-
+{ config, pkgs, inputs, lib, ... } @ args:
+{
# Containers
containers = {
im = {
networking.nat.internalInterfaces = ["ve-+"];
networking.nat.externalInterface = "eth0";
networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
+}
-
+{ config, pkgs, inputs, lib, ... } @ args:
+{
# incus admin init --minimal
# incus image list images:
# incus launch images:ubuntu/noble <name>
virtualisation.incus.enable = true;
virtualisation.incus.ui.enable = true;
networking.firewall.trustedInterfaces = [ "incusbr0" ];
-
+}
{ config, pkgs, inputs, lib, ... } @ args:
{
networking.nftables.enable = true;
- networking.hostName = "thinkpad"; # Define your hostname.
+ networking.hostName = "acer"; # Define your hostname.
# Enable networking
# networking.networkmanager.enable = true;
networking.firewall.allowedTCPPorts = [ 22 1234 5900 6011 6021 6022 8080 53317 7236 7250 ];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.download-buffer-size = 500000000;
nix.settings.trusted-users = ["root" "ps"];
- nix.settings.experimental-features = [ "nix-command" "flakes" ];
- nix.settings.download-buffer-size = 500000000;
- nix.settings.trusted-users = ["root" "ps"];
nixpkgs.config.allowUnfree = true;
# Set your time zone.
LC_TIME = "de_DE.UTF-8";
};
- # This value determines the NixOS release from which the default
- # settings for stateful data, like file locations and database versions
- # on your system were taken. It‘s perfectly fine and recommended to leave
- # this value at the release version of the first install of this system.
- # Before changing this value read the documentation for this option
- # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
- system.stateVersion = "24.05"; # Did you read the comment?
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}
];
# Bootloader.
- boot.tmp.cleanOnBoot = true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.plymouth.enable = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelParams = [ "quiet" "udev.log_level=0" "amdgpu.runpm=0" ];
- # incus admin init --minimal
- # incus image list images:
- # incus launch images:ubuntu/noble <name>
- # incus exec <name> -- /bin/bash
- # incus exec <name> -- adduser --shell /bin/bash --ingroup sudo ps
- # incus exec <name> -- su - ps -c 'tmux new-session -A -s main'
- virtualisation.incus.enable = true;
- virtualisation.incus.ui.enable = true;
- networking.nftables.enable = true;
- networking.firewall.trustedInterfaces = [ "incusbr0" ];
-
- networking.hostName = "thinkpad"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
- nix.settings.experimental-features = [ "nix-command" "flakes" ];
- nix.settings.download-buffer-size = 500000000;
- nix.settings.trusted-users = ["root" "ps"];
-
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
- # Enable networking
- networking.networkmanager.enable = true;
-
- # Set your time zone.
- time.timeZone = "Europe/Berlin";
-
- # Select internationalisation properties.
- i18n.defaultLocale = "de_DE.UTF-8";
-
- i18n.extraLocaleSettings = {
- LC_ADDRESS = "de_DE.UTF-8";
- LC_IDENTIFICATION = "de_DE.UTF-8";
- LC_MEASUREMENT = "de_DE.UTF-8";
- LC_MONETARY = "de_DE.UTF-8";
- LC_NAME = "de_DE.UTF-8";
- LC_NUMERIC = "de_DE.UTF-8";
- LC_PAPER = "de_DE.UTF-8";
- LC_TELEPHONE = "de_DE.UTF-8";
- LC_TIME = "de_DE.UTF-8";
- };
programs.dconf.enable = true;
programs.steam.enable = true;
- # Containers
- containers = {
- im = {
- ephemeral = true;
- # privateNetwork = true;
- localAddress = "10.23.45.2";
- hostAddress = "10.23.45.1";
-
- bindMounts."/per".hostPath = "/var/lib/nixos-containers/im";
- bindMounts."/per".isReadOnly = false;
-
- extraFlags = [
- "--property='MemoryMax=60M'"
- "--property='MemoryHigh=50M'"
- "--property='CPUQuota=4%'"
- ];
-
- config = { config, pkgs, ... }: {
- imports = [ inputs.impermanence.nixosModules.impermanence ];
-
- environment.persistence."/per" = {
- directories = [
- "/var/log"
- "/var/lib"
- { directory = "/home/ps"; user = "ps"; group = "users"; mode = "0750"; }
- ];
- files = [];
- };
- environment.systemPackages = with pkgs; [ helix python312 deno ];
-
- users.users.ps = { isNormalUser = true; };
-
- networking.firewall.allowedTCPPorts = [ 80 8080 ];
-
- system.stateVersion = "25.05";
- };
- };
- };
- networking.nat.enable = true;
- networking.nat.internalInterfaces = ["ve-+"];
- networking.nat.externalInterface = "eth0";
- networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
# Services
services = {
};
};
- services.syncthing = {
- enable = true;
- user = "ps";
- dataDir = "/home/ps/sync";
- configDir = "/home/ps/.config/syncthing";
- };
-
# services.auto-cpufreq.enable = true;
services.auto-cpufreq.settings = {
battery = {
# lidSwitch = "suspend";
# };
- # Configure console keymap
- console.keyMap = "de-latin1-nodeadkeys";
-
- # Enable CUPS to print documents.
