phundrak/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
Lucien Cartier-Tilet
2025-05-04 02:47:36 +02:00
commit d5e06f3f49
91 changed files with 9063 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
hosts/gampo/configuration.nix Normal file
View File

@@ -0,0 +1,63 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
config,
pkgs,
inputs,
...
}: {
imports = [
inputs.sops-nix.nixosModules.sops
./system/hardware-configuration.nix
./services.nix
../../modules/system.nix
../../modules/sops.nix
../../modules/opentablet.nix
../../programs/steam.nix
];
sops.secrets.extraHosts = {
inherit (config.users.users.root) group;
owner = config.users.users.phundrak.name;
mode = "0440";
};
boot.initrd.kernelModules = ["i915"];
system = {
boot.plymouth.enable = true;
docker = {
enable = true;
autoprune.enable = true;
podman.enable = true;
};
networking = {
hostname = "gampo";
id = "0630b33f";
hostFiles = [config.sops.secrets.extraHosts.path];
};
sound.enable = true;
};
security.rtkit.enable = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
curl
openssl
wget
];
nix.settings.trusted-users = ["root" "phundrak"];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database
# versions on your system were taken. Its perfectly fine and
# recommended to leave this value at the release version of the
# first install of this system. Before changing this value read
# the documentation for this option (e.g. man configuration.nix or
# on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
}

15
hosts/gampo/services.nix Normal file
View File

@@ -0,0 +1,15 @@
{
imports = [
./services/gnome.nix
];
services = {
# Enable CUPS to print documents.
printing.enable = true;
openssh.enable = true;
fwupd.enable = true;
udev.extraRules = ''
ATTRS{name}=="*TPPS/2 IBM TrackPoint", ENV{ID_INPUT}="", ENV{ID_INPUT_MOUSE}="", ENV{ID_INPUT_POINTINGSTICK}=""
'';
};
}

11
hosts/gampo/services/gnome.nix Normal file
View File

@@ -0,0 +1,11 @@
{
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
xkb = {
layout = "fr";
variant = "bepo";
};
};
}

46
hosts/gampo/system/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,46 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd.availableKernelModules = ["ehci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci"];
initrd.kernelModules = [];
kernelModules = ["kvm-intel"];
extraModulePackages = [];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/1a8adc62-a11c-4d80-a000-9d37a4fce7b7";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/4032-0CCF";
fsType = "vfat";
};
};
swapDevices = [{device = "/dev/disk/by-uuid/85b7722a-4859-4fe6-b838-660314443638";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s25.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wwp0s29u1u4.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

78
hosts/marpa/configuration.nix Normal file
View File

@@ -0,0 +1,78 @@
{
config,
pkgs,
inputs,
...
}: {
imports = [
inputs.sops-nix.nixosModules.sops
./system/hardware-configuration.nix
./services.nix
../../modules/system.nix
../../modules/sops.nix
../../modules/opentablet.nix
../../programs/flatpak.nix
../../programs/steam.nix
];
sops.secrets.extraHosts = {
inherit (config.users.users.root) group;
owner = config.users.users.phundrak.name;
mode = "0440";
};
security.polkit.enable = true;
fileSystems."/games" = {
device = "/dev/disk/by-uuid/77d32db8-2e85-4593-b6b8-55d4f9d14e1a";
fsType = "ext4";
};
system = {
amdgpu.enable = true;
boot.plymouth.enable = true;
docker = {
enable = true;
podman.enable = true;
autoprune.enable = true;
};
networking = {
hostname = "marpa";
id = "7EA4A111";
hostFiles = [config.sops.secrets.extraHosts.path];
firewall.openPortRanges = [
{
# Sunshine
from = 1714;
to = 1764;
}
];
};
sound = {
enable = true;
jack = true;
};
};
security.rtkit.enable = true;
nix.settings.trusted-users = ["root" "phundrak"];
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
clinfo # AMD
curl
openssl
wget
];
programs.nix-ld.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
}

23
hosts/marpa/services.nix Normal file
View File

@@ -0,0 +1,23 @@
{
imports = [
../../modules/ssh.nix
../../modules/sunshine.nix
../../modules/xserver.nix
];
modules = {
xserver = {
amdgpu.enable = true;
de = "gnome";
};
sunshine = {
enable = true;
autostart = true;
};
};
services = {
printing.enable = true;
openssh.enable = true;
fwupd.enable = true;
};
}

11
hosts/marpa/services/gnome.nix Normal file
View File

@@ -0,0 +1,11 @@
{
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
xkb = {
layout = "fr";
variant = "bepo_afnor";
};
};
}

50
hosts/marpa/system/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,50 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "thunderbolt" "usb_storage" "usbhid" "sd_mod"];
initrd.kernelModules = [];
kernelModules = ["kvm-amd"];
extraModulePackages = [];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/3738e245-f6aa-4ed8-a97b-c7bf199a7810";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/A2C1-2147";
fsType = "vfat";
options = ["fmask=0077" "dmask=0077"];
};
"/home" = {
device = "/dev/disk/by-uuid/532f1e53-2cd7-4345-82ec-7309f816cfb8";
fsType = "btrfs";
};
};
swapDevices = [{device = "/dev/disk/by-uuid/acdf872f-274c-4316-aeed-11bb1bbde6b8";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp17s0u9.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

83
hosts/tilo/configuration.nix Normal file
View File

@@ -0,0 +1,83 @@
# Edit this configuration file to define what should be installed on your
# system. Help is available in the configuration.nix(5) man page and in
# the NixOS manual (accessible by running nixos-help).
{
pkgs,
inputs,
...
}: {
imports = [
./hardware-configuration.nix
inputs.home-manager.nixosModules.default
../../modules/locale.nix
../../modules/system.nix
../../modules/ssh.nix
../../modules/endlessh.nix
../../programs/nano.nix
];
system = {
amdgpu.enable = false;
boot = {
kernel = {
hardened = true;
cpuVendor = "amd";
};
zfs = {
enable = true;
pools = ["tank"];
};
};
docker.enable = true;
networking = {
hostname = "tilo";
id = "7110b33f";
firewall = {
openPorts = [
22 # SSH
80 # HTTP
443 # HTTPS
2222 # endlessh
25565 # Minecraft
];
extraCommands = ''
iptables -I INPUT 1 -i 172.16.0.0/12 -p tcp -d 172.17.0.1 -j ACCEPT
iptables -I INPUT 1 -i 172.16.0.0/12 -p tcp -d 172.17.0.1 -j ACCEPT
'';
};
};
nix.gc.automatic = true;
sound.enable = false;
users = {
root.disablePassword = true;
phundrak = true;
};
console.keyMap = "fr-bepo";
};
modules = {
ssh = {
enable = true;
allowedUsers = ["phundrak"];
passwordAuthentication = false;
};
endlessh.enable = true;
};
nixpkgs.config.allowUnfree = true;
environment.systemPackages = [pkgs.openssl];
# imports = [
# # Include the results of the hardware scan.
# ./services.nix
# ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.11"; # Did you read the comment?
}

45
hosts/tilo/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,45 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd.availableKernelModules = ["xhci_pci" "ahci" "mpt3sas" "usb_storage" "usbhid" "sd_mod"];
initrd.kernelModules = [];
kernelModules = ["kvm-amd"];
extraModulePackages = [];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/6f6bb286-3848-482e-b18c-940b459425c8";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/8A5A-5720";
fsType = "vfat";
options = ["fmask=0077" "dmask=0077"];
};
};
swapDevices = [{device = "/dev/disk/by-uuid/a0be51cb-11fa-4087-a14b-c314e35fc34f";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}