
+ pkgs,
+ lib,
+ nhekoSrc,
+ mtxclientSrc,
+ ...
+}:
+
+{
+ imports = [ ];
+
+ boot.initrd.kernelModules = [ "amdgpu" ];
+
+ services = {
+ xserver = {
+ windowManager.i3.extraSessionCommands = ''
+ xrandr --output HDMI-1 --mode 3840x2160 --pos 0x0 --rotate normal --primary --output DP-1 --mode 1920x1080 --pos 3840x1080 --rotate normal --output HDMI-2 --off --output DP-2 --off
+ '';
+ wacom.enable = true;
+ };
+ picom.backend = "glx";
+ };
+
+ environment.systemPackages = with pkgs; [
+ rocmPackages.rocm-smi # useful to have
+ ];
+
+ hardware = {
+ graphics = {
+ enable = true;
+ enable32Bit = true;
+ extraPackages = with pkgs; [
+ rocmPackages.clr.icd
+ #amdvlk
+ ];
+ #extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ];
+ };
+ };
+
+ systemd.tmpfiles.rules = [ "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" ];
+}
diff --git a/host/AspireTC705/optional/hardware-specific/nvidia.nix b/host/AspireTC705/optional/hardware-specific/nvidia.nix
new file mode 100644
index 0000000..1f98541
--- /dev/null
+++ b/host/AspireTC705/optional/hardware-specific/nvidia.nix
@@ -0,0 +1,40 @@
+{
+ config,
+ pkgs,
+ lib,
+ nhekoSrc,
+ mtxclientSrc,
+ ...
+}:
+
+{
+ imports = [
+
+ ];
+
+ services = {
+ xserver = {
+ #videoDrivers = [ "nvidia" ];
+ #windowManager.i3.extraSessionCommands = ''
+ # todo: restore
+ #'';
+ };
+ picom.backend = "glx";
+ };
+
+ hardware = {
+ graphics = {
+ enable = true;
+ };
+
+ nvidia = {
+ modesetting.enable = true;
+ powerManagement.enable = false;
+ powerManagement.finegrained = false;
+ open = true;
+ nvidiaSettings = true;
+ nvidiaPersistenced = true;
+ package = config.boot.kernelPackages.nvidiaPackages.stable;
+ };
+ };
+}
diff --git a/host/AspireTC705/printing.nix b/host/AspireTC705/printing.nix
new file mode 100644
index 0000000..4f86347
--- /dev/null
+++ b/host/AspireTC705/printing.nix
@@ -0,0 +1,54 @@
+{ pkgs, ... }:
+
+{
+ imports = [ ];
+
+ users.users = {
+ Rory = {
+ extraGroups = [
+ "lp"
+ "scanner"
+ ];
+ };
+ };
+
+ environment.systemPackages = with pkgs; [
+ xsane
+ simple-scan
+ ];
+
+ hardware = {
+ sane.enable = true;
+ sane.extraBackends = [
+ pkgs.hplipWithPlugin
+ pkgs.sane-airscan
+ ];
+ };
+
+ programs.system-config-printer.enable = true;
+
+ services = {
+ gvfs.enable = true;
+ saned.enable = true;
+ system-config-printer.enable = true;
+ ipp-usb.enable = true;
+ printing = {
+ enable = true;
+ browsing = true;
+ drivers = with pkgs; [ hplip ];
+ };
+ avahi = {
+ enable = true;
+ nssmdns4 = true;
+ reflector = true;
+ publish = {
+ workstation = true;
+ userServices = true;