- services.printing.enable = true;
- services.printing.drivers = [ pkgs.gutenprint ];
-
- # Enable scanners
- hardware.sane.enable = true;
- hardware.sane.extraBackends = [ pkgs.hplipWithPlugin pkgs.sane-airscan ];
- services.avahi.enable = true;
- services.avahi.nssmdns4 = true;
- services.avahi.reflector = true;
- services.udev.packages = [ pkgs.sane-airscan ];
-
# Enable Bluetooth
hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = false;
# naturalScrolling = false;
# };
- # Define a user account. Don't forget to set a password with ‘passwd’.
- users.groups.ssh = {};
- users.users = {
- ps = {
- isNormalUser = true;
- description = "Patrick";
- shell = pkgs.bash;
- extraGroups = [ "networkmanager" "wheel" "dialout" "jackaudio" "lp" "incus-admin" ];
- };
- # sshd = {
- # isSystemUser = true;
- # packages = [
- # pkgs.python3
- # ];
- # group = "ssh";
- # };
- chirp = {
- isSystemUser = true;
- packages = [
- pkgs.python3
- ];
- group = "ssh";
- shell = pkgs.bash;
- initialPassword = "chirp";
- };
- };
-
- security.polkit.enable = true;
- security.sudo.wheelNeedsPassword = false;
-
- home-manager = {
- backupFileExtension = "backup";
- extraSpecialArgs = {
- inherit inputs;
- inherit wallpaper;
- };
- users = {
- "ps" = import ./home-ps.nix;
- "root" = { home.stateVersion = "24.05"; };
- };
- sharedModules = [
- (import ./home-common.nix)
- ];
- };
-
- # Enable automatic login for the user.
- # services.displayManager.autoLogin.enable = true;
- # services.displayManager.autoLogin.user = "ps";
- # services.getty.autologinUser = "ps";
-
# Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
# systemd.services."getty@tty1".enable = false;
# systemd.services."autovt@tty1".enable = false;
# Allow unfree packages
- nixpkgs.config.allowUnfree = true;
environment.variables = {
RUSTICL_ENABLE = "radeonsi";
};
- # List packages installed in system profile. To search, run:
- # $ nix search wget
- environment.systemPackages = with pkgs; [
- args.inputs.zls.inputs.zig-overlay.packages.${pkgs.system}.master
- args.inputs.zls.packages.${pkgs.system}.zls
- args.inputs.psch-flakes.packages.${pkgs.system}.resetmsmice
- args.inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.zuban
- vim wget file git kitty i3 gdb
- mosh
- cmake
- entr
- asciinema asciinema-agg
- shellify
- deno
- typst
- jdt-language-server
- google-java-format
-
- scrcpy
-
- xsel
- xcwd
-
- pinta
- mupdf
- davinci-resolve
-
- pavucontrol
- syncthingtray
- # xfce plugins
- xfce.xfce4-panel
- xfce.xfce4-pulseaudio-plugin
- # xfce.xfce4-verve-plugin
- xfce.xfce4-notes-plugin
- # xfce.xfce4-timer-plugin
- # xfce.xfce4-windowck-plugin
- xfce.thunar-archive-plugin
- # xfce.xfce4-i3-workspaces-plugin
- # xfce.xfce4-xkb-plugin
- xfce.xfce4-whiskermenu-plugin
-
- ];
-
- programs.xfconf.enable = true;
- programs.nix-ld.enable = true;
- programs.direnv.enable = true;
- programs.direnv.nix-direnv.enable = true;
-
- services.fwupd.enable = true;
-
- # Some programs need SUID wrappers, can be configured further or are
- # started in user sessions.
- # programs.mtr.enable = true;
- # programs.gnupg.agent = {
- # enable = true;
- # enableSSHSupport = true;
- # };
-
- # List services that you want to enable:
-
- # Enable the OpenSSH daemon.
