{ description = "System config"; inputs = { nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs_stable.url = "nixpkgs/nixos-22.11"; vps_nixpkgs.url = "nixpkgs/master"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; flake-utils.url = "github:numtide/flake-utils"; # Required for making sure that Pi-hole continures running if the executing user has no active session #linger = { #url = "github:mindsbackyard/linger-flake"; #inputs.flake-utils.follows = "flake-utils"; #}; #pihole = { #url = "github:mindsbackyard/pihole-flake"; #inputs.nixpkgs.follows = "nixpkgs"; #inputs.flake-utils.follows = "flake-utils"; #inputs.linger.follows = "linger"; #}; }; outputs = { self, nixpkgs, nixpkgs_stable, vps_nixpkgs, home-manager, flake-utils }@attrs: let system = "x86_64-linux"; homeManagerSharedModule = { home-manager.useGlobalPkgs = true; home-manager.users.marcus = { config, pkgs, lib, ... }:{ # This value determines the Home Manager release that your # configuration is compatible with. This helps avoid breakage # when a new Home Manager release introduces backwards # incompatible changes. # # You can update Home Manager without changing this value. See # the Home Manager release notes for a list of state version # changes in each release. home.stateVersion = "22.11"; home.packages = with pkgs; [ ]; programs.starship = { enable = true; enableBashIntegration = true; settings = { add_newline = false; format = lib.concatStrings [ "$username" "$hostname" "$directory" "$jobs" "$cmd_duration" "$character" ]; directory = { truncation_length = 10; truncate_to_repo = false; }; scan_timeout = 10; character = { success_symbol = "➜"; error_symbol = "➜"; }; }; }; programs.git = { enable = true; userName = "Marcus Godwin"; userEmail = "godwin3@gatech.edu"; }; programs.vim = { enable = true; plugins = with pkgs.vimPlugins; [ nerdcommenter vim-polyglot #parinfer-rust ]; settings = { # Is the need for these obliviated by vim-polyglot using sleuth? #expandtab = false; tabstop = 4; shiftwidth = 4; }; extraConfig = '' set number set hlsearch nnoremap m :bn nnoremap t :tabnew nnoremap . :tabn nnoremap , :tabp nnoremap v :vsplit nnoremap h :split nnoremap q :q inoremap jk inoremap kj " Thanks to https://unix.stackexchange.com/questions/140898/vim-hide-status-line-in-the-bottom let s:hidden_all = 0 function! ToggleHiddenAll() if s:hidden_all == 0 let s:hidden_all = 1 set noshowmode set noruler set laststatus=0 set noshowcmd else let s:hidden_all = 0 set showmode set ruler set laststatus=2 set showcmd endif endfunction nnoremap :call ToggleHiddenAll() ''; }; programs.tmux = { enable = true; extraConfig = '' #$Id: vim-keys.conf,v 1.2 2010-09-18 09:36:15 nicm Exp $ # # vim-keys.conf, v1.2 2010/09/12 # # By Daniel Thau. Public domain. # # This configuration file binds many vi- and vim-like bindings to the # appropriate tmux key bindings. Note that for many key bindings there is no # tmux analogue. This is intended for tmux 1.3, which handles pane selection # differently from the previous versions # split windows like vim # vim's definition of a horizontal/vertical split is reversed from tmux's bind s split-window -v bind v split-window -h # move around panes with hjkl, as one would in vim after pressing ctrl-w bind h select-pane -L bind j select-pane -D bind k select-pane -U bind l select-pane -R # resize panes like vim # feel free to change the "1" to however many lines you want to resize by, only # one at a time can be slow bind < resize-pane -L 1 bind > resize-pane -R 1 bind - resize-pane -D 1 bind + resize-pane -U 1 # bind : to command-prompt like vim # this is the default in tmux already bind : command-prompt # vi-style controls for copy mode setw -g mode-keys vi ''; }; }; }; commonConfigFunc = ({ config, lib, pkgs, modulesPath, ... }: (specificPkgs: { nixpkgs.config.allowUnfree = true; nix.settings.experimental-features = [ "nix-command" "flakes" ]; networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. time.timeZone = "America/New_York"; users.extraUsers.marcus = { name = "marcus"; isNormalUser = true; group = "users"; extraGroups = [ "wheel" "disk" "audio" "video" "networkmanager" "systemd-journal" "sway" "plugdev" "adbusers" "docker" ]; createHome = true; home = "/home/marcus"; shell = "/run/current-system/sw/bin/bash"; }; users.extraUsers.nathan = { name = "nathan"; isNormalUser = true; group = "users"; extraGroups = [ "wheel" "disk" "audio" "video" "networkmanager" "systemd-journal" "sway" "plugdev" "adbusers" "docker" ]; createHome = true; home = "/home/nathan"; shell = "/run/current-system/sw/bin/bash"; }; # Pi Hole + docker setup virtualisation.oci-containers.backend = "docker"; virtualisation.docker.autoPrune.enable = true; virtualisation.oci-containers.containers.pihole = { #image = "pihole/pihole:2023.02.2"; image = "pihole/pihole:latest"; ports = [ "5353:53/upd" "5353:53/tcp" "9091:80/tcp" ]; volumes = [ "/var/lib/pihole/:/etc/pihole/" "/var/lib/dnsmasq.d:/etc/dnsmasq.d" ]; environment = { TZ = config.time.timeZone; WEB_PORT = "80"; WEBPASSWORD = "critical"; PIHOLE_DNS_ = "172.17.0.1"; REV_SERVER = "true"; REV_SERVER_DOMAIN = "pihole.local"; REV_SERVER_TARGET = "192.168.1.1"; REV_SERVER_CIDR = "192.168.1.0/16"; DNSMASQ_LISTENING = "all"; }; extraOptions = [ "--add-host=host.docker.internal:host-gateway" ]; }; #systemd.services."docker-pihole".postStart = '' #while ! docker ps | grep pihole; do #sleep 10s #echo "Waiting on containers" #done #sleep 30s #docker exec pihole pihole -a adlist add "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" #docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/AdguardDNS.txt" #docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/Easylist.txt" #docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/Easyprivacy.txt" #docker exec pihole pihole -g #''; # Enable flatpak for installing/running steam link software services.flatpak.enable = true; # testing services.jellyfin.enable = true; services.pipewire = { enable = true; alsa.enable = true; pulse.enable = true; }; services.dbus.enable = true; xdg.portal = { enable = true; wlr.enable = true; extraPortals = [pkgs.xdg-desktop-portal-gtk ]; gtkUsePortal = true; }; nixpkgs.overlays = [ (self: super: { glusterfs = (import nixpkgs_stable { inherit system; overlays = []; }).pkgs.glusterfs; }) ]; services.glusterfs.enable = true; programs.sway = { enable = true; wrapperFeatures.gtk = true; extraPackages = with pkgs; [ swaylock # lockscreen swayidle xwayland # for legacy apps #waybar # status bar mako # notification daemon kanshi # autorandr bemenu # is this right? i3status ffmpeg_5-full ]; }; environment = { etc = { "sway/config".source = ./sway_config; }; }; # For steam, and Vulkan in general hardware.opengl.driSupport = true; hardware.opengl.driSupport32Bit = true; nixpkgs.config.packageOverrides = pkgs: { vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; }; hardware.opengl = { enable = true; extraPackages = with pkgs; [ intel-media-driver vaapiIntel vaapiVdpau libvdpau-va-gl intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) ]; }; environment.systemPackages = with pkgs; [ tmux vim wget curl git w3m iftop iotop killall file unzip zip ripgrep imv killall gomuks htop firefox-wayland chromium gnome.nautilus vlc steam transmission-gtk mupdf foot pavucontrol pywal sway wayland glib dracula-theme gnome.adwaita-icon-theme wl-clipboard (pkgs.writeTextFile { name = "dbus-sway-environment"; destination = "/bin/dbus-sway-environment"; executable = true; text = '' dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr ''; }) # currently, there is some friction between sway and gtk: # https://github.com/swaywm/sway/wiki/GTK-3-settings-on-Wayland # the suggested way to set gtk settings is with gsettings # for gsettings to work, we need to tell it where the schemas are # using the XDG_DATA_DIR environment variable # run at the end of sway config (pkgs.writeTextFile { name = "configure-gtk"; destination = "/bin/configure-gtk"; executable = true; text = let schema = pkgs.gsettings-desktop-schemas; datadir = "${schema}/share/gsettings-schemas/${schema.name}"; in '' export XDG_DATA_DIRS=${datadir}:$XDG_DATA_DIRS gnome_schema=org.gnome.desktop.interface gsettings set $gnome_schema gtk-theme 'Dracula' ''; }) ] ++ specificPkgs; programs.waybar.enable = true; # kanshi systemd service systemd.user.services.kanshi = { description = "kanshi daemon"; serviceConfig = { Type = "simple"; ExecStart = "${pkgs.kanshi}/bin/kanshi -c kanshi_config_file"; }; }; services.openssh.enable = true; services.tailscale.enable = true; networking.firewall.enable = false; #services.pihole = { #enable = true; #hostConfig = { #user = "pihole"; #enableLingeringForUser = true; #persistVolumes = true; #dnsPort = 5335; #webPort = 8080; #}; #piholeConfig.ftl = { #LOCAL_IPV4 = "192.168.4.200"; #}; #piholeConfig.web = { #virtualHost = "pi.hole"; #password = "password"; #}; #}; #networking.firewall.interfaces.eth0 = { #allowedTCPPorts = [ 5335 8080 ]; #allowedUDPPorts = [ 5335 ]; #}; })); in { nixosConfigurations.panam = nixpkgs.lib.nixosSystem { inherit system; specialArgs = attrs; modules = [ # make the module declared by linger flake available to our config #linger.nixosModules.${system}.default #pihole.nixosModules.${system}.default home-manager.nixosModules.home-manager homeManagerSharedModule ({ config, lib, pkgs, modulesPath, ... }@innerArgs: (lib.recursiveUpdate (commonConfigFunc innerArgs []) { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; # needed for stable restarts of pi-hole container #boot.cleanTmpDir = true; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ ]; boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/b22f705d-8d3d-4d6c-997d-226399f03e18"; fsType = "ext4"; }; fileSystems."/boot" = { device = "/dev/disk/by-uuid/BE49-6634"; fsType = "vfat"; }; swapDevices = [ { device = "/dev/disk/by-uuid/9b8aa223-f67b-4c1a-9161-a3daec3dfefc"; } ]; # Mounted data drives for use by glusterfs fileSystems."/data/brick1" = { device = "/dev/disk/by-label/gfs_ssd1"; fsType = "xfs"; }; fileSystems."/data/brick2" = { device = "/dev/disk/by-label/gfs_hdd1"; fsType = "xfs"; }; fileSystems."/data/brick3" = { device = "/dev/disk/by-label/gfs_hdd2"; fsType = "xfs"; }; # Glusterfs shared storage fileSystems."/ghost_in_the_stream" = { device = "panam:/gv0"; fsType = "glusterfs"; }; networking.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; # high-resolution display hardware.video.hidpi.enable = lib.mkDefault true; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; # don't suspend on lid close services.logind.lidSwitch = "ignore"; networking.hostName = "panam"; # Define your hostname. system.stateVersion = "22.11"; # Did you read the comment? })) ]; }; }; }