+ hinfo = true;
+ enable = true;
+ domain = true;
+ addresses = true;
+ };
+ };
+ };
+}
diff --git a/modules/users/geba.nix b/modules/users/geba.nix
new file mode 100644
index 0000000..6214d91
--- /dev/null
+++ b/modules/users/geba.nix
@@ -0,0 +1,200 @@
+{ lib, pkgs, ... }:
+
+{
+ users.users.geba = {
+ isNormalUser = true;
+ group = "users";
+ extraGroups = [
+ "wheel"
+ "libvirtd"
+ "ocp"
+ ];
+ packages = with pkgs; [
+ lnav
+ age
+ git
+ lsd
+ duf
+ (btop.override { rocmSupport = true; })
+ htop
+ kitty.terminfo
+ tmux
+ jq
+ dig
+
+ # - zsh
+ zsh
+ zsh-powerlevel10k
+ zsh-nix-shell
+ zsh-you-should-use
+ zsh-syntax-highlighting
+ zsh-completions
+
+ wireguard-tools
+ ];
+ openssh.authorizedKeys.keys = [
+ ];
+ useDefaultShell = true;
+ shell = pkgs.zsh;
+ };
+ programs.zsh.enable = true;
+ environment.shells = with pkgs; [ zsh ];
+
+ home-manager.users.geba = {
+ home.preferXdgDirectories = true;
+ home.sessionVariables = {
+ EDITOR = "nvim";
+ SYSTEMD_EDITOR = "nvim";
+ GIT_EDITOR = "nvim";
+ QT_QPA_PLATFORMTHEME = "xdgdesktopportal";
+ GTK_USE_PORTAL = "1";
+ _JAVA_AWT_WM_NONREPARENTING = "1";
+ WINEDEBUG = "-all";
+ CHOKIDAR_USEPOLLING = "true";
+ MSBUILDLIVELOGGER = "auto";
+ DOTNET_WATCH_SUPPRESS_LAUNCH_BROWSER = "1";
+ DOTNET_CLI_TELEMETRY_OPTOUT = "1";
+ NIXPKGS_ALLOW_UNFREE = "1";
+ MOZ_USE_XINPUT2 = "1";
+ };
+ programs = {
+ git = {
+ enable = true;
+ settings = {
+ user.name = "Rory&";
+ user.email = "root@rory.gay";
+ safe.directory = "/";
+ };
+ };
+ zsh = {
+ enable = true;
+ #enableAutosuggestions = true;
+ autosuggestion.enable = true;
+ enableVteIntegration = true;
+ autocd = true;
+
+ initExtraFirst = ''
+ export EDITOR=nvim
+ export SYSTEMD_EDITOR=$EDITOR
+ export GIT_EDITOR=$EDITOR
+ export QT_QPA_PLATFORMTHEME=xdgdesktopportal
+ export GTK_USE_PORTAL=1
+ export _JAVA_AWT_WM_NONREPARENTING=1
+ export WINEDEBUG=-all
+ export DOTPROFILE_LOADED='yes'
+ export CHOKIDAR_USEPOLLING=true
+ export MSBUILDLIVELOGGER=auto
+ export DOTNET_WATCH_SUPPRESS_LAUNCH_BROWSER=1
+ export DOTNET_CLI_TELEMETRY_OPTOUT=1
+ function mkkey() {
+ echo "Making key for $1"
+ ssh-keygen -t ed25519 -C "$HOST -> $1" -f ~/.ssh/id_ed25519_$1
+ (
+ echo "Host $1"
+ echo " IdentityFile ~/.ssh/id_ed25519_$1"
+ ) >> ~/.ssh/config
+ echo 'Done! Public key:'
+ cat ~/.ssh/id_ed25519_$1.pub
+ }
+
+ export DISABLE_AUTO_UPDATE=true
+ COMPLETION_WAITING_DOTS="true"
+ '';
+ initExtra = ''
+ alias mv='mv -v'
+ alias pre='npx prettier -w'
+ alias git-commit='git commit --signoff --sign'
+ alias npm='NODE_OPTIONS=--openssl-legacy-provider npm'
