Add baseline configuration

flake.lock

@@ -1,5 +1,20 @@
 {
   "nodes": {
+    "hardware": {
+      "locked": {
+        "lastModified": 1702453208,
+        "narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=",
+        "owner": "nixos",
+        "repo": "nixos-hardware",
+        "rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "repo": "nixos-hardware",
+        "type": "github"
+      }
+    },
     "home-manager": {
       "inputs": {
         "nixpkgs": [
@@ -55,6 +70,7 @@
     },
     "root": {
       "inputs": {
+        "hardware": "hardware",
         "home-manager": "home-manager",
         "nixpkgs": "nixpkgs",
         "nixpkgs-unstable": "nixpkgs-unstable"

flake.nix

@@ -13,8 +13,7 @@
     home-manager.url = "github:nix-community/home-manager/release-23.11";
     home-manager.inputs.nixpkgs.follows = "nixpkgs";
 
-    # TODO: Add any other flake you might need
-    # hardware.url = "github:nixos/nixos-hardware";
+    hardware.url = "github:nixos/nixos-hardware";
 
     # Shameless plug: looking for a way to nixify your themes and make
     # everything match nicely? Try nix-colors!

home/ghoscht/adalbert.nix

@@ -0,0 +1,41 @@
+{
+  inputs,
+  outputs,
+  ...
+}: {
+  imports = [
+    ./global
+  ];
+
+  # colorscheme = inputs.nix-colors.colorschemes.paraiso;
+  # wallpaper = outputs.wallpapers.cyberpunk-city-red;
+  #
+  # #  ------   -----   ------
+  # # | DP-3 | | DP-1| | DP-2 |
+  # #  ------   -----   ------
+  # monitors = [
+  #   {
+  #     name = "DP-3";
+  #     width = 1920;
+  #     height = 1080;
+  #     x = 0;
+  #     workspace = "3";
+  #     enabled = false;
+  #   }
+  #   {
+  #     name = "DP-1";
+  #     width = 2560;
+  #     height = 1080;
+  #     x = 1920;
+  #     workspace = "1";
+  #     primary = true;
+  #   }
+  #   {
+  #     name = "DP-2";
+  #     width = 1920;
+  #     height = 1080;
+  #     x = 4480;
+  #     workspace = "2";
+  #   }
+  # ];
+}

hosts/adalbert/default.nix

@@ -14,14 +14,24 @@
     # outputs.nixosModules.example
 
     # Or modules from other flakes (such as nixos-hardware):
-    # inputs.hardware.nixosModules.common-cpu-amd
-    # inputs.hardware.nixosModules.common-ssd
+    inputs.hardware.nixosModules.common-cpu-amd
+    inputs.hardware.nixosModules.common-gpu-nvidia
+    inputs.hardware.nixosModules.common-pc-ssd
 
     # You can also split up your configuration and import pieces of it here:
     # ./users.nix
 
     # Import your generated (nixos-generate-config) hardware configuration
     ./hardware-configuration.nix
+
+    ../common/global
+    ../common/users/ghoscht
+    ../common/optional/desktop/awesome.nix
+
+    ../common/optional/systemd-boot.nix
+    ../common/optional/wireshark.nix
+    ../common/optional/gamemode.nix
+    ../common/optional/kde-connect.nix
   ];
 
   nixpkgs = {
@@ -49,62 +59,20 @@
     };
   };
 
-  # This will add each flake input as a registry
-  # To make nix3 commands consistent with your flake
-  nix.registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs);
-
-  # This will additionally add your inputs to the system's legacy channels
-  # Making legacy nix commands consistent as well, awesome!
-  nix.nixPath = ["/etc/nix/path"];
-  environment.etc =
-    lib.mapAttrs'
-    (name: value: {
-      name = "nix/path/${name}";
-      value.source = value.flake;
-    })
-    config.nix.registry;
-
-  nix.settings = {
-    # Enable flakes and new 'nix' command
-    experimental-features = "nix-command flakes";
-    # Deduplicate and optimize nix store
-    auto-optimise-store = true;
-  };
-
-  # FIXME: Add the rest of your current configuration
-
   networking.hostName = "adalbert";
 
-  # TODO: This is just an example, be sure to use whatever bootloader you prefer
-  boot.loader.systemd-boot.enable = true;
+  # Force disable Nvidia PRIME, needed by nix-hardware
+  hardware.nvidia.prime.offload.enable = false;
 
