165 lines
4.0 KiB
Nix
165 lines
4.0 KiB
Nix
# Universe - The big bang to my universe
|
|
#
|
|
# Copyright (c) 2023-2024 Sameer Rahmani <lxsameer@gnu.org>
|
|
#
|
|
# This program is free software; you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, version 2.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
{ nixpkgs
|
|
, modules
|
|
, system
|
|
, inputs
|
|
, pkgs
|
|
, utils
|
|
, hostBuilderConfig ? {
|
|
inVM = false;
|
|
}
|
|
, ...
|
|
}@params:
|
|
|
|
|
|
let
|
|
this = { pkgs, config, lib, ... }: {
|
|
time.timeZone = lib.mkDefault "Europe/Dublin";
|
|
|
|
networking.hostName = "x1";
|
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
|
|
hardware.enableRedistributableFirmware = true;
|
|
hardware.cpu.intel.updateMicrocode = true;
|
|
|
|
# I want to fully control my users via nix
|
|
users.mutableUsers = false;
|
|
networking.extraHosts = ''
|
|
192.168.0.122 mc
|
|
192.168.0.86 majin
|
|
192.168.0.87 mini
|
|
'';
|
|
|
|
fileSystems."/".neededForBoot = true;
|
|
fileSystems."/boot".neededForBoot = true;
|
|
fileSystems."/efi".neededForBoot = true;
|
|
|
|
services.gvfs.enable = true;
|
|
|
|
networking.firewall = {
|
|
enable = true;
|
|
allowedTCPPorts = [ 8000 ];
|
|
};
|
|
security.pam = {
|
|
services = {
|
|
login.u2fAuth = true;
|
|
sudo.u2fAuth = true;
|
|
};
|
|
yubico = {
|
|
enable = true;
|
|
debug = true;
|
|
mode = "challenge-response";
|
|
id = [ "24571728" "24571700" ];
|
|
};
|
|
};
|
|
boot.loader.efi = {
|
|
canTouchEfiVariables = true;
|
|
efiSysMountPoint = "/efi";
|
|
};
|
|
boot.loader.grub.efiInstallAsRemovable = lib.mkForce false;
|
|
|
|
|
|
environment.noXlibs = lib.mkForce false;
|
|
|
|
services.xserver = {
|
|
enable = true;
|
|
autorun = lib.mkDefault false;
|
|
xkb.layout = "us";
|
|
xkb.options = "eurosign:e";
|
|
|
|
displayManager = lib.mkDefault {
|
|
defaultSession = "fg42";
|
|
startx.enable = true;
|
|
};
|
|
|
|
libinput.enable = true; # for touchpad support
|
|
libinput.mouse.accelProfile = "adaptive";
|
|
libinput.mouse.accelSpeed = "-0.5";
|
|
|
|
videoDrivers = [
|
|
"i915"
|
|
];
|
|
|
|
};
|
|
|
|
sound.enable = true;
|
|
# Enable sound in virtualbox appliances.
|
|
hardware.pulseaudio.enable = true;
|
|
|
|
|
|
environment.systemPackages = [
|
|
pkgs.glxinfo
|
|
pkgs.xorg.xhost # not included by the x11 nixos module bydefault
|
|
];
|
|
|
|
networking.networkmanager.enable = true;
|
|
|
|
};
|
|
|
|
lxsameer = pkgs.callPackage ../users/lxsameer/default.nix { };
|
|
|
|
fg42 = inputs.fg42.packages.${system};
|
|
inVM = (utils.sanitizeBuilderConfig hostBuilderConfig).inVM;
|
|
host = if inVM then "x1VM" else "x1";
|
|
hw = inputs.nixos-hardware.nixosModules;
|
|
in
|
|
{
|
|
|
|
installer = import ./installer.nix (params // {
|
|
inherit host;
|
|
diskModule = (modules.disk-installer
|
|
host
|
|
(if inVM then ./x1/vm.disk.nix else ./x1/disks.nix));
|
|
});
|
|
|
|
x1 = nixpkgs.lib.nixosSystem {
|
|
inherit system;
|
|
|
|
modules = (with modules; [
|
|
"${nixpkgs}/nixos/modules/profiles/minimal.nix"
|
|
"${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
|
|
hw.lenovo-thinkpad-x1-7th-gen
|
|
hw.common-gpu-intel
|
|
this
|
|
(disk
|
|
(if inVM then ./x1/vm.disk.nix else ./x1/disks.nix))
|
|
bootable
|
|
base
|
|
lxsameer.user
|
|
desktop
|
|
styles
|
|
yubikey
|
|
udev.pio
|
|
virtualisation.podman
|
|
inputs.home-manager.nixosModules.home-manager
|
|
{
|
|
home-manager.useGlobalPkgs = true;
|
|
home-manager.useUserPackages = true;
|
|
|
|
home-manager.users.lxsameer = lxsameer.desktop;
|
|
home-manager.extraSpecialArgs = {
|
|
inherit inputs fg42;
|
|
};
|
|
}
|
|
]);
|
|
|
|
# Pass these attributes to all the modules for this
|
|
# host
|
|
specialArgs = { inherit inputs hostBuilderConfig; };
|
|
};
|
|
}
|