From bba08e6d7b1ea9568c0d44ee6817b62587409cc1 Mon Sep 17 00:00:00 2001 From: Alexandre LUCAZEAU Date: Sun, 29 Oct 2023 22:50:52 +0100 Subject: [PATCH] ADD lap2nix host --- hosts/lap2nix/home-manager/bat.nix | 8 + hosts/lap2nix/home-manager/bat/default.nix | 7 + hosts/lap2nix/home-manager/firefox.nix | 101 ++++++++++ hosts/lap2nix/home-manager/home.nix | 78 ++++++++ hosts/lap2nix/home-manager/home_firefox.nix | 112 +++++++++++ hosts/lap2nix/home-manager/packages.nix | 46 +++++ hosts/lap2nix/nixos/configuration.nix | 178 ++++++++++++++++++ hosts/lap2nix/nixos/extra_hw.nix | 33 ++++ hosts/lap2nix/nixos/gnome.nix | 29 +++ .../lap2nix/nixos/hardware-configuration.nix | 51 +++++ hosts/lap2nix/nixos/laptop.nix | 7 + hosts/lap2nix/nixos/services.nix | 54 ++++++ 12 files changed, 704 insertions(+) create mode 100644 hosts/lap2nix/home-manager/bat.nix create mode 100644 hosts/lap2nix/home-manager/bat/default.nix create mode 100644 hosts/lap2nix/home-manager/firefox.nix create mode 100644 hosts/lap2nix/home-manager/home.nix create mode 100644 hosts/lap2nix/home-manager/home_firefox.nix create mode 100644 hosts/lap2nix/home-manager/packages.nix create mode 100644 hosts/lap2nix/nixos/configuration.nix create mode 100644 hosts/lap2nix/nixos/extra_hw.nix create mode 100644 hosts/lap2nix/nixos/gnome.nix create mode 100644 hosts/lap2nix/nixos/hardware-configuration.nix create mode 100644 hosts/lap2nix/nixos/laptop.nix create mode 100644 hosts/lap2nix/nixos/services.nix diff --git a/hosts/lap2nix/home-manager/bat.nix b/hosts/lap2nix/home-manager/bat.nix new file mode 100644 index 0000000..835c47c --- /dev/null +++ b/hosts/lap2nix/home-manager/bat.nix @@ -0,0 +1,8 @@ +{ config, pkgs, ... }: +{ + #configDir = "/home/alexandre/git/nixos-config/hosts/dell-5590/nixpkgs/"; + programs.bat = { + enable = true; + # } // (import "${configDir}/bat"); + } // (import "/home/alexandre/git/nixos-config/hosts/dell-5590/home-manager/bat"); +} diff --git a/hosts/lap2nix/home-manager/bat/default.nix b/hosts/lap2nix/home-manager/bat/default.nix new file mode 100644 index 0000000..fc6f712 --- /dev/null +++ b/hosts/lap2nix/home-manager/bat/default.nix @@ -0,0 +1,7 @@ +{ + config = { + decorations = "auto"; + paging = "auto"; + theme = "Nord"; + }; +} diff --git a/hosts/lap2nix/home-manager/firefox.nix b/hosts/lap2nix/home-manager/firefox.nix new file mode 100644 index 0000000..6c97799 --- /dev/null +++ b/hosts/lap2nix/home-manager/firefox.nix @@ -0,0 +1,101 @@ +{ config, lib, pkgs, ... }: +{ + programs.firefox = { + enable = true; + package = pkgs.wrapFirefox pkgs.firefox-unwrapped { + extraPolicies = { + CaptivePortal = false; + DisableFirefoxStudies = true; + DisablePocket = true; + DisableTelemetry = true; + DisableFirefoxAccounts = false; + NoDefaultBookmarks = true; + OfferToSaveLogins = true; + OfferToSaveLoginsDefault = true; + PasswordManagerEnabled = true; + FirefoxHome = { + Search = true; + Pocket = false; + Snippets = false; + TopSites = false; + Highlights = false; + }; + UserMessaging = { + ExtensionRecommendations = false; + SkipOnboarding = true; + }; + }; + }; + profiles = { + alexandre = { + id = 0; + name = "alexandre"; + search = { + force = true; + default = "Google"; + engines = { + "Nix Packages" = { + urls = [{ + template = "https://search.nixos.org/packages"; + params = [ + { name = "type"; value = "packages"; } + { name = "query"; value = "{searchTerms}"; } + ]; + }]; + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = [ "@np" ]; + }; + "NixOS Wiki" = { + urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }]; + iconUpdateURL = "https://nixos.wiki/favicon.png"; + updateInterval = 24 * 60 * 60 * 1000; + definedAliases = [ "@nw" ]; + }; + "Wikipedia (en)".metaData.alias = "@wiki"; + "Google".metaData.hidden = false; + "Amazon.com".metaData.hidden = true; + "Bing".metaData.hidden = true; + "eBay".metaData.hidden = true; + }; + }; + + bookmarks = [ + { + name = "wikipedia"; + tags = [ "wiki" ]; + keyword = "wiki"; + url = "https://en.wikipedia.org/wiki/Special:Search?search=%s&go=Go"; + } + { + name = "kernel.org"; + url ="https://v2.produhost.net/panel/16148/dashboard"; + } + { + name = "Nix sites"; + toolbar = true; + bookmarks = [ + { + name = "homepage"; + url = "https://nixos.org/"; + } + { + name = "wiki"; + tags = [ "wiki" "nix" ]; + url = "https://nixos.wiki/"; + } + ]; + } + ]; + settings = { + "general.smoothScroll" = true; + }; + + extraConfig = '' + user_pref("full-screen-api.ignore-widgets", true); + user_pref("media.ffmpeg.vaapi.enabled", true); + user_pref("media.rdd-vpx.enabled", true); + ''; + }; + }; + }; +} diff --git a/hosts/lap2nix/home-manager/home.nix b/hosts/lap2nix/home-manager/home.nix new file mode 100644 index 0000000..48e9b44 --- /dev/null +++ b/hosts/lap2nix/home-manager/home.nix @@ -0,0 +1,78 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ./home_firefox.nix + ./packages.nix + ../../../modules/neovim.nix + ../../../modules/emacs.nix +# ../../../modules/tmux.nix + ../../../modules/git.nix + ]; + # Home Manager needs a bit of information about you and the paths it should + # manage. + home.username = "alexandre"; + home.homeDirectory = "/home/alexandre"; + + # This value determines the Home Manager release that your configuration is + # compatible with. This helps avoid breakage when a new Home Manager release + # introduces backwards incompatible changes. + # + # You should not change this value, even if you update Home Manager. If you do + # want to update the value, then make sure to first check the Home Manager + # release notes. + home.stateVersion = "23.05"; # Please read the comment before changing. + + # The home.packages option allows you to install Nix packages into your + # environment. + home.packages = [ + # # Adds the 'hello' command to your environment. It prints a friendly + # # "Hello, world!" when run. + # pkgs.hello + + # # It is sometimes useful to fine-tune packages, for example, by applying + # # overrides. You can do that directly here, just don't forget the + # # parentheses. Maybe you want to install Nerd Fonts with a limited number of + # # fonts? + # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) + + # # You can also create simple shell scripts directly inside your + # # configuration. For example, this adds a command 'my-hello' to your + # # environment: + # (pkgs.writeShellScriptBin "my-hello" '' + # echo "Hello, ${config.home.username}!" + # '') + ]; + + # Home Manager is pretty good at managing dotfiles. The primary way to manage + # plain files is through 'home.file'. + home.file = { + # # Building this configuration will create a copy of 'dotfiles/screenrc' in + # # the Nix store. Activating the configuration will then make '~/.screenrc' a + # # symlink to the Nix store copy. + # ".screenrc".source = dotfiles/screenrc; + + # # You can also set the file content immediately. + # ".gradle/gradle.properties".text = '' + # org.gradle.console=verbose + # org.gradle.daemon.idletimeout=3600000 + # ''; + }; + + # You can also manage environment variables but you will have to manually + # source + # + # ~/.nix-profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # /etc/profiles/per-user/alexandre/etc/profile.d/hm-session-vars.sh + # + # if you don't want to manage your shell through Home Manager. + home.sessionVariables = { + # EDITOR = "emacs"; + }; + + # Let Home Manager install and manage itself. + programs.home-manager.enable = true; +} diff --git a/hosts/lap2nix/home-manager/home_firefox.nix b/hosts/lap2nix/home-manager/home_firefox.nix new file mode 100644 index 0000000..0b0ed74 --- /dev/null +++ b/hosts/lap2nix/home-manager/home_firefox.nix @@ -0,0 +1,112 @@ +{ config, lib, pkgs, ... }: +let + nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") { + inherit pkgs; + }; +in +{ + programs.firefox = { + enable = true ; + profiles.default = { + isDefault = true ; + extensions = lib.mkIf config.programs.firefox.enable + (with nur.repos.rycee.firefox-addons; [ + french-dictionary + i-dont-care-about-cookies + ublock-origin + privacy-badger + keepassxc-browser + clearurls + decentraleyes + floccus + ]); + search = { + force = true; + default = "Google"; + engines = { + "Nix Packages" = { + urls = [{ + template = "https://search.nixos.org/packages"; + params = [ + { name = "type"; value = "packages"; } + { name = "query"; value = "{searchTerms}"; } + ]; + }]; + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = [ "@np" ]; + }; + "NixOS Wiki" = { + urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }]; + iconUpdateURL = "https://nixos.wiki/favicon.png"; + updateInterval = 24 * 60 * 60 * 1000; + definedAliases = [ "@nw" ]; + }; + "Wikipedia (en)".metaData.alias = "@wiki"; + "Google".metaData.hidden = false; + "Amazon.com".metaData.hidden = true; + "Bing".metaData.hidden = true; + "eBay".metaData.hidden = true; + }; + }; + + bookmarks = [ + { + name = "DRI"; + toolbar = true; + bookmarks = [ + { + name = "wiki"; + tags = [ "wiki" ]; + keyword = "wiki"; + url = "https://en.wikipedia.org/wiki/Special:Search?search="; + } + { + name = "AVV"; + url ="https://v2.produhost.net/panel/16148/dashboard"; + } + ]; + } + ]; + + settings = { + settings = { + "browser.contentblocking.category" = "strict" ; + "browser.search.region" = "CH" ; + "browser.startup.homepage" = https://www.google.fr ; + "browser.toolbars.bookmarks.visibility" = "always"; + "dom.security.https_only_mode" = true ; + "dom.security.https_only_mode_ever_enabled" = true ; + "extensions.blocklist.pingCountVersion" = -1 ; + "extensions.databaseSchema" = 35 ; + "extensions.ui.dictionary.hidden" = false ; + "extensions.ui.extension.hidden" = false ; + "extensions.ui.locale.hidden" = true ; + "extensions.ui.sitepermission.hidden" = true ; + "extensions.webcompat.enable_shims" = true ; + "extensions.webcompat.perform_injections" = true ; + "extensions.webcompat.perform_ua_overrides" = true ; + "findbar.highlightAll" = true ; + "font.name.serif.x-western" = "FreeSerif" ; + "font.size.variable.x-western" = 20 ; + "media.eme.enabled" = true ; + "pref.browser.homepage.disable_button.current_page" = false ; + "print_printer" = "Mozilla Save to PDF" ; + "privacy.annotate_channels.strict_list.enabled" = true ; + "privacy.clearOnShutdown.cookies" = true ; + "privacy.clearOnShutdown.downloads" = false ; + "privacy.clearOnShutdown.formdata" = false ; + "privacy.clearOnShutdown.history" = false ; + "privacy.clearOnShutdown.offlineApps" = true ; + "privacy.clearOnShutdown.sessions" = false ; + "privacy.donottrackheader.enabled" = true ; + "privacy.firstparty.isolate" = true ; + "privacy.history.custom" = true ; + "privacy.purge_trackers.date_in_cookie_database" = 0 ; + "privacy.trackingprotection.emailtracking.enabled" = true ; + "privacy.trackingprotection.enabled" = true ; + "privacy.trackingprotection.socialtracking.enabled" = true ; + }; + }; + } ; + } ; +} diff --git a/hosts/lap2nix/home-manager/packages.nix b/hosts/lap2nix/home-manager/packages.nix new file mode 100644 index 0000000..65df6a2 --- /dev/null +++ b/hosts/lap2nix/home-manager/packages.nix @@ -0,0 +1,46 @@ +{ pkgs, ... }: { + programs.go.enable = true; + home.packages = with pkgs; [ + jq + nextcloud-client + libreoffice + rofi + poppler_utils + brightnessctl + chromium + gimp + scrot + papirus-icon-theme + ganttproject-bin + audio-recorder + pandoc + hugo + whois + inkscape + feh + ispell + aspellDicts.fr + nix-direnv + keepassxc + direnv + texlive.combined.scheme-full + zola + exa + python3 + unar # like 7z + nmap + libnotify + sublime-music + drawio + lsd + dig + vlc + pinta + # python39Packages.grip + linphone + graphviz + freecad + thunderbird + ]; + nixpkgs.config.permittedInsecurePackages = [ "ferdi-5.8.1" ]; +} diff --git a/hosts/lap2nix/nixos/configuration.nix b/hosts/lap2nix/nixos/configuration.nix new file mode 100644 index 0000000..a695c92 --- /dev/null +++ b/hosts/lap2nix/nixos/configuration.nix @@ -0,0 +1,178 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running `nixos-help`). + +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ./laptop.nix + ./services.nix + ./gnome.nix + ./extra_hw.nix + ]; + + + # Use the systemd-boot EFI boot loader. + boot = { + loader.systemd-boot.enable = true; + loader.efi.canTouchEfiVariables = true; + loader.grub.efiSupport = true; + loader.grub.efiInstallAsRemovable = true; + loader.grub.device = "nodev"; + plymouth.enable = true; + tmp.cleanOnBoot = true ; + kernelParams = [ "i915.enable_fbc=1" ]; + }; + + networking = { + hostName = "lap2nix"; + networkmanager.enable = true; + firewall.enable = true; + }; + + time.timeZone = "Europe/Paris"; + + + # Select internationalisation properties. + i18n.defaultLocale = "fr_FR.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "fr"; + }; + + fonts = { + fontDir.enable = true; + enableGhostscriptFonts = true; + fonts = with pkgs; [ + corefonts + vistafonts + powerline-fonts + inconsolata + terminus_font + proggyfonts + dejavu_fonts + font-awesome + nerdfonts + source-code-pro + source-sans-pro + source-serif-pro + iosevka + roboto-mono + fira-code + ]; + }; + + + # Enable the X11 windowing system. + services.xserver.enable = true; + + + # Enable the GNOME Desktop Environment. + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + + users = { + groups.ntp = {}; + defaultUserShell = "/run/current-system/sw/bin/fish"; + extraUsers.alexandre = { + isNormalUser = true; + home = "/home/alexandre"; + description = "alexandre"; + extraGroups = [ "wheel" "networkmanager" "docker" "libvirtd" "scanner" "plocate" "lp" ]; + packages = with pkgs; [ + firefox + gitAndTools.gitFull + ]; + }; + extraUsers.oem = { + isNormalUser = true; + home = "/home/oem"; + description = "oem"; + extraGroups = [ "wheel" "networkmanager" ]; + }; + }; + + environment.variables = { + EDITOR = "nvim"; + BROWSER = "firefox"; + LESS = "--quit-if-one-screen --RAW-CONTROL-CHARS"; + TERMINAL = "xfce4-terminal"; + PRIVATE_BROWSER = "firefox -private"; + }; + + security = { + rtkit.enable = true; # for pipewire + apparmor.enable = true; + pam = { + u2f = { + enable = true; + control = "requisite"; + }; + services = { + login.u2fAuth = true; + lightdm.u2fAuth = true; + gdm.u2fAuth = true; + }; + }; + }; + + +nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + nixpkgs.config = { + allowUnfree = true; + }; + + environment.systemPackages = with pkgs; [ + neovim + bat + lsd + pam_u2f + gsmartcontrol + lm_sensors + ]; + +nix.settings.auto-optimise-store = true; + nix.gc = { + automatic = true; + dates = "weekly"; + persistent = true; + options = "--delete-older-than 10d"; + }; + + programs = { + htop = { + enable = true; + settings.show_cpu_temperature = 1; + }; + fish = { + enable = true; + interactiveShellInit = '' + set -gx EDITOR nvim + ''; + shellAliases = { + ll = "ls -l"; + ls = "lsd"; + cat = "bat"; + sysrs = "sudo nixos-rebuild switch"; + sysup = "sudo nixos-rebuild switch --upgrade"; + sysclean = "sudo nix-collect-garbage -d; and sudo nix-store --optimise"; + # nvim = "nvim -u ~/.config/nvim/init.lua"; + }; + }; + }; + + + system.stateVersion = "23.05"; # Did you read the comment? + + nixpkgs.config.packageOverrides = pkgs: { + nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") { + inherit pkgs; + }; + }; + +} + diff --git a/hosts/lap2nix/nixos/extra_hw.nix