+ alias npx='NODE_OPTIONS=--openssl-legacy-provider npx'
+ alias yarn='NODE_OPTIONS=--openssl-legacy-provider npx -y yarn --use-yarnrc $XDG_CONFIG_HOME/yarn/config'
+ alias node='NODE_OPTIONS=--openssl-legacy-provider node'
+ # - dotnet
+ alias drun='dotnet watch run --no-hot-reload --property WarningLevel=0'
+ alias dbuild='dotnet watch build --no-hot-reload --property WarningLevel=0'
+ alias ls='lsd -lAhF --color=always --icon=always'
+ alias transfetch='neofetch --kitty ~/trans_witch.jpg'
+ alias gc='git-commit'
+ [ -f "$HOME/.profile" ] && . $HOME/.profile
+ '';
+ #alias knconfig='cp .config ../$(date ''+%Y%m%d_%k%M%S\'').config -v; make CC=clang LLVM=1 nconfig'
+ oh-my-zsh = {
+ enable = true;
+ plugins = [
+ "git"
+ "sudo"
+ ];
+ };
+
+ plugins = [
+ {
+ name = "powerlevel10k";
+ src = pkgs.zsh-powerlevel10k;
+ file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
+ }
+ {
+ name = "powerlevel10k-config";
+ src = lib.cleanSource ./Rory;
+ file = "p10k.zsh";
+ }
+ {
+ name = "zsh-syntax-highlighting";
+ src = pkgs.zsh-syntax-highlighting;
+ file = "share/zsh-syntax-highlighting/zsh-syntax-highlighting.zsh";
+ }
+ {
+ name = "zsh-autosuggestions";
+ src = pkgs.zsh-autosuggestions;
+ file = "share/zsh-autosuggestions/zsh-autosuggestions.zsh";
+ }
+ ];
+
+ localVariables = {
+ POWERLEVEL9K_LEFT_PROMPT_ELEMENTS = [
+ "os_icon"
+ "dir"
+ "vcs"
+ "prompt_char"
+ ];
+ POWERLEVEL9K_RIGHT_PROMPT_ELEMENTS = [
+ "status"
+ "command_execution_time"
+ "background_jobs"
+ "direnv"
+ "virtualenv"
+ "pyenv"
+ "nodeenv"
+ "context"
+ "nix_shell"
+ "vi_mode"
+ "load"
+ "disk_usage"
+ "ram"
+ ];
+ POWERLEVEL9K_MODE = "nerdfont-complete";
+ POWERLEVEL9K_ICON_PADDING = "none";
+ POWERLEVEL9K_PROMPT_ADD_NEWLINE = "false";
+ POWERLEVEL9K_LEFT_SUBSEGMENT_SEPARATOR = "\uE0B1";
+ POWERLEVEL9K_RIGHT_SUBSEGMENT_SEPARATOR = "\uE0B3";
+ POWERLEVEL9K_LEFT_SEGMENT_SEPARATOR = "\uE0B0";
+ POWERLEVEL9K_RIGHT_SEGMENT_SEPARATOR = "\uE0B2";
+ POWERLEVEL9K_LEFT_PROMPT_LAST_SEGMENT_END_SYMBOL = "\uE0B0";
+ POWERLEVEL9K_RIGHT_PROMPT_FIRST_SEGMENT_START_SYMBOL = "\uE0B2";
+ POWERLEVEL9K_PROMPT_CHAR_OVERWRITE_STATE = true;
+ };
+ };
+ neovim = {
+ defaultEditor = true;
+ viAlias = true;
+ vimAlias = true;
+ vimdiffAlias = true;
+ coc = {
+ enable = true;
+
+ };
+ };
+ };
+
+ home.stateVersion = "22.11";
+ };
+}
+
diff --git a/update.sh b/update.sh
index 290a208..5fe7639 100755
--- a/update.sh
+++ b/update.sh
@@ -9,5 +9,5 @@ if [ -d "nixpkgs" ]; then
fi
echo '<=== UPDATING FLAKE INPUTS ===>'
-nix flake update -vL
+nix flake update --accept-flake-config -vL
./build.sh / $HOSTNAME
|
