tom/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 38 Wiki Activity

add yubikey to unlock FDE on laptop; update flake; minor wayland changes
All checks were successful
Build iso when a new version is pushed / test (push) Successful in 2m38s
Details

Browse Source
This commit is contained in:
tomoron
2025-09-04 15:17:30 +02:00
parent 1e46d42f27
commit e13360f793
11 changed files with 113 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Makefile
View File

@ -22,5 +22,10 @@ iso :
rm -rf result rm -rf result
cleanup : cleanup :
sudo nix-collect-garbage -d --delete-older-than 1d sudo nix-env --delete-generations +1 --profile /nix/var/nix/profiles/system
nix-env --delete-generations +1 --profile ~/.local/state/nix/profiles/home-manager
nix-env --delete-generations +1
sudo nix-collect-garbage -d
optimise :
nix-store --optimize -vv nix-store --optimize -vv

95
flake.lock generated
View File

@ -1,5 +1,23 @@
{ {
"nodes": { "nodes": {
"catppuccin": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1756741629,
"narHash": "sha256-n+mgH3NoQf8d1jd8cDp/9Mt++hhyuE3LO3ZAxzjWRZw=",
"owner": "catppuccin",
"repo": "nix",
"rev": "cd22197da06df1eb6fabdaa2fc22c170c4f67382",
"type": "github"
},
"original": {
"owner": "catppuccin",
"repo": "nix",
"type": "github"
}
},
"firefox-addons": { "firefox-addons": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -8,11 +26,11 @@
}, },
"locked": { "locked": {
"dir": "pkgs/firefox-addons", "dir": "pkgs/firefox-addons",
"lastModified": 1756353808, "lastModified": 1756958609,
"narHash": "sha256-JkCqOE0kjWbT7GnXgngL+baLF/OeeVfPCh71HXfRh6g=", "narHash": "sha256-1nRGsnPZjOubRTsXEsnJqWlLsgo/Xq7tN7PWK57dFDQ=",
"owner": "rycee", "owner": "rycee",
"repo": "nur-expressions", "repo": "nur-expressions",
"rev": "e47914363ccacc95994b567966d7fa1e25dd85ec", "rev": "b2a4e1bc62946403f82594ab9550ac13a1afa4df",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
@ -29,11 +47,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1756261190, "lastModified": 1756954499,
"narHash": "sha256-eiy0klFK5EVJLNilutR7grsZN/7Itj9DyD75eyOf83k=", "narHash": "sha256-Pg4xBHzvzNY8l9x/rLWoJMnIR8ebG+xeU+IyqThIkqU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "77f348da3176dc68b20a73dab94852a417daf361", "rev": "ed1a98c375450dfccf427adacd2bfd1a7b22eb25",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -44,11 +62,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1756245047, "lastModified": 1756925795,
"narHash": "sha256-9bHzrVbjAudbO8q4vYFBWlEkDam31fsz0J7GB8k4AsI=", "narHash": "sha256-kUb5hehaikfUvoJDEc7ngiieX88TwWX/bBRX9Ar6Tac=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "a65b650d6981e23edd1afa1f01eb942f19cdcbb7", "rev": "ba6fab29768007e9f2657014a6e134637100c57d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -62,11 +80,27 @@
"locked": { "locked": {
"lastModified": 1756266583, "lastModified": 1756266583,
"narHash": "sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM=", "narHash": "sha256-cr748nSmpfvnhqSXPiCfUPxRz2FJnvf/RjJGvFfaCsM=",
"owner": "nixos", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "8a6d5427d99ec71c64f0b93d45778c889005d9c2", "rev": "8a6d5427d99ec71c64f0b93d45778c889005d9c2",
"type": "github" "type": "github"
}, },
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1756787288,
"narHash": "sha256-rw/PHa1cqiePdBxhF66V7R+WAP8WekQ0mCDG4CFqT8Y=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d0fc30899600b9b3466ddb260fd83deb486c32f1",
"type": "github"
},
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-unstable", "ref": "nixos-unstable",
@ -74,50 +108,13 @@
"type": "github" "type": "github"
} }
}, },
"pkgs-docker-2750": {
"locked": {
"lastModified": 1737525964,
"narHash": "sha256-3wFonKmNRWKq1himW9N3TllbeGIHFACI5vmLpk6moF8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5757bbb8bd7c0630a0cc4bb19c47e588db30b97c",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5757bbb8bd7c0630a0cc4bb19c47e588db30b97c",
"type": "github"
}
},
"plymouth-theme-ycontre-glow": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1731939263,
"narHash": "sha256-mLwLR5dEJTvtqJU/lvo9f8c3/xIFPOpXlPF3JsJtnHo=",
"ref": "refs/heads/master",
"rev": "702e7b014ef6cf748252e797724e4096bafcaafa",
"revCount": 1,
"type": "git",
"url": "file:///home/tom/desktop/bordel/ycontre-glow"
},
"original": {
"type": "git",
"url": "file:///home/tom/desktop/bordel/ycontre-glow"
}
},
"root": { "root": {
"inputs": { "inputs": {
"catppuccin": "catppuccin",
"firefox-addons": "firefox-addons", "firefox-addons": "firefox-addons",
"home-manager": "home-manager", "home-manager": "home-manager",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs_2"
"pkgs-docker-2750": "pkgs-docker-2750",
"plymouth-theme-ycontre-glow": "plymouth-theme-ycontre-glow"
} }
} }
}, },