-  # TODO: Configure your system-wide user settings (groups, etc), add more users as needed.
-  users.users = {
-    # FIXME: Replace with your username
-    ghoscht = {
-      # TODO: You can set an initial password for your user.
-      # If you do, you can skip setting a root password by passing '--no-root-passwd' to nixos-install.
-      # Be sure to change it (using passwd) after rebooting!
-      initialPassword = "yoi";
-      isNormalUser = true;
-      openssh.authorizedKeys.keys = [
-        # TODO: Add your SSH public key(s) here, if you plan on using SSH to connect
-      ];
-      # TODO: Be sure to add any other groups you need (such as networkmanager, audio, docker, etc)
-      extraGroups = ["wheel"];
-    };
+  programs = {
+    adb.enable = true;
+    dconf.enable = true;
+    kdeconnect.enable = true;
   };
 
-  # This setups a SSH server. Very important if you're setting up a headless system.
-  # Feel free to remove if you don't need it.
-  services.openssh = {
-    enable = true;
-    settings = {
-      # Forbid root login through SSH.
-      PermitRootLogin = "no";
-      # Use keys only. Remove if you want to SSH using password (not recommended)
-      PasswordAuthentication = false;
-    };
+  hardware = {
+    opengl.enable = true;
+    opentabletdriver.enable = true;
   };
 
   # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion

hosts/common/global/default.nix

@@ -0,0 +1,31 @@
+# This file (and the global directory) holds config that i use on all hosts
+{
+  inputs,
+  outputs,
+  ...
+}: {
+  imports =
+    [
+      inputs.home-manager.nixosModules.home-manager
+      ./fish.nix
+      ./locale.nix
+      ./nix.nix
+      ./podman.nix
+      ./power-button.nix
+    ]
+    ++ (builtins.attrValues outputs.nixosModules);
+
+  home-manager.extraSpecialArgs = {inherit inputs outputs;};
+
+  nixpkgs = {
+    overlays = builtins.attrValues outputs.overlays;
+    config = {
+      allowUnfree = true;
+    };
+  };
+
+  # Fix for qt6 plugins
+  environment.profileRelativeSessionVariables = {
+    QT_PLUGIN_PATH = ["/lib/qt-6/plugins"];
+  };
+}

hosts/common/global/fish.nix

@@ -0,0 +1,17 @@
+{
+  inputs,
+  pkgs,
+  ...
+}: {
+  programs.fish = {
+    enable = true;
+    vendor = {
+      completions.enable = true;
+      config.enable = true;
+      functions.enable = true;
+    };
+    useBabelfish = true;
+  };
+  users.defaultUserShell = pkgs.fish;
+  environment.shells = with pkgs; [fish];
+}

hosts/common/global/locale.nix

@@ -0,0 +1,19 @@
+{lib, ...}: {
+  time.timeZone = "Europe/Berlin";
+
+  i18n = {
+    defaultLocale = "en_US.UTF-8";
+    extraLocaleSettings = {
+      LC_ADDRESS = "de_DE.UTF-8";
+      LC_IDENTIFICATION = "de_DE.UTF-8";
+      LC_MEASUREMENT = "de_DE.UTF-8";
+      LC_MONETARY = "de_DE.UTF-8";
+      LC_NAME = "de_DE.UTF-8";
+      LC_NUMERIC = "de_DE.UTF-8";
+      LC_PAPER = "de_DE.UTF-8";
+      LC_TELEPHONE = "de_DE.UTF-8";
+      LC_TIME = "de_DE.UTF-8";
+    };
+  };
+  console.keyMap = "de";
+}

hosts/common/global/nix.nix

@@ -0,0 +1,28 @@
+{
+  inputs,
+  lib,
+  ...
+}: {
+  nix = {
+    settings = {
+      auto-optimise-store = lib.mkDefault true;
+      experimental-features = ["nix-command" "flakes" "repl-flake"];
+      warn-dirty = false;
+      system-features = ["kvm" "big-parallel" "nixos-test"];
+    };
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      # Keep the last 3 generations
+      options = "--delete-older-than +3";
+    };
+
+    # This will add each flake input as a registry
+    # To make nix3 commands consistent with your flake
+    registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs);
+
+    # Add nixpkgs input to NIX_PATH
+    # This lets nix2 commands still use <nixpkgs>
+    nixPath = ["nixpkgs=${inputs.nixpkgs.outPath}"];
+  };
+}

