jmug/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[Devbox] Reinstall and turn it into a usable desktop.

Browse source 
Signed-off-by: jmug <u.g.a.mariano@gmail.com>

arst

Signed-off-by: jmug <u.g.a.mariano@gmail.com>
This commit is contained in:
Mariano Uvalle 2025-07-07 00:47:47 -07:00
parent db114aafdf
commit a42e0442f6
8 changed files with 223 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

98
hosts/devbox/configuration.nix
View file

@ -1,7 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
{ config, lib, pkgs, ghostty, ... }:
let
pubKeys = lib.filesystem.listFilesRecursive ../common/keys;
in
@ -9,6 +9,9 @@ in
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
# Sops and other stuff.
../common/core
../common/optional/yubikey.nix
];
# Use the systemd-boot EFI boot loader.
@ -16,9 +19,26 @@ in
boot.loader.efi.canTouchEfiVariables = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
virtualisation.docker.enable = true;
# Bluetooth.
hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = true;
services.blueman.enable = true;
# WiFi
networking.hostName = "nixbox"; # Define your hostname.
networking.wireless = {
enable = true;
secretsFile = config.sops.secrets."wireless.env".path;
networks = {
"UG_LivingRoom_5G" = {
pskRaw = "ext:home_psk";
};
};
};
time.timeZone = "America/Los_Angeles";
@ -49,6 +69,80 @@ in
users.users.root = {
shell = pkgs.zsh;
};
programs.neovim = {
enable = true;
defaultEditor = true;
};
environment.systemPackages = with pkgs; [
keyd
htop
# Misc utils
ripgrep
fzf
unzip
nautilus
# Terminal
ghostty.packages.x86_64-linux.default
kitty
# Theming
palenight-theme
# Lock screen
hyprlock
# Idling
sway-audio-idle-inhibit
];
fonts = {
fontDir.enable = true;
packages = with pkgs; [
nerd-fonts.bigblue-terminal
nerd-fonts.fira-code
nerd-fonts.caskaydia-cove
];
};
security.pam.services.hyprlock = {};
programs.hyprland = {
enable = true;
xwayland.enable = true;
};
environment.sessionVariables = {
# Enable wayland support for chromium/electron apps.
GDK_BACKEND = "wayland";
NIXOS_OZONE_WL = "1";
MOZ_ENABLE_WAYLAND = "1";
QT_QPA_PLATFORM = "wayland";
# This caused issues with walker, but might be some other
# issue with wayland/hyprland, so will leave it here for now.
# QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
# WLR_NO_HARDWARE_CURSORS = "1";
};
# This is not really enabling X11, bad naming.
services.xserver = {
enable = true;
displayManager.gdm = {
enable = true;
wayland = true;
};
};
# This is used to scale the gdm login screen,
# try to set it up for fractional scaling in
# the future.
# home-manager.users.gdm = { lib, ... }: {
# home.stateVersion = "25.05"; # Do not change!!!
# dconf.settings = {
# "org/gnome/desktop/interface" = {
# scaling-factor = lib.hm.gvariant.mkUint32 2;
# };
# };
# };
# USB devices.
services.devmon.enable = true;
services.gvfs.enable = true;
services.udisks2.enable = true;
# List services that you want to enable:
@ -68,5 +162,5 @@ in
# Or disable the firewall altogether.
networking.firewall.enable = false;
system.stateVersion = "24.11"; # Did you read the comment?
system.stateVersion = "25.05"; # Did you read the comment?
}

10
hosts/devbox/hardware-configuration.nix
View file

@ -14,19 +14,17 @@
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/67dc8c71-37ca-4340-945a-cfd1befe2aa1";
{ device = "/dev/disk/by-uuid/66e590ea-a84b-442c-b099-f97a160153f6";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/9FBA-15AF";
{ device = "/dev/disk/by-uuid/4419-F037";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/16fa084b-0350-4416-9597-36010f16011d"; }
];
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -34,7 +32,7 @@
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