18
flake.nix
View File

@ -6,7 +6,7 @@
# By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ # # By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ #
# +#+#+#+#+#+ +#+ # # +#+#+#+#+#+ +#+ #
# Created: 2024/10/17 18:15:24 by tomoron #+# #+# # # Created: 2024/10/17 18:15:24 by tomoron #+# #+# #
# Updated: 2025/04/13 13:35:56 by tomoron ### ########.fr # # Updated: 2025/08/30 19:38:12 by tomoron ### ########.fr #
# # # #
# **************************************************************************** # # **************************************************************************** #
@ -15,6 +15,7 @@
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
catppuccin.url = "github:catppuccin/nix";
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -26,21 +27,20 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
plymouth-theme-ycontre-glow = { #plymouth-theme-ycontre-glow = {
url = "git+file:///home/tom/desktop/bordel/ycontre-glow"; # url = "git+file:///home/tom/desktop/bordel/ycontre-glow";
inputs.nixpkgs.follows = "nixpkgs"; # inputs.nixpkgs.follows = "nixpkgs";
}; #};
pkgs-docker-2750.url = "github:NixOS/nixpkgs?rev=5757bbb8bd7c0630a0cc4bb19c47e588db30b97c";
}; };
outputs = { nixpkgs, home-manager, nixos-hardware, ... }@inputs: outputs = { nixpkgs, catppuccin, home-manager, nixos-hardware, ... }@inputs:
let let
pkgs = import nixpkgs { system = "x86_64-linux"; config.allowUnfree = true; }; pkgs = import nixpkgs { system = "x86_64-linux"; config.allowUnfree = true; };
osConfig = {flakeName, extraModules ? []}: nixpkgs.lib.nixosSystem { osConfig = {flakeName, extraModules ? []}: nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs; flakeName = flakeName; }; specialArgs = { inherit inputs; flakeName = flakeName; };
modules = nixpkgs.lib.concatLists [ modules = nixpkgs.lib.concatLists [
[./osConfigs/global.nix ./osConfigs/hosts/${flakeName}.nix ] [./osConfigs/global.nix ./osConfigs/hosts/${flakeName}.nix catppuccin.nixosModules.catppuccin]
extraModules extraModules
]; ];
}; };
@ -49,7 +49,7 @@
inherit pkgs; inherit pkgs;
extraSpecialArgs = { inherit inputs; username = username; homeDir = homeDir; isOs = false; }; extraSpecialArgs = { inherit inputs; username = username; homeDir = homeDir; isOs = false; };
modules = nixpkgs.lib.concatLists [ modules = nixpkgs.lib.concatLists [
[ ./homeConfigs/home.nix ./homeConfigs/hosts/${flakeName}.nix] [ ./homeConfigs/home.nix ./homeConfigs/hosts/${flakeName}.nix catppuccin.homeModules.catppuccin ]
extraModules extraModules
]; ];
}; };