hosts/common/global/podman.nix

@@ -0,0 +1,10 @@
+{config, ...}: let
+  dockerEnabled = config.virtualisation.docker.enable;
+in {
+  virtualisation.podman = {
+    enable = true;
+    dockerCompat = !dockerEnabled;
+    dockerSocket.enable = !dockerEnabled;
+    defaultNetwork.settings.dns_enabled = true;
+  };
+}

hosts/common/global/power-button.nix

@@ -0,0 +1,10 @@
+{
+  inputs,
+  lib,
+  ...
+}: {
+  services.logind.extraConfig = ''
+    # don’t shutdown when power button is short-pressed
+     HandlePowerKey=ignore
+  '';
+}

hosts/common/global/tailscale.nix

@@ -0,0 +1,10 @@
+{lib, ...}: {
+  services.tailscale = {
+    enable = true;
+    useRoutingFeatures = lib.mkDefault "client";
+  };
+  networking.firewall = {
+    checkReversePath = "loose";
+    allowedUDPPorts = [41641]; # Facilitate firewall punching
+  };
+}

hosts/common/optional/desktop/awesome.nix

@@ -0,0 +1,15 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  imports = [./global.nix ./x11.nix];
+
+  services = {
+    xserver = {
+      # dpi = 180;
+      windowManager.awesome.enable = true;
+    };
+  };
+}

hosts/common/optional/desktop/flatpak.nix

@@ -0,0 +1,12 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  # Enable Flatpak
+  services.flatpak.enable = true;
+
+  # Create folder where all fonts are linked to /run/current-system/sw/share/X11/fonts
+  fonts.fontDir.enable = true;
+}

hosts/common/optional/desktop/global.nix

@@ -0,0 +1,18 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  imports = [./pipewire.nix ../printing.nix ./flatpak.nix ./xdg.nix];
+
+  # Enable networking
+  networking.networkmanager.enable = true;
+
+  # Enable for GTK
+  programs.dconf.enable = true;
+
+  services.xserver = {
+    displayManager.sddm.enable = true;
+  };
+}

hosts/common/optional/desktop/gnome.nix

@@ -0,0 +1,16 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  imports = [./global.nix ./x11.nix ./wayland.nix];
+
+  services = {
+    xserver = {
+      desktopManager.gnome = {
+        enable = true;
+      };
+    };
+  };
+}

hosts/common/optional/desktop/pipewire.nix

@@ -0,0 +1,11 @@
+{
+  security.rtkit.enable = true;
+  hardware.pulseaudio.enable = false;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    jack.enable = true;
+  };
+}

hosts/common/optional/desktop/wayland.nix

@@ -0,0 +1,15 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  # Hint electron apps to use wayland
+  environment.sessionVariables.NIXOS_OZONE_WL = "1";
+
+  environment.systemPackages = with pkgs; [
+    xwaylandvideobridge
+    libsForQt5.qt5.qtwayland
+    qt6.qtwayland
+  ];
+}

hosts/common/optional/desktop/x11.nix

@@ -0,0 +1,28 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  services = {
+    # Enable the X11 windowing system.
+    xserver = {
+      enable = true;
+      # Enable touchpad support
+      libinput.enable = true;
+      # Remove xterm terminal
+      excludePackages = with pkgs; [xterm];
+      modules = [pkgs.xf86_input_wacom];
+      wacom.enable = true;
+    };
+  };
+
+  # Install installation
+  environment = {
+    systemPackages = with pkgs; [
+      # X11
+      xorg.xkbutils
+      xorg.xkill
+    ];
+  };
+}

hosts/common/optional/desktop/xdg.nix

@@ -0,0 +1,14 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  xdg.portal = {
+    enable = true;
+    xdgOpenUsePortal = true;
+    wlr.enable = true;
+    extraPortals = with pkgs; [xdg-desktop-portal-gtk];
+    configPackages = with pkgs; [gnome.gnome-session];
+  };
+}

hosts/common/optional/docker.nix

@@ -0,0 +1,5 @@
+{
+  virtualisation.docker = {
+    enable = true;
+  };
+}

hosts/common/optional/encrypted-root.nix

@@ -0,0 +1,7 @@
+{config, ...}: let
+  hostname = config.networking.hostName;
+in {
+  boot.initrd = {
+    luks.devices."${hostname}".device = "/dev/disk/by-label/${hostname}_crypt";
+  };
+}

