foglar/nixos-config
foglar/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: foglar:79291ca5b5a76be82650c20375b0eb6cfbb58ea4
Branches Tags
foglar:master
..
compare: foglar:c2eaa3b7df2c0c72dcd158c9ac7db00418c52bae
Branches Tags
foglar:master

No commits in common. "79291ca5b5a76be82650c20375b0eb6cfbb58ea4" and "c2eaa3b7df2c0c72dcd158c9ac7db00418c52bae" have entirely different histories.
79291ca5b5 ... c2eaa3b7df

9 changed files with 28 additions and 174 deletions
Show Stats Expand all files Collapse all files

116
README.md
View File

@ -1,10 +1,10 @@
# dotfiles # dotfiles
- best NixOS starter dotfiles in the **flake** setup - my personal nix dotfiles in the **flake**
## Build and deploy ## Build and deploy
- simple build command for system using kogami profile - simple build command for system
```bash ```bash
git clone https://git.foglar.tech/foglar/dotfiles.git $HOME/.dotfiles git clone https://git.foglar.tech/foglar/dotfiles.git $HOME/.dotfiles
@ -32,124 +32,18 @@ sudo nixos-generate-config --dir ~/.dotfiles/ginoza
sudo nixos-rebuild switch --flake ~/.dotfiles#kogami sudo nixos-rebuild switch --flake ~/.dotfiles#kogami
``` ```
## Profiles ## Features
- The system consists currently from 2 profiles:
- [Kogami](./kogami/configuration.nix) - My daily driver notebook
- [Ginoza](./ginoza/configuration.nix) - Old notebook, only essentials installed
- Nix-On-Droid - in future
- Nix on not nix-distro - in future
- Nix server - in future
- Nix in WSL - in future
### Custom setup
- You can simply modify profile by editing (for example kogami profile) [./kogami/configuration.nix](./kogami/configuration.nix), for system settings and [./kogami/home.nix](./kogami/home.nix), for user settings.
- All possible options are automatically set:
- for system settings in [system.nix](./nixos/system/system.nix)
- for system packages in [packages.nix](./nixos/system/packages.nix)
- for home-manager or user configuration in [home.nix](./nixos/home/packages/packages.nix)
- Many options are by default set to true, so you should disable them in your own configuration
> [!IMPORTANT]
> Don't forget to edit your username in [flake.nix](./flake.nix) and other settings like preffered shell and browser etc...
## Default Features
| System features | |
| --------------- | ------------------------- |
| OS | NixOS |
| Display Server | Wayland |
| Window Manager | Hyprland |
| Fonts | Monaspace |
| Colorscheme | Stylix (Catppuccin Mocha) |
| Icon theme | Papirus |
| User configuration | |
| ------------------ | ---------- |
| Panel | Waybar |
| Launcher | Rofi |
| Terminal | Kitty |
| Shell | Zsh |
| Shell prompt | Oh-My-Posh |
> [!TIP]
> Whole system is very configurable and customizable.
> You can change default applications right in [flake.nix](./flake.nix) under userSettings
- you can change your default system from Hyprland to GNOME or KDE, or maybe have all of them at the same time
### Secure Operations ### Secure Operations
- private key for sops is in **~/.config/sops/ags/keys.txt** - file for sops is in **~/.config/sops/ags/keys.txt**
- Generate your key using this command:
```bash
nix-shell nixpkgs#age -c age-keygen -o ~/.config/sops/age/keys.txt
```
- secrets are managed in yaml file [secrets.yaml](./nixos/system/packages/sops/secrets/secrets.yaml)
- things that are actually managed in sops configuration:
- SSH keys
- Passwords
- Yubikey ID
> [!NOTE]
> This configuration will work fine even without SOPS configuration, if you don't need it justs ignore it.
- for more information about SOPS and NixOS look at [Vimjoyer's](https://www.youtube.com/@vimjoyer/featured) [video on youtube](https://www.youtube.com/watch?v=G5f6GC7SnhU) or in [sops-nix repository](https://github.com/Mic92/sops-nix)
### Yubikey ### Yubikey
- setup your Yubikey to work with current user - setup your yubikey to work with current user
- change your Yubikey ID in [yubikey.nix](./nixos/system/packages/yubikey.nix) or in [sops.nix](./nixos/system/packages/sops/sops.nix), you can add multiple IDs.
- If you have multiple Yubikeys, run this for each of them.
```bash ```bash
nix-shell -p yubico-pam -p yubikey-manager nix-shell -p yubico-pam -p yubikey-manager
ykman otp chalresp --touch --generate 2 ykman otp chalresp --touch --generate 2
ykpamcfg -2 -v ykpamcfg -2 -v
``` ```
- test your Yubikey with commands
```bash
nix-shell -p pamtester
pamtester login <username> authenticate
pamtester sudo <username> authenticate
```
- for more information about Yubikeys and NixOS look at the [nixos wiki](https://nixos.wiki/wiki/Yubikey) or [EmergentMind's](https://github.com/EmergentMind) [video on youtube](https://www.youtube.com/watch?v=3CeXbONjIgE)
### SSH configuration
- declarative ssh keys configuration
- will be simplified in near future
```bash
nix-shell -p sops neovim
# This is for Yubikey key generation.
ssh-keygen -t ed25519-sk -N ""
# To generate normal key use same command:
ssh-keygen -t ed25519 -N "" # without -sk
sops edit ./nixos/system/packages/sops/secrets/secrets.yaml
# if using NixOS on your server then:
#! Nothing to see here for now!!!
# else:
ssh-copy-id -i ~/.ssh/[key_name] [server_name]@[ip]
# optional - add your host to ssh configuration
nvim /nixos/system/packages/ssh-client.nix
```
## Sources of inspiration
- [EmergentMind's Nix-Config](https://github.com/EmergentMind/nix-config) - explanation of yubikey setup and declarative configuration of SSH keys
- [YT video](https://www.youtube.com/watch?v=3CeXbONjIgE)
- [LibrePhoenix's Nix-Config](https://github.com/librephoenix/nixos-config) - if else options and modular control center
- [YT video about modular control center](https://www.youtube.com/watch?v=H_Qct7TVB6o)
- [YT video about if else options](https://www.youtube.com/watch?v=Qull6TMQm4Q)
- [Vimjoyer's videos](https://www.youtube.com/@vimjoyer) - all videos