- services.openssh = {
- enable = true;
- ports = [ 22 ];
- # settings = {
- # PasswordAuthentication = false;
- # PermitRootLogin = "no";
- # };
- # authorizedKeysCommand =
- # let keys = pkgs.writers.writePython3Bin "keys" {} ''
- # import sys
- #
- # args = sys.argv
- #
- # print(args)
- # '';
- # in
- # "${keys}/bin/keys";
- # authorizedKeysCommandUser = "ps";
- };
# Open ports in the firewall.
- networking.firewall.allowedTCPPorts = [ 22 1234 5900 6011 6021 6022 8080 53317 7236 7250 ];
- networking.firewall.allowedUDPPorts = [ 5901 53317 7236 5353 ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
- # This value determines the NixOS release from which the default
- # settings for stateful data, like file locations and database versions
- # on your system were taken. It‘s perfectly fine and recommended to leave
- # this value at the release version of the first install of this system.
- # Before changing this value read the documentation for this option
- # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
- system.stateVersion = "24.05"; # Did you read the comment?
}
},
"locked": {
"dir": "pkgs/firefox-addons",
- "lastModified": 1752033806,
- "narHash": "sha256-XUHXDV8vwVjX6aYeJmPShMGJI9jx+JC0yWw0hsKbtMw=",
+ "lastModified": 1765080359,
+ "narHash": "sha256-BvAgmqgswcokD2eWoyO3uB1k1VTdpxDHGSx0RYRFjDg=",
"owner": "rycee",
"repo": "nur-expressions",
- "rev": "08bd298d38f4110a3049cbe1876c1c77a8b4797f",
+ "rev": "35f8ab2ecd954b3a348aa0e253878211c48a0aa7",
"type": "gitlab"
},
"original": {
}
},
"flake-compat": {
+ "flake": false,
+ "locked": {
+ "lastModified": 1761588595,
+ "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
+ "type": "github"
+ },
+ "original": {
+ "owner": "edolstra",
+ "repo": "flake-compat",
+ "type": "github"
+ }
+ },
+ "flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
]
},
"locked": {
- "lastModified": 1709087332,
- "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
+ "lastModified": 1762808025,
+ "narHash": "sha256-XmjITeZNMTQXGhhww6ed/Wacy2KzD6svioyCX7pkUu4=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
- "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
+ "rev": "cb5e3fdca1de58ccbc3ef53de65bd372b48f567c",
"type": "github"
},
"original": {
]
},
"locked": {
- "lastModified": 1751810233,
- "narHash": "sha256-kllkNbIqQi3VplgTMeGzuh1t8Gk8TauvkTRt93Km+tQ=",
+ "lastModified": 1763992789,
+ "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=",
"owner": "nix-community",
"repo": "home-manager",
- "rev": "9b0873b46c9f9e4b7aa01eb634952c206af53068",
+ "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3",
"type": "github"
},
"original": {
"type": "github"
}
},
+ "nixos-wsl": {
+ "inputs": {
+ "flake-compat": "flake-compat",
+ "nixpkgs": "nixpkgs"
+ },
+ "locked": {
+ "lastModified": 1764730608,
+ "narHash": "sha256-FxKIa3OCSRVC23qrk7VT68vExUcmSruJ8OobVlSWOxc=",
+ "owner": "nix-community",
+ "repo": "NixOS-WSL",
+ "rev": "10124c58674360765adcb38c9a8b081fb72904e4",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nix-community",
+ "ref": "main",
+ "repo": "NixOS-WSL",
+ "type": "github"
+ }
+ },
"nixpkgs": {
"locked": {
- "lastModified": 1751943650,
- "narHash": "sha256-7orTnNqkGGru8Je6Un6mq1T8YVVU/O5kyW4+f9C1mZQ=",
- "owner": "nixos",
+ "lastModified": 1764517877,
+ "narHash": "sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4=",
+ "owner": "NixOS",
"repo": "nixpkgs",
- "rev": "88983d4b665fb491861005137ce2b11a9f89f203",
+ "rev": "2d293cbfa5a793b4c50d17c05ef9e385b90edf6c",
"type": "github"
},
"original": {
- "owner": "nixos",
- "ref": "nixos-25.05",
+ "owner": "NixOS",
+ "ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