hosts/common/optional/gamemode.nix

@@ -0,0 +1,3 @@
+{
+  programs.gamemode.enable = true;
+}

hosts/common/optional/kde-connect.nix

@@ -0,0 +1,22 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  programs.kdeconnect.enable = true;
+
+  # Create system services for KDE connect
+  systemd.user.services.kdeconnect = {
+    description = "Adds communication between your desktop and your smartphone";
+    after = ["graphical-session-pre.target"];
+    partOf = ["graphical-session.target"];
+    wantedBy = ["graphical-session.target"];
+
+    serviceConfig = {
+      #Environment = "PATH=${config.home.profileDirectory}/bin";
+      ExecStart = "${pkgs.plasma5Packages.kdeconnect-kde}/libexec/kdeconnectd";
+      Restart = "on-abort";
+    };
+  };
+}

hosts/common/optional/printing.nix

@@ -0,0 +1,24 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  services = {
+    # Printer Setup
+    printing.enable = true;
+    avahi = {
+      enable = true;
+      nssmdns = true;
+      # for a WiFi printer
+      openFirewall = true;
+    };
+    udev.packages = [pkgs.utsushi];
+  };
+
+  # Scanner Setup
+  hardware.sane = {
+    enable = true;
+    extraBackends = [pkgs.utsushi];
+  };
+}

hosts/common/optional/quietboot.nix

@@ -0,0 +1,33 @@
+{
+  pkgs,
+  config,
+  ...
+}: {
+  console = {
+    useXkbConfig = true;
+    earlySetup = false;
+  };
+
+  boot = {
+    plymouth = {
+      enable = true;
+      theme = "spinner-monochrome";
+      themePackages = [
+        (pkgs.plymouth-spinner-monochrome.override {
+          inherit (config.boot.plymouth) logo;
+        })
+      ];
+    };
+    loader.timeout = 0;
+    kernelParams = [
+      "quiet"
+      "loglevel=3"
+      "systemd.show_status=auto"
+      "udev.log_level=3"
+      "rd.udev.log_level=3"
+      "vt.global_cursor_default=0"
+    ];
+    consoleLogLevel = 0;
+    initrd.verbose = false;
+  };
+}

hosts/common/optional/rgb.nix

@@ -0,0 +1,12 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  services.hardware.openrgb = {
+    enable = true;
+    package = pkgs.openrgb-with-all-plugins;
+    motherboard = lib.mkDefault config.variables.machine.motherboard;
+  };
+}

hosts/common/optional/systemd-boot.nix

@@ -0,0 +1,9 @@
+{
+  boot.loader = {
+    systemd-boot = {
+      enable = true;
+      consoleMode = "max";
+    };
+    efi.canTouchEfiVariables = true;
+  };
+}

hosts/common/optional/systemd-exit-node.nix

@@ -0,0 +1,6 @@
+{
+  imports = [../global/tailscale.nix];
+  services.tailscale = {
+    useRoutingFeatures = "both";
+  };
+}

hosts/common/optional/wireshark.nix

@@ -0,0 +1,5 @@
+{
+  programs.wireshark = {
+    enable = true;
+  };
+}

hosts/common/optional/x11-no-suspend.nix

@@ -0,0 +1,7 @@
+{
+  services.xserver.serverFlagsSection = ''
+    Option "StandbyTime" "0"
+    Option "SuspendTime" "0"
+    Option "OffTime" "0"
+  '';
+}

hosts/common/users/ghoscht/default.nix

@@ -0,0 +1,44 @@
+{
+  pkgs,
+  config,
+  ...
+}: let
+  ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
+in {
+  users.users.ghoscht = {
+    isNormalUser = true;
+    shell = pkgs.fish;
+    extraGroups =
+      [
+        "wheel"
+        "video"
+        "audio"
+        "camera"
+      ]
+      ++ ifTheyExist [
+        "minecraft"
+        "network"
+        "networkmanager"
+        "wireshark"
+        "i2c"
+        "mysql"
+        "docker"
+        "podman"
+        "git"
+        "libvirtd"
+        "deluge"
+        "lp"
+        "scanner"
+        "kvm"
+        "libvirtd"
+        "tty"
+        "dialout"
+      ];
+
+    packages = [pkgs.home-manager];
+  };
+
+  home-manager.users.ghoscht = import ../../../../home/ghoscht/${config.networking.hostName}.nix;
+
+  security.pam.services = {};
+}