From 6e68d78660f7d1c12fc8f14bd85b4532fc76bf77 Mon Sep 17 00:00:00 2001 From: Patrick Date: Sun, 7 Dec 2025 23:40:40 +0100 Subject: [PATCH] update --- config-containers.nix | 4 +- config-incus.nix | 5 +- config-networking.nix | 2 +- config-system.nix | 11 +- configuration.nix | 241 ------------------------------------------ flake.lock | 105 +++++++++++++----- flake.nix | 6 ++ home-ps.nix | 36 +------ 8 files changed, 95 insertions(+), 315 deletions(-) diff --git a/config-containers.nix b/config-containers.nix index 8141c35..9b814ca 100644 --- a/config-containers.nix +++ b/config-containers.nix @@ -1,4 +1,5 @@ - +{ config, pkgs, inputs, lib, ... } @ args: +{ # Containers containers = { im = { @@ -41,3 +42,4 @@ networking.nat.internalInterfaces = ["ve-+"]; networking.nat.externalInterface = "eth0"; networking.networkmanager.unmanaged = [ "interface-name:ve-*" ]; +} diff --git a/config-incus.nix b/config-incus.nix index 5e6ebbf..ab80e2d 100644 --- a/config-incus.nix +++ b/config-incus.nix @@ -1,4 +1,5 @@ - +{ config, pkgs, inputs, lib, ... } @ args: +{ # incus admin init --minimal # incus image list images: # incus launch images:ubuntu/noble @@ -8,4 +9,4 @@ virtualisation.incus.enable = true; virtualisation.incus.ui.enable = true; networking.firewall.trustedInterfaces = [ "incusbr0" ]; - +} diff --git a/config-networking.nix b/config-networking.nix index 40ac1f8..507df82 100644 --- a/config-networking.nix +++ b/config-networking.nix @@ -1,7 +1,7 @@ { config, pkgs, inputs, lib, ... } @ args: { networking.nftables.enable = true; - networking.hostName = "thinkpad"; # Define your hostname. + networking.hostName = "acer"; # Define your hostname. # Enable networking # networking.networkmanager.enable = true; networking.firewall.allowedTCPPorts = [ 22 1234 5900 6011 6021 6022 8080 53317 7236 7250 ]; diff --git a/config-system.nix b/config-system.nix index 845d98d..634e930 100644 --- a/config-system.nix +++ b/config-system.nix @@ -4,9 +4,6 @@ nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.download-buffer-size = 500000000; nix.settings.trusted-users = ["root" "ps"]; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - nix.settings.download-buffer-size = 500000000; - nix.settings.trusted-users = ["root" "ps"]; nixpkgs.config.allowUnfree = true; # Set your time zone. @@ -27,11 +24,5 @@ LC_TIME = "de_DE.UTF-8"; }; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "24.05"; # Did you read the comment? + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } diff --git a/configuration.nix b/configuration.nix index a5eda85..1b0aca3 100644 --- a/configuration.nix +++ b/configuration.nix @@ -26,7 +26,6 @@ in ]; # Bootloader. - boot.tmp.cleanOnBoot = true; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.plymouth.enable = true; @@ -38,94 +37,16 @@ in boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelParams = [ "quiet" "udev.log_level=0" "amdgpu.runpm=0" ]; - # incus admin init --minimal - # incus image list images: - # incus launch images:ubuntu/noble - # incus exec -- /bin/bash - # incus exec -- adduser --shell /bin/bash --ingroup sudo ps - # incus exec -- su - ps -c 'tmux new-session -A -s main' - virtualisation.incus.enable = true; - virtualisation.incus.ui.enable = true; - networking.nftables.enable = true; - networking.firewall.trustedInterfaces = [ "incusbr0" ]; - - networking.hostName = "thinkpad"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - nix.settings.download-buffer-size = 500000000; - nix.settings.trusted-users = ["root" "ps"]; - # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - # Enable networking - networking.networkmanager.enable = true; - - # Set your time zone. - time.timeZone = "Europe/Berlin"; - - # Select internationalisation properties. - i18n.defaultLocale = "de_DE.