From e13360f793645b9bbfc9cee1bd48677b5118b709 Mon Sep 17 00:00:00 2001 From: tomoron Date: Thu, 4 Sep 2025 15:17:30 +0200 Subject: [PATCH] add yubikey to unlock FDE on laptop; update flake; minor wayland changes --- Makefile | 7 +- flake.lock | 95 ++++++++++++------------ flake.nix | 18 ++--- homeConfigs/home.nix | 17 ++++- homeConfigs/modules/alacritty.nix | 3 +- homeConfigs/modules/firefox.nix | 2 + homeConfigs/modules/wayland/hyprland.nix | 13 ++-- homeConfigs/packages.nix | 4 +- osConfigs/global.nix | 7 +- osConfigs/hosts/laptop.nix | 20 ++++- osConfigs/hosts/server.nix | 1 - 11 files changed, 113 insertions(+), 74 deletions(-) diff --git a/Makefile b/Makefile index 4897384..38eb17b 100644 --- a/Makefile +++ b/Makefile @@ -22,5 +22,10 @@ iso : rm -rf result cleanup : - sudo nix-collect-garbage -d --delete-older-than 1d + sudo nix-env --delete-generations +1 --profile /nix/var/nix/profiles/system + nix-env --delete-generations +1 --profile ~/.local/state/nix/profiles/home-manager + nix-env --delete-generations +1 + sudo nix-collect-garbage -d + +optimise : nix-store --optimize -vv diff --git a/flake.lock b/flake.lock index a68a347..8c12134 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,23 @@ { "nodes": { + "catppuccin": { + "inputs": { + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1756741629, + "narHash": "sha256-n+mgH3NoQf8d1jd8cDp/9Mt++hhyuE3LO3ZAxzjWRZw=", + "owner": "catppuccin", + "repo": "nix", + "rev": "cd22197da06df1eb6fabdaa2fc22c170c4f67382", + "type": "github" + }, + "original": { + "owner": "catppuccin", + "repo": "nix", + "type": "github" + } + }, "firefox-addons": { "inputs": { "nixpkgs": [ @@ -8,11 +26,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1756353808, - "narHash": "sha256-JkCqOE0kjWbT7GnXgngL+baLF/OeeVfPCh71HXfRh6g=", + "lastModified": 1756958609, + "narHash": "sha256-1nRGsnPZjOubRTsXEsnJqWlLsgo/Xq7tN7PWK57dFDQ=", "owner": "rycee", "repo": "nur-expressions", - "rev": "e47914363ccacc95994b567966d7fa1e25dd85ec", + "rev": "b2a4e1bc62946403f82594ab9550ac13a1afa4df", "type": "gitlab" }, "original": { @@ -29,11 +47,11 @@ ] }, "locked": { - "lastModified": 1756261190, - "narHash": "sha256-eiy0klFK5EVJLNilutR7grsZN/7Itj9DyD75eyOf83k=", + "lastModified": 1756954499, + "narHash": "sha256-Pg4xBHzvzNY8l9x/rLWoJMnIR8ebG+xeU+IyqThIkqU=", "owner": "nix-community", "repo": "home-manager", - "rev": "77f348da3176dc68b20a73dab94852a417daf361", + "rev": "ed1a98c375450dfccf427adacd2bfd1a7b22eb25", "type": "github" }, "original": { @@ -44,11 +62,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1756245047, - "narHash": "sha256-9bHzrVbjAudbO8q4vYFBWlEkDam31fsz0J7GB8k4AsI=", + "lastModified": 1756925795, + "narHash": "sha256-kUb5hehaikfUvoJDEc7ngiieX88TwWX/bBRX9Ar6Tac=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "a65b650d6981e23edd1afa1f01eb942f19cdcbb7", + "rev": "ba6fab29768007e9f2657014a6e134637100c57d", "type": "github" }, "original": { @@ -62,11 +80,27 @@ "locked": { "lastModified": 1756266583, "narHash": "sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM=", - "owner": "nixos", + "owner": "NixOS", "repo": "nixpkgs", "rev": "8a6d5427d99ec71c64f0b93d45778c889005d9c2", "type": "github" }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1756787288, + "narHash": "sha256-rw/PHa1cqiePdBxhF66V7R+WAP8WekQ0mCDG4CFqT8Y=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d0fc30899600b9b3466ddb260fd83deb486c32f1", + "type": "github" + }, "original": { "owner": "nixos", "ref": "nixos-unstable", @@ -74,50 +108,13 @@ "type": "github" } }, - "pkgs-docker-2750": { - "locked": { - "lastModified": 1737525964, - "narHash": "sha256-3wFonKmNRWKq1himW9N3TllbeGIHFACI5vmLpk6moF8=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "5757bbb8bd7c0630a0cc4bb19c47e588db30b97c", - "type": "github" - }, - "original": { - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "5757bbb8bd7c0630a0cc4bb19c47e588db30b97c", - "type": "github" - } - }, - "plymouth-theme-ycontre-glow": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1731939263, - "narHash": "sha256-mLwLR5dEJTvtqJU/lvo9f8c3/xIFPOpXlPF3JsJtnHo=", - "ref": "refs/heads/master", - "rev": "702e7b014ef6cf748252e797724e4096bafcaafa", - "revCount": 1, - "type": "git", - "url": "file:///home/tom/desktop/bordel/ycontre-glow" - }, - "original": { - "type": "git", - "url": "file:///home/tom/desktop/bordel/ycontre-glow" - } - }, "root": { "inputs": { + "catppuccin": "catppuccin", "firefox-addons": "firefox-addons", "home-manager": "home-manager", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs", - "pkgs-docker-2750": "pkgs-docker-2750", - "plymouth-theme-ycontre-glow": "plymouth-theme-ycontre-glow" + "nixpkgs": "nixpkgs_2" } } }, diff --git a/flake.nix b/flake.nix index c8117a9..2442f23 100644 --- a/flake.nix +++ b/flake.nix @@ -6,7 +6,7 @@ # By: tomoron +#+ +:+ +#+ # # +#+#+#+#+#+ +#+ # # Created: 2024/10/17 18:15:24 by tomoron #+# #+# # -# Updated: 2025/04/13 13:35:56 by tomoron ### ########.fr # +# Updated: 2025/08/30 19:38:12 by tomoron ### ########.fr # # # # **************************************************************************** # @@ -15,6 +15,7 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + catppuccin.url = "github:catppuccin/nix"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; @@ -26,21 +27,20 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - plymouth-theme-ycontre-glow = { - url = "git+file:///home/tom/desktop/bordel/ycontre-glow"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - pkgs-docker-2750.url = "github:NixOS/nixpkgs?rev=5757bbb8bd7c0630a0cc4bb19c47e588db30b97c"; + #plymouth-theme-ycontre-glow = { + # url = "git+file:///home/tom/desktop/bordel/ycontre-glow"; + # inputs.nixpkgs.follows = "nixpkgs"; + #}; }; - outputs = { nixpkgs, home-manager, nixos-hardware, ... }@inputs: + outputs = { nixpkgs, catppuccin, home-manager, nixos-hardware, ... }@inputs: let pkgs = import nixpkgs { system = "x86_64-linux"; config.allowUnfree = true; }; osConfig = {flakeName, extraModules ? []}: nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs; flakeName = flakeName; }; modules = nixpkgs.lib.concatLists [ - [./osConfigs/global.nix ./osConfigs/hosts/${flakeName}.nix ] + [./osConfigs/global.nix ./osConfigs/hosts/${flakeName}.nix catppuccin.nixosModules.catppuccin] extraModules ]; }; @@ -49,7 +49,7 @@ inherit pkgs; extraSpecialArgs = { inherit inputs; username = username; homeDir = homeDir; isOs = false; }; modules = nixpkgs.lib.concatLists [ - [ ./homeConfigs/home.nix ./homeConfigs/hosts/${flakeName}.nix] + [ ./homeConfigs/home.nix ./homeConfigs/hosts/${flakeName}.nix catppuccin.homeModules.catppuccin ] extraModules ]; }; diff --git a/homeConfigs/home.nix b/homeConfigs/home.nix index f892c46..8a2bd9e 100644 --- a/homeConfigs/home.nix +++ b/homeConfigs/home.nix @@ -6,7 +6,7 @@ # By: tomoron +#+ +:+ +#+ # # +#+#+#+#+#+ +#+ # # Created: 2024/10/17 18:15:38 by tomoron #+# #+# # -# Updated: 2025/05/12 12:35:00 by tomoron ### ########.fr # +# Updated: 2025/08/30 20:34:23 by tomoron ### ########.fr # # # # **************************************************************************** # @@ -39,7 +39,7 @@ gtk = { enable = true; theme = { package = pkgs.flat-remix-gtk; name = "Flat-Remix-GTK-Grey-Darkest"; }; - iconTheme = { package = pkgs.adwaita-icon-theme; name = "Adwaita"; }; +# iconTheme = { package = pkgs.adwaita-icon-theme; name = "Adwaita"; }; font = { name = "Sans"; size = 11; }; }; @@ -78,5 +78,18 @@ # ".local/bin/desk_sync".source = dotfiles/local/bin/desk_sync; }; + services.dunst.enable = true; + programs.home-manager.enable = true; + + qt.style.name = "kvantum"; + catppuccin.kvantum.apply = true; + + catppuccin = { + enable = true; + flavor = "mocha"; + + dunst.enable = true; + dunst.flavor="frappe"; + }; } diff --git a/homeConfigs/modules/alacritty.nix b/homeConfigs/modules/alacritty.nix index 2e3a7c0..8b3b503 100644 --- a/homeConfigs/modules/alacritty.nix +++ b/homeConfigs/modules/alacritty.nix @@ -8,10 +8,11 @@ }; config = lib.mkIf config.mods.alacritty.enable { + catppuccin.alacritty.enable = true; programs.alacritty = { enable = true; settings = { - window.opacity = 0.95; +# window.opacity = 0.95; env.XTERM = "xterm-256color"; font.size = 9; }; diff --git a/homeConfigs/modules/firefox.nix b/homeConfigs/modules/firefox.nix index f8c9387..1a76786 100644 --- a/homeConfigs/modules/firefox.nix +++ b/homeConfigs/modules/firefox.nix @@ -8,11 +8,13 @@ }; config = lib.mkIf config.mods.firefox.enable { + catppuccin.firefox.enable = true; programs.firefox = { enable = lib.mkDefault true; profiles.default = { extensions.packages = with inputs.firefox-addons.packages."x86_64-linux"; [vimium ublock-origin]; + extensions.force = true; }; }; }; diff --git a/homeConfigs/modules/wayland/hyprland.nix b/homeConfigs/modules/wayland/hyprland.nix index 07e5455..a551202 100644 --- a/homeConfigs/modules/wayland/hyprland.nix +++ b/homeConfigs/modules/wayland/hyprland.nix @@ -16,6 +16,7 @@ " , Print, exec, grim -t png -g \"$(slurp)\" /dev/stdout | tee ~/screenshots/$(date +%Y-%m-%d_%H-%m-%s).png | wl-copy -t image/png" "$mainMod, Return, exec, alacritty" "CTRL_ALT, Q, killactive," + "CTRL_ALT_SHIFT, Q, forcekillactive," "SUPER_ALT, Q, exit," "$mainMod, S, togglefloating," "$mainMod, I, pin," @@ -64,12 +65,12 @@ "$mainMod, mouse_up, workspace, e-1" ]; - bindm = [ + bindm = [ #bind mouse "$mainMod, mouse:272, movewindow" "$mainMod, mouse:273, resizewindow" ]; - bindel = [ + bindel = [ #repeat and locked " ,XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+" " ,XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-" " ,XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle" @@ -80,7 +81,7 @@ " ,XF86KbdBrightnessDown, exec, asusctl -p" ]; - bindl = [ + bindl = [ #repeat " , XF86AudioNext, exec, playerctl