17
homeConfigs/home.nix
View File

@ -6,7 +6,7 @@
# By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ # # By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ #
# +#+#+#+#+#+ +#+ # # +#+#+#+#+#+ +#+ #
# Created: 2024/10/17 18:15:38 by tomoron #+# #+# # # Created: 2024/10/17 18:15:38 by tomoron #+# #+# #
# Updated: 2025/05/12 12:35:00 by tomoron ### ########.fr # # Updated: 2025/08/30 20:34:23 by tomoron ### ########.fr #
# # # #
# **************************************************************************** # # **************************************************************************** #
@ -39,7 +39,7 @@
gtk = { gtk = {
enable = true; enable = true;
theme = { package = pkgs.flat-remix-gtk; name = "Flat-Remix-GTK-Grey-Darkest"; }; theme = { package = pkgs.flat-remix-gtk; name = "Flat-Remix-GTK-Grey-Darkest"; };
iconTheme = { package = pkgs.adwaita-icon-theme; name = "Adwaita"; }; # iconTheme = { package = pkgs.adwaita-icon-theme; name = "Adwaita"; };
font = { name = "Sans"; size = 11; }; font = { name = "Sans"; size = 11; };
}; };
@ -78,5 +78,18 @@
# ".local/bin/desk_sync".source = dotfiles/local/bin/desk_sync; # ".local/bin/desk_sync".source = dotfiles/local/bin/desk_sync;
}; };
services.dunst.enable = true;
programs.home-manager.enable = true; programs.home-manager.enable = true;
qt.style.name = "kvantum";
catppuccin.kvantum.apply = true;
catppuccin = {
enable = true;
flavor = "mocha";
dunst.enable = true;
dunst.flavor="frappe";
};
} }

3
homeConfigs/modules/alacritty.nix
View File

@ -8,10 +8,11 @@
}; };
config = lib.mkIf config.mods.alacritty.enable { config = lib.mkIf config.mods.alacritty.enable {
catppuccin.alacritty.enable = true;
programs.alacritty = { programs.alacritty = {
enable = true; enable = true;
settings = { settings = {
window.opacity = 0.95; # window.opacity = 0.95;
env.XTERM = "xterm-256color"; env.XTERM = "xterm-256color";
font.size = 9; font.size = 9;
}; };

2
homeConfigs/modules/firefox.nix
View File

@ -8,11 +8,13 @@
}; };
config = lib.mkIf config.mods.firefox.enable { config = lib.mkIf config.mods.firefox.enable {
catppuccin.firefox.enable = true;
programs.firefox = { programs.firefox = {
enable = lib.mkDefault true; enable = lib.mkDefault true;
profiles.default = { profiles.default = {
extensions.packages = with inputs.firefox-addons.packages."x86_64-linux"; extensions.packages = with inputs.firefox-addons.packages."x86_64-linux";
[vimium ublock-origin]; [vimium ublock-origin];
extensions.force = true;
}; };
}; };
}; };