85
hosts/devbox/home.nix
View file

@ -1,22 +1,57 @@
{ inputs, config, pkgs, ssh-agent-switcher, ... } :
{
{ lib, inputs, config, pkgs, ssh-agent-switcher, ... } :
let
pathToKeys = ../common/keys/yubi;
yubiKeys =
lib.lists.forEach (builtins.attrNames (builtins.readDir pathToKeys))
(key: lib.substring 0 (lib.stringLength key - lib.stringLength ".pub") key); # Remove .pub suffix.
yubikeyPublicKeyEntries = lib.attrsets.mergeAttrsList (
lib.lists.map
(key: { ".ssh/${key}.pub".source = "${pathToKeys}/${key}.pub"; })
yubiKeys
);
in {
imports = [
../../home-modules/hyprland
../../home-modules/default.nix
../../home-modules/nvim.nix
../../home-modules/tmux.nix
../../home-modules/direnv.nix
../../home-modules/ghostty-config.nix
../../home-modules/git.nix
../../home-modules/lazygit.nix
../../home-modules/nvim.nix
../../home-modules/sops.nix
# ../../home-modules/ssh-client.nix
../../home-modules/starship.nix
../../home-modules/direnv.nix
../../home-modules/tmux.nix
../../home-modules/zsh.nix
];
ghostty.font-size = "16";
ghostty.window-decoration = false;
home = {
username = "jmug";
homeDirectory = "/home/jmug";
packages = with pkgs; [
# Media
loupe
vlc
# Audio
wireplumber
spotify-player
# Secret management.
age
sops
# Browsers
ungoogled-chromium
# Coms
(webcord.override { electron = inputs.nixpkgs-electron-32.legacyPackages."aarch64-linux".electron; })
whatsie
obs-studio
# Misc
zig
neofetch
fzf
@ -25,20 +60,28 @@
git
wget
exercism
# Thin provisioning tools
thin-provisioning-tools
];
stateVersion = "24.11";
file = {} // yubikeyPublicKeyEntries;
pointerCursor = {
gtk.enable = true;
x11.enable = true;
hyprcursor.enable = true;
name = "Posy_Cursor_Black";
package = pkgs."posy-cursors";
};
stateVersion = "25.05";
};
programs.zsh = {
shellAliases = {
# TODO BEGIN Interpolate the name of the host here.
flakeconf = "sudo nvim /etc/nixos/flake.nix";
nosconf = "sudo nvim /etc/nixos/hosts/devbox/configuration.nix";
homeconf = "sudo nvim /etc/nixos/hosts/devbox/home.nix";
nvconf = "sudo nvim /etc/nixos/home-modules/explicit-configs/nvim/init.lua";
# flakeconf = "sudo nvim /etc/nixos/flake.nix";
# nosconf = "sudo nvim /etc/nixos/hosts/devbox/configuration.nix";
# homeconf = "sudo nvim /etc/nixos/hosts/devbox/home.nix";
# nvconf = "sudo nvim /etc/nixos/home-modules/explicit-configs/nvim/init.lua";
# TODO END Interpolate the name of the host here.
rshellconf = "source ~/.zshrc";
# TODO: Interpolate the name of the host here.
@ -61,6 +104,24 @@
programs.ssh = {
enable = true;
addKeysToAgent = "confirm";
matchBlocks = {
"git" = {
host = "github.com";
user = "git";
identityFile = [
"/home/jmug/.ssh/id_yubikey" # Auto updated symlik that matches all yubikeys.
"/home/jmug/.ssh/id_jmug" # Fallback key with passphrase.
];
};
"forgejo" = {
host = "code.jmug.me";
user = "forgejo";
identityFile = [
"/home/jmug/.ssh/id_yubikey" # Auto updated symlik that matches all yubikeys.
"/home/jmug/.ssh/id_jmug" # Fallback key with passphrase.
];
};
};
# matchBlocks = {
# alarm = {
# user = "alarm";