5
TODO.md
View File

@ -15,10 +15,9 @@
- [x] options for YUBIKEY to make more sense and control - [x] options for YUBIKEY to make more sense and control
- [x] power profiles solution in waybar - [x] power profiles solution in waybar
- [x] auto-cpufreq - [x] auto-cpufreq
- [x] ssh config module
- [ ] modularity connected via configuration.nix file with home manager (disable gnome, gnome configuration will be disabled too) - [ ] modularity connected via configuration.nix file with home manager (disable gnome, gnome configuration will be disabled too)
- [ ] neovim - [ ] neovim
- [ ] librewolf and firefox fix, extensions and bookmarks in librewolf - [ ] librewolf and firefox fix
- [ ] graph of my system structure - [ ] graph of my system structure
- [ ] cleanup hyprland subtools (rofi, hyprlock, waybar) - [ ] cleanup hyprland subtools (rofi, hyprlock, waybar)
- [ ] modularize hyprland config into multiple files - [ ] modularize hyprland config into multiple files
@ -26,7 +25,7 @@
- [ ] make static background folder and figure out how to simply manage backgrounds across my devices - [ ] make static background folder and figure out how to simply manage backgrounds across my devices
- [ ] NVIDIA options - [ ] NVIDIA options
- [ ] fix plasma manager and extend gnome configuration - [ ] fix plasma manager and extend gnome configuration
- [ ] nix-on-droid - [ ] merge shell aliases
- [ ] update my home page and create new web - [ ] update my home page and create new web
- [ ] fix kde theme in stylix - [ ] fix kde theme in stylix

8
flake.nix
View File

@ -62,18 +62,14 @@
username = "shinya"; # konsta or shinya (else defaulting to shinya or none) username = "shinya"; # konsta or shinya (else defaulting to shinya or none)
hostname = "kogami"; # kogami or ginoza hostname = "kogami"; # kogami or ginoza
shell = "zsh"; # bash, zsh shell = "zsh"; # bash, zsh, none
terminal = "kitty"; # kitty, alacritty, gnome-terminal terminal = "kitty"; # kitty, alacritty, gnome-terminal
browser = "librewolf"; # firefox, librewolf, qutebrowser browser = "librewolf"; # firefox, librewolf, qutebrowser
editor = "neovim"; # neovim, vscode editor = "neovim"; # neovim, vscode
# List all themes: $ nix build nixpkgs#base16-schemes && ls result/share/themes # List all themes: $ nix build nixpkgs#base16-schemes && ls result/share/themes
theme = "catppuccin-mocha"; # tokyo-night-dark, one-dark theme = "catppuccin-mocha"; #tokyo-night-dark, one-dark
background = "aurora_borealis.png"; background = "aurora_borealis.png";
plasma = false;
gnome = false;
hyprland = true;
}; };
system = "x86_64-linux"; system = "x86_64-linux";