next" " , XF86AudioPrev, exec, playerctl previous" " , XF86AudioPause, exec, playerctl play-pause" @@ -152,9 +153,9 @@ }; general = { - gaps_in = 3; - gaps_out = 7; - border_size = 2; + gaps_in = 2; + gaps_out = 5; + border_size = 1; "col.active_border" = "rgba(33ccffee) rgba(00ff99ee) 45deg"; "col.inactive_border" = "rgba(595959aa)"; resize_on_border = false; diff --git a/homeConfigs/packages.nix b/homeConfigs/packages.nix index 740d736..dffc618 100644 --- a/homeConfigs/packages.nix +++ b/homeConfigs/packages.nix @@ -6,7 +6,7 @@ # By: tomoron +#+ +:+ +#+ # # +#+#+#+#+#+ +#+ # # Created: 2025/02/09 22:01:56 by tomoron #+# #+# # -# Updated: 2025/08/04 15:38:21 by tomoron ### ########.fr # +# Updated: 2025/09/02 23:33:04 by tomoron ### ########.fr # # # # **************************************************************************** # @@ -37,12 +37,12 @@ python3 vlc nix-index - dunst yubikey-manager bibata-cursors libcaca nasm nerd-fonts.iosevka compiledb + yubikey-personalization ]; } diff --git a/osConfigs/global.nix b/osConfigs/global.nix index 35de4b7..bbe4e9e 100644 --- a/osConfigs/global.nix +++ b/osConfigs/global.nix @@ -6,7 +6,7 @@ # By: tomoron +#+ +:+ +#+ # # +#+#+#+#+#+ +#+ # # Created: 2025/02/09 01:43:46 by tomoron #+# #+# # -# Updated: 2025/08/07 17:46:37 by tomoron ### ########.fr # +# Updated: 2025/09/02 17:30:10 by tomoron ### ########.fr # # # # **************************************************************************** # @@ -64,6 +64,11 @@ system.stateVersion = "24.05"; environment.etc.nixosFlakeName.text = "${flakeName}"; + services.journald.extraConfig = '' + SystemMaxUse=100M + SystemMaxFileSize=50M + ''; + hardware.logitech.wireless.enable = true; hardware.logitech.wireless.enableGraphical = true; } diff --git a/osConfigs/hosts/laptop.nix b/osConfigs/hosts/laptop.nix index 3ad192b..0979388 100644 --- a/osConfigs/hosts/laptop.nix +++ b/osConfigs/hosts/laptop.nix @@ -1,8 +1,24 @@ { config, pkgs, ... }: { - boot.initrd.luks.devices.cryptroot.device = "/dev/disk/by-uuid/a4593b01-069d-4a5d-a550-74a762b89b3f"; - boot.initrd.luks.devices.cryptroot.allowDiscards = true; + boot.initrd.luks.yubikeySupport = true; + boot.initrd.kernelModules = [ "vfat" "nls_cp437" "nls_iso8859-1" "usbhid" ]; + boot.initrd.luks.devices.cryptroot = { + device = "/dev/disk/by-uuid/a4593b01-069d-4a5d-a550-74a762b89b3f"; + allowDiscards = true; + #set up initial : https://wiki.nixos.org/wiki/Yubikey_based_Full_Disk_Encryption_(FDE)_on_NixOS + yubikey = { + twoFactor = false; + keyLength = 64; + saltLength = 32; + storage = { + device = "/dev/disk/by-uuid/BA5C-F216"; + path = "/default"; + }; + }; + }; + + boot.blacklistedKernelModules = [ "nvidia" "nvidia_drm" "nvidia_uvm" ]; mods.displayManager.enable = true; mods.virtualManager.enable = false; diff --git a/osConfigs/hosts/server.nix b/osConfigs/hosts/server.nix index a57eed1..32187b8 100644 --- a/osConfigs/hosts/server.nix +++ b/osConfigs/hosts/server.nix @@ -74,7 +74,6 @@ virtualisation.docker = { liveRestore = false; enableOnBoot = true; -# package = inputs.pkgs-docker-2750.legacyPackages."x86_64-linux".docker; # daemon.settings = { # runtimes.nvidia.path = "${pkgs.nvidia-docker}/bin/nvidia-container-runtime"; # exec-opts = ["native.cgroupdriver=cgroupfs"];