b/hosts/lap2nix/nixos/extra_hw.nix new file mode 100644 index 0000000..43a4ce3 --- /dev/null +++ b/hosts/lap2nix/nixos/extra_hw.nix @@ -0,0 +1,33 @@ +{ config, pkgs, ... }: +{ + hardware = { + cpu.intel.updateMicrocode = true; + enableAllFirmware = true; + pulseaudio.enable = false; + bluetooth = { + enable = true; + settings = { + General = { + Enable = "Source,Sink,Media,Socket"; + }; + }; + }; + logitech = { + wireless.enable = true; + wireless.enableGraphical = true; + }; + opengl = { + enable = true; + extraPackages = with pkgs; [ + intel-media-driver # LIBVA_DRIVER_NAME=iHD + vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) + vaapiVdpau + libvdpau-va-gl + ]; + }; + }; + # Video acceleration + nixpkgs.config.packageOverrides = pkgs: { + vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; + }; +} diff --git a/hosts/lap2nix/nixos/gnome.nix b/hosts/lap2nix/nixos/gnome.nix new file mode 100644 index 0000000..062c3d9 --- /dev/null +++ b/hosts/lap2nix/nixos/gnome.nix @@ -0,0 +1,29 @@ +{ config, pkgs, ... }: +{ + +services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + +environment.gnome.excludePackages = (with pkgs; [ + gnome-photos + gnome-tour +]) ++ (with pkgs.gnome; [ + cheese # webcam tool + gnome-music + gedit # text editor + epiphany # web browser + totem # video player + tali # poker game + iagno # go game + hitori # sudoku game + atomix # puzzle game +]); + +environment.systemPackages = with pkgs; [ + pkgs.gnome3.gnome-tweaks + gnomeExtensions.appindicator + gnomeExtensions.yakuake + gnomeExtensions.workspace-indicator-2 + gnomeExtensions.wireless-hid + gnomeExtensions.vitals +]; +} diff --git a/hosts/lap2nix/nixos/hardware-configuration.nix b/hosts/lap2nix/nixos/hardware-configuration.nix new file mode 100644 index 0000000..b4ec2b5 --- /dev/null +++ b/hosts/lap2nix/nixos/hardware-configuration.nix @@ -0,0 +1,51 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "vmd" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/72f89746-dc22-4d98-a060-7cb1b5d4ff99"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/749C-8D77"; + fsType = "vfat"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/69166e6c-3405-4025-8a22-ca456e65dfdf"; } + ]; + + boot.initrd.luks.devices = { + "partitions" = { + device = "/dev/nvme0n1p2"; + preLVM = true; + crypttabExtraOpts = ["fido2-device=auto"]; + }; + }; + + boot.initrd.systemd.enable = true; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/lap2nix/nixos/laptop.nix b/hosts/lap2nix/nixos/laptop.nix new file mode 100644 index 0000000..6bb29f2 --- /dev/null +++ b/hosts/lap2nix/nixos/laptop.nix @@ -0,0 +1,7 @@ +{ config, pkgs, ... }: +{ + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + +} diff --git a/hosts/lap2nix/nixos/services.nix b/hosts/lap2nix/nixos/services.nix new file mode 100644 index 0000000..ce9a993 --- /dev/null +++ b/hosts/lap2nix/nixos/services.nix @@ -0,0 +1,54 @@ +{ config, pkgs, ... }: +{ + services = { + avahi = { + enable = true; + openFirewall = true; + }; + + clamav = { + daemon.enable = true; + updater.enable = true; + }; + + ntp = { + enable = true; + }; + + thermald = { + enable = true; + }; + + fstrim = { + enable = true; + }; + + locate = { + enable = true; + locate = pkgs.plocate; + interval = "hourly"; + localuser = null; + }; + + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + # Enable the X11 windowing system. + xserver = { + enable = true; + # Configure keymap in X11 + layout = "fr"; + xkbOptions = "eurosign:e,caps:escape"; + # Enable the GNOME Desktop Environment. + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + }; + udev.extraRules = '' + ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", ENV{DISPLAY}=":0", ENV{XAUTHORITY}="/home/alexandre/.Xauthority" RUN+="${pkgs.sudo}/bin/sudo -u alexandre ${pkgs.xdg-utils}/bin/xdg-screensaver lock" + ''; + }; +}