diff --git a/README.md b/README.md index c1fcb1f..01a03a3 100644 --- a/README.md +++ b/README.md @@ -1,22 +1,26 @@ -# my nix homelab config +# nix dotfiles -**THIS CONFIG IS STILL EXPERIMENTAL !! IT MIGHT WONT WORK OR JUST BREAK YOUR CURRENT INSTALL** -Hosted on a Proxmox VM (8Go RAM + 300Gb storage). It is not using the flake.nix because i don't see the use for it, as much than home-manager... +This repo hosts all my dotfiles. It includes two desktop config, one (terrible) computer config, and some server dots. It brings my own neovim config, called [miovim](https://git.rougebordeaux.xyz/misschloe/miovim). -The goal of this config is to include : +| name | description | +| ----------- | ------------------------------------------------- | +| `goober` | my main desktop config. Intel 9th gen + 1660 GPU. | +| `workspace` | my config for professional workspaces. | +| `sisyphe` | proxmox server vm | +| `labouse` | ASUS X75s (laptop) nix config. Highly experimental, as this is old hardware! | +| `dadarwin` | some basic iMac 2015 config. | -- [x] -arr suite -- [x] Authentik -- [x] slskd -- [ ] a cloud solution, to backup family files -- [x] crafty controller\* -- [x] a matrix server -- [x] tt-rss / freshrss\* -- [x] tailscale +`diva`, `strawberry` are WIP. Supposed to be two servers config. -\*Not using the "Nix" way (i prefer using Docker atm, i currently lack time) +`packages` also comes with some packages bundling i made for various software i use (and too shy to put in nixpkgs). -## Installation +# Installation +!! This config is not plug and play; it comes with some encrypted secrets and files that are not included here. !! -You will need to do a basic NixOS install with my config files placed @ `/etc/nixos`. -Then, setup and adapt the config with your secrets. I am using sops-nix here. +Make sure flakes and nix command is enabled first in your configuration, then run : + +```bash +git clone +# replace goober by whatever config interests you +sudo nixos-rebuild switch --flake .#goober +``` diff --git a/flake.lock b/flake.lock index 4807b49..7e93897 100644 --- a/flake.lock +++ b/flake.lock @@ -381,15 +381,15 @@ ] }, "locked": { - "lastModified": 1751909859, - "narHash": "sha256-gbpuESxl/An4GTh7QEbQRYJozVIxWkwVGbWK0/0GoRc=", - "rev": "4d4c2b8f0a801c91ce5b717c77fe3a17efa1402f", + "lastModified": 1751240025, + "narHash": "sha256-SXUAlxpjPRkArRMHy5+Hdi+PiC+ND9yzzIjiaHmTvQU=", + "rev": "8b1094356f4723d6e89d3f8a95b333ee16d9ab02", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/4d4c2b8f0a801c91ce5b717c77fe3a17efa1402f.tar.gz?rev=4d4c2b8f0a801c91ce5b717c77fe3a17efa1402f" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/8b1094356f4723d6e89d3f8a95b333ee16d9ab02.tar.gz" }, "original": { "type": "tarball", - "url": "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz" + "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.93.2-1.tar.gz" } }, "miovim": { @@ -436,7 +436,9 @@ }, "musnix": { "inputs": { - "nixpkgs": "nixpkgs_4" + "nixpkgs": [ + "nixpkgsUnstable" + ] }, "locked": { "lastModified": 1741303672, @@ -459,7 +461,7 @@ "git-hooks": "git-hooks", "hercules-ci-effects": "hercules-ci-effects", "neovim-src": "neovim-src", - "nixpkgs": "nixpkgs_5", + "nixpkgs": "nixpkgs_4", "treefmt-nix": "treefmt-nix" }, "locked": { @@ -676,22 +678,6 @@ } }, "nixpkgs_4": { - "locked": { - "lastModified": 1740695751, - "narHash": "sha256-D+R+kFxy1KsheiIzkkx/6L63wEHBYX21OIwlFV8JvDs=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "6313551cd05425cd5b3e63fe47dbc324eabb15e4", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_5": { "locked": { "lastModified": 1753151930, "narHash": "sha256-XSQy6wRKHhRe//iVY5lS/ZpI/Jn6crWI8fQzl647wCg=", @@ -707,7 +693,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1753115646, "narHash": "sha256-yLuz5cz5Z+sn8DRAfNkrd2Z1cV6DaYO9JMrEz4KZo/c=", @@ -723,7 +709,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { "lastModified": 1744868846, "narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=", @@ -739,7 +725,7 @@ "type": "github" } }, - "nixpkgs_8": { + "nixpkgs_7": { "locked": { "lastModified": 1750605355, "narHash": "sha256-xT8cPLTxlktxI9vSdoBlAVK7dXgd8IK59j7ZwzkkhnI=", @@ -817,7 +803,7 @@ "nix-flatpak": "nix-flatpak", "nix-secrets": "nix-secrets", "nixos-generators": "nixos-generators", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_5", "nixpkgsSmall": "nixpkgsSmall", "nixpkgsUnstable": "nixpkgsUnstable", "sops-nix": "sops-nix", @@ -848,7 +834,7 @@ }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1752544651, @@ -867,7 +853,7 @@ "swww": { "inputs": { "flake-compat": "flake-compat_3", - "nixpkgs": "nixpkgs_8", + "nixpkgs": "nixpkgs_7", "rust-overlay": "rust-overlay" }, "locked": { diff --git a/flake.nix b/flake.nix index 1a0134d..cb6b639 100644 --- a/flake.nix +++ b/flake.nix @@ -52,12 +52,13 @@ }; lix-module = { - url = "https://git.lix.systems/lix-project/nixos-module/archive/main.tar.gz"; + url = "https://git.lix.systems/lix-project/nixos-module/archive/2.93.2-1.tar.gz"; inputs.nixpkgs.follows = "nixpkgsUnstable"; inputs.lix.follows = "lix"; }; musnix = { url = "github:musnix/musnix"; + inputs.nixpkgs.follows = "nixpkgsUnstable"; }; moonlight = { url = "github:moonlight-mod/moonlight/develop"; # Add `/develop` to the flake URL to use nightly. @@ -119,7 +120,7 @@ specialArgs = specialArgs; modules = [ ./hosts/goober/configuration.nix - lix-module.nixosModules.default + # lix-module.nixosModules.default nix-flatpak.nixosModules.nix-flatpak musnix.nixosModules.musnix catppuccin.nixosModules.catppuccin diff --git a/home-manager/dotfiles/niri/config.kdl b/home-manager/dotfiles/niri/config.kdl index b8867de..9045ade 100644 --- a/home-manager/dotfiles/niri/config.kdl +++ b/home-manager/dotfiles/niri/config.kdl @@ -580,7 +580,7 @@ environment { // apps to launch at startup spawn-at-startup "qutebrowser" -spawn-at-startup "vesktop" +spawn-at-startup "discord" spawn-at-startup "beeper" spawn-at-startup "cinny" diff --git a/home-manager/home.nix b/home-manager/home.nix index 4f6e053..e700b93 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -87,6 +87,7 @@ obsidian papirus-icon-theme nvimpager + mpc # # You can also create simple shell scripts directly inside your # # configuration. For example, this adds a command 'my-hello' to your # # environment: diff --git a/hosts/goober/configuration.nix b/hosts/goober/configuration.nix index 4441303..cdefbc7 100644 --- a/hosts/goober/configuration.nix +++ b/hosts/goober/configuration.nix @@ -110,6 +110,7 @@ slurp wl-clipboard udiskie + lutris ]; # Some programs need SUID wrappers, can be configured further or are @@ -132,6 +133,15 @@ }; documentation.dev.enable = true; + systemd.extraConfig = "DefaultLimitNOFILE=524288"; + security.pam.loginLimits = [ + { + domain = "misschloe777"; + type = "hard"; + item = "nofile"; + value = "524288"; + } + ]; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. diff --git a/hosts/goober/features/hardware/nvidia.nix b/hosts/goober/features/hardware/nvidia.nix index ade3976..88db6a0 100644 --- a/hosts/goober/features/hardware/nvidia.nix +++ b/hosts/goober/features/hardware/nvidia.nix @@ -1,6 +1,10 @@ { config, pkgs, ... }: { + environment.systemPackages = with pkgs; [ + glxinfo + ]; + boot.blacklistedKernelModules = [ "nouveau" ]; hardware.graphics = { enable = true; diff --git a/hosts/goober/features/hardware/pipewire.nix b/hosts/goober/features/hardware/pipewire.nix index 9407451..3ac6609 100644 --- a/hosts/goober/features/hardware/pipewire.nix +++ b/hosts/goober/features/hardware/pipewire.nix @@ -8,6 +8,7 @@ alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; + jack.enable = true; }; environment.systemPackages = [ pkgs.pwvucontrol diff --git a/hosts/goober/features/software/discord.nix b/hosts/goober/features/software/discord.nix index 562702e..2b35f7f 100644 --- a/hosts/goober/features/software/discord.nix +++ b/hosts/goober/features/software/discord.nix @@ -4,14 +4,15 @@ pkgs, ... }: +let + discord = pkgs.discord.override { + withMoonlight = true; + moonlight = inputs.moonlight.packages.