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "de_DE.UTF-8"; - LC_IDENTIFICATION = "de_DE.UTF-8"; - LC_MEASUREMENT = "de_DE.UTF-8"; - LC_MONETARY = "de_DE.UTF-8"; - LC_NAME = "de_DE.UTF-8"; - LC_NUMERIC = "de_DE.UTF-8"; - LC_PAPER = "de_DE.UTF-8"; - LC_TELEPHONE = "de_DE.UTF-8"; - LC_TIME = "de_DE.UTF-8"; - }; programs.dconf.enable = true; programs.steam.enable = true; - # Containers - containers = { - im = { - ephemeral = true; - # privateNetwork = true; - localAddress = "10.23.45.2"; - hostAddress = "10.23.45.1"; - - bindMounts."/per".hostPath = "/var/lib/nixos-containers/im"; - bindMounts."/per".isReadOnly = false; - - extraFlags = [ - "--property='MemoryMax=60M'" - "--property='MemoryHigh=50M'" - "--property='CPUQuota=4%'" - ]; - - config = { config, pkgs, ... }: { - imports = [ inputs.impermanence.nixosModules.impermanence ]; - - environment.persistence."/per" = { - directories = [ - "/var/log" - "/var/lib" - { directory = "/home/ps"; user = "ps"; group = "users"; mode = "0750"; } - ]; - files = []; - }; - environment.systemPackages = with pkgs; [ helix python312 deno ]; - - users.users.ps = { isNormalUser = true; }; - - networking.firewall.allowedTCPPorts = [ 80 8080 ]; - - system.stateVersion = "25.05"; - }; - }; - }; - networking.nat.enable = true; - networking.nat.internalInterfaces = ["ve-+"]; - networking.nat.externalInterface = "eth0"; - networking.networkmanager.unmanaged = [ "interface-name:ve-*" ]; # Services services = { @@ -187,13 +108,6 @@ in }; }; - services.syncthing = { - enable = true; - user = "ps"; - dataDir = "/home/ps/sync"; - configDir = "/home/ps/.config/syncthing"; - }; - # services.auto-cpufreq.enable = true; services.auto-cpufreq.settings = { battery = { @@ -261,21 +175,6 @@ in # lidSwitch = "suspend"; # }; - # Configure console keymap - console.keyMap = "de-latin1-nodeadkeys"; - - # Enable CUPS to print documents. - services.printing.enable = true; - services.printing.drivers = [ pkgs.gutenprint ]; - - # Enable scanners - hardware.sane.enable = true; - hardware.sane.extraBackends = [ pkgs.hplipWithPlugin pkgs.sane-airscan ]; - services.avahi.enable = true; - services.avahi.nssmdns4 = true; - services.avahi.reflector = true; - services.udev.packages = [ pkgs.sane-airscan ]; - # Enable Bluetooth hardware.bluetooth.enable = true; hardware.bluetooth.powerOnBoot = false; @@ -305,160 +204,20 @@ in # naturalScrolling = false; # }; - # Define a user account. Don't forget to set a password with ‘passwd’. - users.groups.ssh = {}; - users.users = { - ps = { - isNormalUser = true; - description = "Patrick"; - shell = pkgs.bash; - extraGroups = [ "networkmanager" "wheel" "dialout" "jackaudio" "lp" "incus-admin" ]; - }; - # sshd = { - # isSystemUser = true; - # packages = [ - # pkgs.python3 - # ]; - # group = "ssh"; - # }; - chirp = { - isSystemUser = true; - packages = [ - pkgs.python3 - ]; - group = "ssh"; - shell = pkgs.bash; - initialPassword = "chirp"; - }; - }; - - security.polkit.enable = true; - security.sudo.wheelNeedsPassword = false; - - home-manager = { - backupFileExtension = "backup"; - extraSpecialArgs = { - inherit inputs; - inherit wallpaper; - }; - users = { - "ps" = import ./home-ps.nix; - "root" = { home.stateVersion = "24.05"; }; - }; - sharedModules = [ - (import ./home-common.nix) - ]; - }; - - # Enable automatic login for the user. - # services.displayManager.autoLogin.enable = true; - # services.displayManager.autoLogin.user = "ps"; - # services.getty.autologinUser = "ps"; - # Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229 # systemd.services."getty@tty1".enable = false; # systemd.services."autovt@tty1".enable = false; # Allow unfree packages - nixpkgs.config.allowUnfree = true; environment.variables = { RUSTICL_ENABLE = "radeonsi"; }; - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - args.inputs.zls.inputs.zig-overlay.packages.${pkgs.system}.master - args.inputs.zls.packages.${pkgs.system}.zls - args.inputs.psch-flakes.packages.${pkgs.system}.resetmsmice - args.inputs.nixpkgs-unstable.legacyPackages.