1
ginoza/configuration.nix
View File

@ -67,7 +67,6 @@
lock-on-remove = false; lock-on-remove = false;
notify = false; notify = false;
}; };
ssh.client.enable = false;
}; };
# Basic programs to enable # Basic programs to enable

11
kogami/configuration.nix
View File

@ -36,6 +36,9 @@
sys = { sys = {
audio.enable = true; audio.enable = true;
desktop = { desktop = {
plasma.enable = false;
gnome.enable = false;
hyprland.enable = true;
steamdeck.enable = true; steamdeck.enable = true;
}; };
fonts.packages = true; fonts.packages = true;
@ -68,7 +71,6 @@
lock-on-remove = false; lock-on-remove = false;
notify = true; notify = true;
}; };
ssh.client.enable = true;
}; };
# Basic programs to enable # Basic programs to enable
@ -76,6 +78,13 @@
programs.wireshark.enable = true; programs.wireshark.enable = true;
programs.auto-cpufreq.enable = true; programs.auto-cpufreq.enable = true;
programs.ssh.extraConfig = ''
Host masaoka
HostName 192.168.8.140
User foglar
IdentityFile ~/.ssh/id_masaoka
'';
#services.twingate.enable = true; #services.twingate.enable = true;
# Allow unfree packages # Allow unfree packages

20
nixos/home/desktop/desktops.nix
View File

@ -1,8 +1,5 @@
{lib, ...}:
{ {
lib,
userSettings,
...
}: {
imports = [ imports = [
./hyprland/hyprland.nix ./hyprland/hyprland.nix
./kde/kde.nix ./kde/kde.nix
@ -10,17 +7,8 @@
]; ];
desktop = { desktop = {
gnome.enable = gnome.enable = lib.mkDefault false;
if userSettings.gnome kde.enable = lib.mkDefault false;
then lib.mkDefault true hyprland.enable = lib.mkDefault true;
else lib.mkDefault false;
kde.enable =
if userSettings.plasma
then lib.mkDefault true
else lib.mkDefault false;
hyprland.enable =
if userSettings.hyprland
then lib.mkDefault true
else lib.mkDefault false;
}; };
} }

2
nixos/system/packages.nix
View File

@ -7,7 +7,6 @@
./packages/virtual-machines.nix ./packages/virtual-machines.nix
./packages/yubikey.nix ./packages/yubikey.nix
./packages/sops/sops.nix ./packages/sops/sops.nix
./packages/ssh-client.nix
]; ];
program = { program = {
@ -23,7 +22,6 @@
lock-on-remove = lib.mkDefault false; lock-on-remove = lib.mkDefault false;
notify = lib.mkDefault false; notify = lib.mkDefault false;
}; };
ssh.client.enable = lib.mkDefault true;
}; };
sys.desktop.steamdeck.enable = lib.mkDefault false; sys.desktop.steamdeck.enable = lib.mkDefault false;
sys.security.sops.enable = lib.mkDefault true; sys.security.sops.enable = lib.mkDefault true;

19
nixos/system/packages/ssh-client.nix
View File

@ -1,19 +0,0 @@
{
lib,
config,
...
}: {
options = {
program.ssh.client.enable = lib.mkEnableOption "enable SSH client configuration";
};
config = lib.mkIf config.program.ssh.client.enable {
programs.ssh = {
extraConfig = ''
Host masaoka
HostName 192.168.8.140
User foglar
IdentityFile ~/.ssh/id_masaoka
'';
};
};
}

16
nixos/system/system.nix
View File

@ -1,7 +1,6 @@
{ {
lib, lib,
config, config,
userSettings,
... ...
}: { }: {
imports = [ imports = [
@ -22,18 +21,9 @@
sys = { sys = {
audio.enable = lib.mkDefault true; audio.enable = lib.mkDefault true;
desktop = { desktop = {
plasma.enable = plasma.enable = lib.mkDefault true;
if userSettings.plasma == true gnome.enable = lib.mkDefault false;
then lib.mkDefault true hyprland.enable = lib.mkDefault true;
else lib.mkDefault false;
gnome.enable =
if userSettings.gnome == true
then lib.mkDefault true
else lib.mkDefault false;
hyprland.enable =
if userSettings.hyprland == true
then lib.mkDefault true
else lib.mkDefault false;
}; };
fonts.packages = lib.mkDefault true; fonts.packages = lib.mkDefault true;
locales.enable = lib.mkDefault true; locales.enable = lib.mkDefault true;