${pkgs.system}.moonlight; + }; +in { - environment.systemPackages = with pkgs; [ - discord.override - { - withMoonlight = true; - moonlight = inputs.moonlight.packages.${pkgs.system}.moonlight; - } - vesktop + environment.systemPackages = [ + discord ]; # screen record support xdg = { diff --git a/hosts/goober/features/software/workstation.nix b/hosts/goober/features/software/workstation.nix index 02176e8..96b295f 100644 --- a/hosts/goober/features/software/workstation.nix +++ b/hosts/goober/features/software/workstation.nix @@ -23,6 +23,7 @@ musnix.rtcqs.enable = true; environment.systemPackages = with pkgs; [ zathura + qutebrowser # music editing software reaper surge @@ -65,7 +66,7 @@ kicad ente-auth ente-web - jetbrains.rider + # jetbrains.rider revolt-desktop exactaudiocopy picard diff --git a/hosts/goober/hardware-configuration.nix b/hosts/goober/hardware-configuration.nix index f7c0f20..8361a76 100644 --- a/hosts/goober/hardware-configuration.nix +++ b/hosts/goober/hardware-configuration.nix @@ -27,7 +27,7 @@ "kvm-intel" "wl" ]; - boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; + # boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; fileSystems."/" = { device = "/dev/disk/by-uuid/4efbf111-4cbb-4e1e-b3ee-dc3fca1f6f4a"; diff --git a/shared/client/games.nix b/shared/client/games.nix index 90d44c1..3771e06 100644 --- a/shared/client/games.nix +++ b/shared/client/games.nix @@ -1,18 +1,34 @@ -{config, pkgs, ...}: { - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; + config, + lib, + pkgs, + ... +}: +{ + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ - "steam" - "steam-original" - "steam-run" - ]; + nixpkgs.config.allowUnfreePredicate = + pkg: + builtins.elem (lib.getName pkg) [ + "steam" + "steam-original" + "steam-run" + ]; - environment.systemPackages = with pkgs; [ - lutris - ]; - }; + environment.systemPackages = with pkgs; [ + lutris + ]; + systemd.extraConfig = "DefaultLimitNOFILE=524288"; + security.pam.loginLimits = [ + { + domain = "misschloe777"; + type = "hard"; + item = "nofile"; + value = "524288"; + } + ]; + }; } diff --git a/shared/isos/goober.nix b/shared/isos/goober.nix index e8165ee..3d69539 100644 --- a/shared/isos/goober.nix +++ b/shared/isos/goober.nix @@ -48,10 +48,9 @@ pkg: builtins.elem (lib.getName pkg) [ "nvidia" - "broadcom-sta" ]; - boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; + boot.extraModulePackages = [ ]; environment.systemPackages = with pkgs; [ # Add your own packages here neovim @@ -68,7 +67,7 @@ # Nvidia power management. Experimental, and can cause sleep/suspend to fail. # Enable this if you have graphical corruption issues or application crashes after waking - # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead + # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead # of just the bare essentials. powerManagement.enable = false; @@ -78,9 +77,9 @@ # Use the NVidia open source kernel module (not to be confused with the # independent third-party "nouveau" open source driver). - # Support is limited to the Turing and later architectures. Full list of - # supported GPUs is at: - # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus + # Support is limited to the Turing and later architectures. Full list of + # supported GPUs is at: + # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus # Only available from driver 515.43.04+ # Currently "beta quality", so false is currently the recommended setting. open = false;