${pkgs.system}.zuban - vim wget file git kitty i3 gdb - mosh - cmake - entr - asciinema asciinema-agg - shellify - deno - typst - jdt-language-server - google-java-format - - scrcpy - - xsel - xcwd - - pinta - mupdf - davinci-resolve - - pavucontrol - syncthingtray - # xfce plugins - xfce.xfce4-panel - xfce.xfce4-pulseaudio-plugin - # xfce.xfce4-verve-plugin - xfce.xfce4-notes-plugin - # xfce.xfce4-timer-plugin - # xfce.xfce4-windowck-plugin - xfce.thunar-archive-plugin - # xfce.xfce4-i3-workspaces-plugin - # xfce.xfce4-xkb-plugin - xfce.xfce4-whiskermenu-plugin - - ]; - - programs.xfconf.enable = true; - programs.nix-ld.enable = true; - programs.direnv.enable = true; - programs.direnv.nix-direnv.enable = true; - - services.fwupd.enable = true; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - services.openssh = { - enable = true; - ports = [ 22 ]; - # settings = { - # PasswordAuthentication = false; - # PermitRootLogin = "no"; - # }; - # authorizedKeysCommand = - # let keys = pkgs.writers.writePython3Bin "keys" {} '' - # import sys - # - # args = sys.argv - # - # print(args) - # ''; - # in - # "${keys}/bin/keys"; - # authorizedKeysCommandUser = "ps"; - }; # Open ports in the firewall. - networking.firewall.allowedTCPPorts = [ 22 1234 5900 6011 6021 6022 8080 53317 7236 7250 ]; - networking.firewall.allowedUDPPorts = [ 5901 53317 7236 5353 ]; # Or disable the firewall altogether. # networking.firewall.enable = false; - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/flake.lock b/flake.lock index 294a850..3899a49 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1752033806, - "narHash": "sha256-XUHXDV8vwVjX6aYeJmPShMGJI9jx+JC0yWw0hsKbtMw=", + "lastModified": 1765080359, + "narHash": "sha256-BvAgmqgswcokD2eWoyO3uB1k1VTdpxDHGSx0RYRFjDg=", "owner": "rycee", "repo": "nur-expressions", - "rev": "08bd298d38f4110a3049cbe1876c1c77a8b4797f", + "rev": "35f8ab2ecd954b3a348aa0e253878211c48a0aa7", "type": "gitlab" }, "original": { @@ -23,6 +23,22 @@ } }, "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1761588595, + "narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { "flake": false, "locked": { "lastModified": 1696426674, @@ -82,11 +98,11 @@ ] }, "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "lastModified": 1762808025, + "narHash": "sha256-XmjITeZNMTQXGhhww6ed/Wacy2KzD6svioyCX7pkUu4=", "owner": "hercules-ci", "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "rev": "cb5e3fdca1de58ccbc3ef53de65bd372b48f567c", "type": "github" }, "original": { @@ -102,11 +118,11 @@ ] }, "locked": { - "lastModified": 1751810233, - "narHash": "sha256-kllkNbIqQi3VplgTMeGzuh1t8Gk8TauvkTRt93Km+tQ=", + "lastModified": 1763992789, + "narHash": "sha256-WHkdBlw6oyxXIra/vQPYLtqY+3G8dUVZM8bEXk0t8x4=", "owner": "nix-community", "repo": "home-manager", - "rev": "9b0873b46c9f9e4b7aa01eb634952c206af53068", + "rev": "44831a7eaba4360fb81f2acc5ea6de5fde90aaa3", "type": "github" }, "original": { @@ -131,29 +147,49 @@ "type": "github" } }, + "nixos-wsl": { + "inputs": { + "flake-compat": "flake-compat", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1764730608, + "narHash": "sha256-FxKIa3OCSRVC23qrk7VT68vExUcmSruJ8OobVlSWOxc=", + "owner": "nix-community", + "repo": "NixOS-WSL", + "rev": "10124c58674360765adcb38c9a8b081fb72904e4", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "main", + "repo": "NixOS-WSL", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1751943650, - "narHash": "sha256-7orTnNqkGGru8Je6Un6mq1T8YVVU/O5kyW4+f9C1mZQ=", - "owner": "nixos", + "lastModified": 1764517877, + "narHash": "sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "88983d4b665fb491861005137ce2b11a9f89f203", + "rev": "2d293cbfa5a793b4c50d17c05ef9e385b90edf6c", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-25.05", + "owner": "NixOS", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, "nixpkgs-unstable": { "locked": { - "lastModified": 