diff --git a/flake.nix b/flake.nix index f283ff9..d9b3247 100644 --- a/flake.nix +++ b/flake.nix @@ -41,7 +41,8 @@ inputs.nixpkgs.follows = "nixpkgs"; }; nur.url = "github:nix-community/NUR"; - zen-browser.url = "git+https://git.sr.ht/~canasta/zen-browser-flake/"; # updated flake + zen-browser.url = + "git+https://git.sr.ht/~canasta/zen-browser-flake/"; # updated flake }; outputs = inputs@{ nixpkgs, ... }: { @@ -62,6 +63,19 @@ ./hosts/laptop/configuration.nix # CHANGEME: change the path to match your host folder ]; }; + + desktop = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + { + nixpkgs.overlays = [ inputs.hyprpanel.overlay inputs.nur.overlay ]; + _module.args = { inherit inputs; }; + } + inputs.home-manager.nixosModules.home-manager + inputs.stylix.nixosModules.stylix + ./hosts/desktop/configuration.nix + ]; + }; }; }; } diff --git a/hosts/desktop/configuration.nix b/hosts/desktop/configuration.nix new file mode 100644 index 0000000..eaae961 --- /dev/null +++ b/hosts/desktop/configuration.nix @@ -0,0 +1,29 @@ +{ config, ... }: { + imports = [ + ../../nixos/audio.nix + ../../nixos/auto-upgrade.nix + ../../nixos/fonts.nix + ../../nixos/home-manager.nix + ../../nixos/network-manager.nix + ../../nixos/nix.nix + ../../nixos/systemd-boot.nix + ../../nixos/timezone.nix + ../../nixos/tuigreet.nix + ../../nixos/users.nix + ../../nixos/utils.nix + ../../nixos/xdg-portal.nix + ../../nixos/variables-config.nix + ../../nixos/docker.nix + + # Choose your theme here + ../../themes/stylix/pinky.nix + + ./hardware-configuration.nix + ./variables.nix + ]; + + home-manager.users."${config.var.username}" = import ./home.nix; + + # Don't touch this + system.stateVersion = "24.05"; +} diff --git a/hosts/desktop/hardware-configuration.nix b/hosts/desktop/hardware-configuration.nix new file mode 100644 index 0000000..1e852bb --- /dev/null +++ b/hosts/desktop/hardware-configuration.nix @@ -0,0 +1,38 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/3d676a57-26eb-4616-b51e-da92dac44483"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/EE89-B594"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/desktop/home.nix b/hosts/desktop/home.nix new file mode 100644 index 0000000..5b527a9 --- /dev/null +++ b/hosts/desktop/home.nix @@ -0,0 +1,88 @@ +{ pkgs, config, ... }: { + + imports = [ + ./variables.nix + + # Programs + ../../home/programs/kitty + ../../home/programs/nvim + ../../home/programs/qutebrowser + ../../home/programs/shell + ../../home/programs/fetch + ../../home/programs/git + ../../home/programs/spicetify + ../../home/programs/nextcloud + ../../home/programs/yazi + ../../home/programs/markdown + ../../home/programs/thunar + ../../home/programs/lazygit + ../../home/programs/nh + + # Scripts + ../../home/scripts # All scripts + + # System (Desktop environment like stuff) + ../../home/system/hyprland + ../../home/system/hypridle + ../../home/system/hyprlock + ../../home/system/hyprpanel + ../../home/system/hyprpaper + ../../home/system/gtk + ../../home/system/wofi + ../../home/system/zathura + ../../home/system/mime + ../../home/system/udiskie + ../../home/system/clipman + ]; + + home = { + inherit (config.var) username; + homeDirectory = "/home/" + config.var.username; + + packages = with pkgs; [ + # Apps + discord # Chat + bitwarden # Password manager + vlc # Video player + blanket # White-noise app + + # Dev + go + nodejs + python3 + jq + figlet + just + + # Utils + zip + unzip + optipng + pfetch + pandoc + btop + + # Just cool + peaclock + cbonsai + pipes + cmatrix + cava + + # Backup + vscode + firefox + neovide + + pnpm + ]; + + # Import my profile picture, used by the hyprpanel dashboard + file.".profile_picture.png" = { source = ./profile_picture.png; }; + + # Don't touch this + stateVersion = "24.05"; + }; + + programs.home-manager.enable = true; +} diff --git a/hosts/desktop/profile_picture.png b/hosts/desktop/profile_picture.png new file mode 100644 index 0000000..71c63c9 Binary files /dev/null and b/hosts/desktop/profile_picture.png differ diff --git a/hosts/desktop/secrets/default.nix b/hosts/desktop/secrets/default.nix new file mode 100644 index 0000000..81715c6 --- /dev/null +++ b/hosts/desktop/secrets/default.nix @@ -0,0 +1,37 @@ +# Those are my secrets, encrypted with sops +# You shouldn't import this file, unless you edit it +{ pkgs, inputs, ... }: { + imports = [ inputs.sops-nix.homeManagerModules.sops ]; + + sops = { + age.keyFile = "/home/hadi/.config/sops/age/keys.txt"; + defaultSopsFile = ./secrets.yaml; + secrets = { + sshconfig = { path = "/home/hadi/.ssh/config"; }; + github-key = { path = "/home/hadi/.ssh/github"; }; + gitlab-key = { path = "/home/hadi/.ssh/gitlab"; }; + jack-key = { path = "/home/hadi/.ssh/jack"; }; + pia = { path = "/home/hadi/.config/pia/pia.ovpn"; }; + }; + }; + + home.file.".config/nixos/.sops.yaml".text = '' + keys: + - &primary age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334 + creation_rules: + - path_regex: hosts/laptop/secrets/secrets.yaml$ + key_groups: + - age: + - *primary + - path_regex: hosts/server/secrets/secrets.yaml$ + key_groups: + - age: + - *primary + ''; + + systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ]; + home.packages = with pkgs; [ sops age ]; + + wayland.windowManager.hyprland.settings.exec-once = + [ "systemctl --user start sops-nix" ]; +} diff --git a/hosts/desktop/secrets/secrets.yaml b/hosts/desktop/secrets/secrets.yaml new file mode 100644 index 0000000..f70f70c --- /dev/null +++ b/hosts/desktop/secrets/secrets.yaml @@ -0,0 +1,25 @@ +pia: ENC[AES256_GCM,data:0bnhHeVqKSLHVimd78a94ShHlO3+LUoZ4oiKD3cnBYkaZsw=,iv:S+/IChlFlqdI+PyFF+Ti4AJUkch2MS0qKiqHL1Q3RMk=,tag:+v2kV70ou84eIc01dKnAhA==,type:str] +sshconfig: ENC[AES256_GCM,data:/sDTGVeYRjxF5Epp5kmVS0ScSYOqOs2grX0+Ap8HJc8CQftpNOYXNYdEyqLDMc5g5ualaO4iKg4sQ76J4j9ZPugt4iprIvOo2Uxmu7KRU47Z8SNwrrMNpv6x/XA2P6r261e/e/pOHyrmiFfV/I5Km9IwGqY5TWbEhvjx8qyRO2bQDIdffI1L1ZWJGC9ZOZ4o5RJCr2xB+qxLLI2pl8qHZhvfZlGHnyHw5ne0RfAFubIrW4nQJTamoaGHZqWro4tVSfXAEb+9IsYCc1aj3MehVdV8PUQ38/LxL2MAQTt9bs7sHLf9DmxZ6rGPWmpJ+IRoQbP1PA65tobFOd+Kf13XvWymNUcQpQFHDj0vpvDONxIikO+vj2T7SteRRPy+38UPdB8jrHfQ1JrGbxUQIrWOWeD3S44lINmquIMclJQ26zf6nvklXR7xCuzNAvmjublsnYK+CGDkt/ap/kDD7nCuQYYY,iv:VX55dyt2N80LJPDYoUES7ZWJjlqVyQrUQWvOQ/yItBc=,tag:6NlHwy0SqJ40+ltQHzmX7g==,type:str] +github-key: ENC[AES256_GCM,data:xUgFMlBo8e+3eXqNscxbby1dWug3SgUagDiNUe/IGVbU6cczkaJ3uOaB0OuRBQ8AYhOLkzXj0pIKjUrElHwmYrhURtS1aF4SFEGJsjhhobNA//j3E2/5/nLVjfco+lRzyHdwmsNhEUCqEhsXrrodJMb39H4b5oip3z0rjc729YveiWUKQxXVZVPurp3nq9yNnix9R4CA6XYFRW6T6MNqgPD5qhbcDlhxLb/SN+uI5h+5eZIS24VDWlKaTaCLL5KLhZmfuA37SquOQ+edi9Yg8MnfrZkMrp/3qmAjP2rSQLMOc4QdQCLQBQSf0/snpydgLwY+FoJmMSztwtkqUdIZWOfDUJbJxegEOrAR68jLTNbp+GYiDn3thtOZDiK5p/M1amjCT+A9qeFMed5WS+aZHNTRbR9UcfiP6+48MGZFt1mr7q+/CoL04/DTp0w6tUf6/SZD31NvTJDqngkhpc0ZH9Dh5+2JcnBWpq25AM36kZTn1hIQCLNTr/oGWZXSLA2tksAhQCaUcFj4IIh6Bl96,iv:GEJsAs5NriwENYTV/VShgJF6iMmrtTwNiXOvfXyEP8E=,tag:nfZgsFqaet075GjQAoVZxQ==,type:str] +gitlab-key: ENC[AES256_GCM,data:6271Tg7LIJsXAw7Co32vva+iUWv+eRAfVfXaGkoirHxiPTAgZfq8yDpGJwti2D/aFnLvbURcUgp3B5zy1aURu9puXi6QMu3orJOE2Zx0dX3lyeHyIhOZ1hAWsQxwBDkJYODuMZbIKHNrF26Mkk6smFF9SrGoADZGxY7XSou/iopw6yrLvQAXP6lN55PQvoP5/ek/QzKNwjJAbAjp7FjjtPqPUbUdj7bfIfr9avs6gpRYnRzb2H3auyhb5qvyuRWnKu4+FeZUofC7HnfRU1eSI8UzG49Rg4f2b1Xqr0JtsjvEmuRx7lbptINXEAjW7zaSZ2B9NgotWPIzkNZRNZkuTEaOulBf5iH3wJ9GM1FcbUu2gpCt6y+CMIk5QkVvETYtKuALLbcPx9/sc90doiH1411LeKQCs5l88BBILG9KPkKmXiGGUVNxzFtjbRYQIUEmmyl95kPPEdCkkzGzHXNfE3F9HRu4MCGKPK2yZPZtCXd3Jp1b21wKSIRNYqLqxru+J8eLSljd3czO0SuTG/Vx,iv:E+y3aVLaiStlPLTQBqyfJuEXtAQyOvDUYS+XfuOHuA0=,tag:6d1IAsGcmcpgL1pE9dDcbw==,type:str] +jack-key: ENC[AES256_GCM,data:VfCl3wH0MMBc8QDyjLDFeSvzSEsf7uGpfJvRjFrmjW+bPRUXBpZhJV8a9VQIAz7z7zZXvzARMfCeI0ydyC57CW81GH5/H5pneJ4b+xreINjVfdLbL1nC1thelo/O64jda/L+xVKhgE+QQi8/zt4JmXGghkP+74nYcTTaMpmcbgWw354J1ybXqyCEY+88nsJ1d2s+M7M2bplx4fGb7sLUs6sqdsad3sENzhH/0HQCFXreHTtgsLbIs8ccmdRgFNKM8/wD0OoW76rOQsJoA9JY4yOTQNVoX5M8+Olj6+wVlt6QBrWrYRuEztGnHrHvzxiHXtmEkMwVNfoPpEflQyRYRa0rVp/66REOkMckGx6/LbxKFgrxnifRlsK3kWd28v2bRGVQOghUluYUtVkaJ+eh6o6ik0NQKx8/H6BznBSDE6MjDwbLv434LHBfDtAqhWN1eMbOlunFivsl5Hb/6rl9kydHlcCS6FY8cUHoKQ90gDaUuDrvUifwmdO5hU0GH5tgvGi1ReK9ndcpQsrHptG6,iv:oC1xU5Tu3The105VYRmxIw4kEwDoqe8T/EH6mmqpqwQ=,tag:Pu8c536u6W7ALrqjRsvXDw==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHVWN4YjZqczB3Q21WL1lz + ckROWkhRditHblVHVEpOS0E0aGVqdW14M0ZvCkNzRXlCOWFBWmQwTGpTYVdFRlpq + bFdOR2pSTEZpUVpvUHo2NklrQm5EU1kKLS0tIFZ5ZWhYcHg1Z0hTOTZIdHR1QUxv + cmVxVC8rVDlWMUdZaGw3bmdOaWZGS1EKYahBlc8XpB5UdKZQkvxbLcKQ/xkFJjWo + FSfQWnjhe/a7BJtJEcKZkjOQU0mYqlSu+uT2RA9diCQeRUJPRF+nAw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-11-05T12:05:15Z" + mac: ENC[AES256_GCM,data:ggTUKhmfUp4CCE6w3uiuwV0ys6xUhaMBeXi4WiaxkED/lB9iUdP9UssE9iF5lToyNxt/6O2C60CXc4OvpqBxe5dsxPkVNeB6PNhQrD5Ga8+Cu0i6hKz6Fmm0Rq461OuX0Nu2Nl3MUBCWxjM0+1ywfLRKDcjoVC7RzP5eo1NtrV8=,iv:G+Ntog1claKwAY4PEpUK1hjNzspDZiO3bdWNxugUXDQ=,tag:Yg2ZJEV2VrnTmpw8TykmZg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.1 diff --git a/hosts/desktop/variables.nix b/hosts/desktop/variables.nix new file mode 100644 index 0000000..d2835c4 --- /dev/null +++ b/hosts/desktop/variables.nix @@ -0,0 +1,28 @@ +{ config, ... }: { + imports = [ ../../nixos/variables-config.nix ]; + + config.var = { + hostname = "desktop"; + username = "hadi"; + configDirectory = "/home/" + config.var.username + + "/.config/nixos"; # The path of the nixos configuration directory + + keyboardLayout = "fr"; + + location = "Paris"; + timeZone = "Europe/Paris"; + defaultLocale = "en_US.UTF-8"; + extraLocale = "fr_FR.UTF-8"; + + git = { + username = "Hadi"; + email = "112569860+anotherhadi@users.noreply.github.com"; + }; + + autoUpgrade = false; + autoGarbageCollector = false; + + # Choose your theme variables here + theme = import ../../themes/var/pinky.nix; + }; +}