- "lastModified": 1758427187,
- "narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=",
+ "lastModified": 1764950072,
+ "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "554be6495561ff07b6c724047bdd7e0716aa7b46",
+ "rev": "f61125a668a320878494449750330ca58b78c557",
"type": "github"
},
"original": {
"type": "github"
}
},
+ "nixpkgs_2": {
+ "locked": {
+ "lastModified": 1764939437,
+ "narHash": "sha256-4TLFHUwXraw9Df5mXC/vCrJgb50CRr3CzUzF0Mn3CII=",
+ "owner": "nixos",
+ "repo": "nixpkgs",
+ "rev": "00d2457e2f608b4be6fe8b470b0a36816324b0ae",
+ "type": "github"
+ },
+ "original": {
+ "owner": "nixos",
+ "ref": "nixos-25.05",
+ "repo": "nixpkgs",
+ "type": "github"
+ }
+ },
"ps-flakes": {
"inputs": {
"flake-utils": "flake-utils",
"firefox-addons": "firefox-addons",
"home-manager": "home-manager",
"impermanence": "impermanence",
- "nixpkgs": "nixpkgs",
+ "nixos-wsl": "nixos-wsl",
+ "nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"ps-flakes": "ps-flakes",
"zls": "zls"
},
"zig-overlay": {
"inputs": {
- "flake-compat": "flake-compat",
+ "flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"zls",
]
},
"locked": {
- "lastModified": 1755864794,
- "narHash": "sha256-hgnov6RLA+DD4Uocs/vCbiH3/3sKvqiJOKHpdhGyVAI=",
+ "lastModified": 1764203689,
+ "narHash": "sha256-ivb0SqCptyIxx5g8ryRrUL0xrJhLrJPlvZbZjxVaui0=",
"owner": "mitchellh",
"repo": "zig-overlay",
- "rev": "5cd601f8760d2383210b7b8c8a45fc79388f3ddf",
+ "rev": "8f7347545dea59b75e40247cc1ed55a42f64dbbf",
"type": "github"
},
"original": {
"zig-overlay": "zig-overlay"
},
"locked": {
- "lastModified": 1756050261,
- "narHash": "sha256-RC7icNWQgTwyMYWjVx0lAikRwmRanmav/qs21/lKKvo=",
+ "lastModified": 1764993315,
+ "narHash": "sha256-67LhYwmcE/8V/24Tkde1ItxjDEliKqCSVU/oroJ3owM=",
"owner": "zigtools",
"repo": "zls",
- "rev": "35fa2d3ef62378db68b1e0805b9e529f6df9f5ce",
+ "rev": "60cff3d69f6072b840aa588fb8454fac9a95fbe1",
"type": "github"
},
"original": {
url = "git://ps.run/flakes";
inputs.nixpkgs.follows = "nixpkgs";
};
+
+ nixos-wsl.url = "github:nix-community/NixOS-WSL/main";
};
outputs = { self, nixpkgs, ... }@inputs: {
./config-incus.nix
inputs.home-manager.nixosModules.default
+ inputs.nixos-wsl.nixosModules.default {
+ system.stateVersion = "24.11";
+ wsl.enable = true;
+ }
];
};
};
};
};
- xfconf.settings = {
- xfce4-desktop = {
- "backdrop/screen0/monitor0/image-path" = "${wallpaper}";
- "backdrop/screen0/monitor0/image-show" = true;
- "backdrop/screen0/monitor0/image-style" = 5;
- };
- };
-
systemd.user.services.markdownCaddy = {
Unit = {
Description = "Run a web server serving Markdown files.";
};
};
- xdg.desktopEntries = {
- whatsapp = {
- name = "WhatsApp";
- genericName = "Messenger";
- exec = "app web.whatsapp.com";
- terminal = false;
- categories = [ "Application" ];
- icon = pkgs.fetchurl {
- url = "https://upload.wikimedia.org/wikipedia/commons/thumb/a/a7/2062095_application_chat_communication_logo_whatsapp_icon.svg/1024px-2062095_application_chat_communication_logo_whatsapp_icon.svg.png";
- sha256 = "sha256-0eE3EEGnWFlpObfraTXMIqJz0Uya/h0hDsUA528qKCY=";
- };
- };
- md = {
- name = "Markdown";
- genericName = "Documents";
- exec = "md-app";
- terminal = false;
- categories = [ "Application" ];
- icon = pkgs.fetchurl {
- url = "https://upload.wikimedia.org/wikipedia/commons/thumb/4/48/Markdown-mark.svg/1024px-Markdown-mark.svg.png";
- sha256 = "0v161jvmcfxp9lwd86y789430w1vpvxnnm5n2hzgr1kfh03psvb2";
- };
- };
- };
-
gtk.enable = true;
gtk.theme = {
package = theme;
ncdu
gnumake gcc
linux-wifi-hotspot
- esptool picocom
+ #esptool
+ picocom
wireshark
nil
bc
projects / flake_thinkpad / commitdiff