1758427187, - "narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=", + "lastModified": 1764950072, + "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "554be6495561ff07b6c724047bdd7e0716aa7b46", + "rev": "f61125a668a320878494449750330ca58b78c557", "type": "github" }, "original": { @@ -163,6 +199,22 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1764939437, + "narHash": "sha256-4TLFHUwXraw9Df5mXC/vCrJgb50CRr3CzUzF0Mn3CII=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "00d2457e2f608b4be6fe8b470b0a36816324b0ae", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-25.05", + "repo": "nixpkgs", + "type": "github" + } + }, "ps-flakes": { "inputs": { "flake-utils": "flake-utils", @@ -189,7 +241,8 @@ "firefox-addons": "firefox-addons", "home-manager": "home-manager", "impermanence": "impermanence", - "nixpkgs": "nixpkgs", + "nixos-wsl": "nixos-wsl", + "nixpkgs": "nixpkgs_2", "nixpkgs-unstable": "nixpkgs-unstable", "ps-flakes": "ps-flakes", "zls": "zls" @@ -227,7 +280,7 @@ }, "zig-overlay": { "inputs": { - "flake-compat": "flake-compat", + "flake-compat": "flake-compat_2", "flake-utils": "flake-utils_2", "nixpkgs": [ "zls", @@ -235,11 +288,11 @@ ] }, "locked": { - "lastModified": 1755864794, - "narHash": "sha256-hgnov6RLA+DD4Uocs/vCbiH3/3sKvqiJOKHpdhGyVAI=", + "lastModified": 1764203689, + "narHash": "sha256-ivb0SqCptyIxx5g8ryRrUL0xrJhLrJPlvZbZjxVaui0=", "owner": "mitchellh", "repo": "zig-overlay", - "rev": "5cd601f8760d2383210b7b8c8a45fc79388f3ddf", + "rev": "8f7347545dea59b75e40247cc1ed55a42f64dbbf", "type": "github" }, "original": { @@ -257,11 +310,11 @@ "zig-overlay": "zig-overlay" }, "locked": { - "lastModified": 1756050261, - "narHash": "sha256-RC7icNWQgTwyMYWjVx0lAikRwmRanmav/qs21/lKKvo=", + "lastModified": 1764993315, + "narHash": "sha256-67LhYwmcE/8V/24Tkde1ItxjDEliKqCSVU/oroJ3owM=", "owner": "zigtools", "repo": "zls", - "rev": "35fa2d3ef62378db68b1e0805b9e529f6df9f5ce", + "rev": "60cff3d69f6072b840aa588fb8454fac9a95fbe1", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 918689c..70c68f6 100644 --- a/flake.nix +++ b/flake.nix @@ -26,6 +26,8 @@ url = "git://ps.run/flakes"; inputs.nixpkgs.follows = "nixpkgs"; }; + + nixos-wsl.url = "github:nix-community/NixOS-WSL/main"; }; outputs = { self, nixpkgs, ... }@inputs: { @@ -42,6 +44,10 @@ ./config-incus.nix inputs.home-manager.nixosModules.default + inputs.nixos-wsl.nixosModules.default { + system.stateVersion = "24.11"; + wsl.enable = true; + } ]; }; }; diff --git a/home-ps.nix b/home-ps.nix index 48cfe3c..e2133f6 100644 --- a/home-ps.nix +++ b/home-ps.nix @@ -76,14 +76,6 @@ in }; }; - xfconf.settings = { - xfce4-desktop = { - "backdrop/screen0/monitor0/image-path" = "${wallpaper}"; - "backdrop/screen0/monitor0/image-show" = true; - "backdrop/screen0/monitor0/image-style" = 5; - }; - }; - systemd.user.services.markdownCaddy = { Unit = { Description = "Run a web server serving Markdown files."; @@ -533,31 +525,6 @@ in }; }; - xdg.desktopEntries = { - whatsapp = { - name = "WhatsApp"; - genericName = "Messenger"; - exec = "app web.whatsapp.com"; - terminal = false; - categories = [ "Application" ]; - icon = pkgs.fetchurl { - url = "https://upload.wikimedia.org/wikipedia/commons/thumb/a/a7/2062095_application_chat_communication_logo_whatsapp_icon.svg/1024px-2062095_application_chat_communication_logo_whatsapp_icon.svg.png"; - sha256 = "sha256-0eE3EEGnWFlpObfraTXMIqJz0Uya/h0hDsUA528qKCY="; - }; - }; - md = { - name = "Markdown"; - genericName = "Documents"; - exec = "md-app"; - terminal = false; - categories = [ "Application" ]; - icon = pkgs.fetchurl { - url = "https://upload.wikimedia.org/wikipedia/commons/thumb/4/48/Markdown-mark.svg/1024px-Markdown-mark.svg.png"; - sha256 = "0v161jvmcfxp9lwd86y789430w1vpvxnnm5n2hzgr1kfh03psvb2"; - }; - }; - }; - gtk.enable = true; gtk.theme = { package = theme; @@ -628,7 +595,8 @@ in ncdu gnumake gcc linux-wifi-hotspot - esptool picocom + #esptool + picocom wireshark nil bc -- 2.50.1