13
homeConfigs/modules/wayland/hyprland.nix
View File

@ -16,6 +16,7 @@
" , Print, exec, grim -t png -g \"$(slurp)\" /dev/stdout | tee ~/screenshots/$(date +%Y-%m-%d_%H-%m-%s).png | wl-copy -t image/png" " , Print, exec, grim -t png -g \"$(slurp)\" /dev/stdout | tee ~/screenshots/$(date +%Y-%m-%d_%H-%m-%s).png | wl-copy -t image/png"
"$mainMod, Return, exec, alacritty" "$mainMod, Return, exec, alacritty"
"CTRL_ALT, Q, killactive," "CTRL_ALT, Q, killactive,"
"CTRL_ALT_SHIFT, Q, forcekillactive,"
"SUPER_ALT, Q, exit," "SUPER_ALT, Q, exit,"
"$mainMod, S, togglefloating," "$mainMod, S, togglefloating,"
"$mainMod, I, pin," "$mainMod, I, pin,"
@ -64,12 +65,12 @@
"$mainMod, mouse_up, workspace, e-1" "$mainMod, mouse_up, workspace, e-1"
]; ];
bindm = [ bindm = [ #bind mouse
"$mainMod, mouse:272, movewindow" "$mainMod, mouse:272, movewindow"
"$mainMod, mouse:273, resizewindow" "$mainMod, mouse:273, resizewindow"
]; ];
bindel = [ bindel = [ #repeat and locked
" ,XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+" " ,XF86AudioRaiseVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%+"
" ,XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-" " ,XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-"
" ,XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle" " ,XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle"
@ -80,7 +81,7 @@
" ,XF86KbdBrightnessDown, exec, asusctl -p" " ,XF86KbdBrightnessDown, exec, asusctl -p"
]; ];
bindl = [ bindl = [ #repeat
" , XF86AudioNext, exec, playerctl next" " , XF86AudioNext, exec, playerctl next"
" , XF86AudioPrev, exec, playerctl previous" " , XF86AudioPrev, exec, playerctl previous"
" , XF86AudioPause, exec, playerctl play-pause" " , XF86AudioPause, exec, playerctl play-pause"
@ -152,9 +153,9 @@
}; };
general = { general = {
gaps_in = 3; gaps_in = 2;
gaps_out = 7; gaps_out = 5;
border_size = 2; border_size = 1;
"col.active_border" = "rgba(33ccffee) rgba(00ff99ee) 45deg"; "col.active_border" = "rgba(33ccffee) rgba(00ff99ee) 45deg";
"col.inactive_border" = "rgba(595959aa)"; "col.inactive_border" = "rgba(595959aa)";
resize_on_border = false; resize_on_border = false;

4
homeConfigs/packages.nix
View File

@ -6,7 +6,7 @@
# By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ # # By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ #
# +#+#+#+#+#+ +#+ # # +#+#+#+#+#+ +#+ #
# Created: 2025/02/09 22:01:56 by tomoron #+# #+# # # Created: 2025/02/09 22:01:56 by tomoron #+# #+# #
# Updated: 2025/08/04 15:38:21 by tomoron ### ########.fr # # Updated: 2025/09/02 23:33:04 by tomoron ### ########.fr #
# # # #
# **************************************************************************** # # **************************************************************************** #
@ -37,12 +37,12 @@
python3 python3
vlc vlc
nix-index nix-index
dunst
yubikey-manager yubikey-manager
bibata-cursors bibata-cursors
libcaca libcaca
nasm nasm
nerd-fonts.iosevka nerd-fonts.iosevka
compiledb compiledb
yubikey-personalization
]; ];
} }

7
osConfigs/global.nix
View File

@ -6,7 +6,7 @@
# By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ # # By: tomoron <tomoron@student.42angouleme.fr> +#+ +:+ +#+ #
# +#+#+#+#+#+ +#+ # # +#+#+#+#+#+ +#+ #
# Created: 2025/02/09 01:43:46 by tomoron #+# #+# # # Created: 2025/02/09 01:43:46 by tomoron #+# #+# #
# Updated: 2025/08/07 17:46:37 by tomoron ### ########.fr # # Updated: 2025/09/02 17:30:10 by tomoron ### ########.fr #
# # # #
# **************************************************************************** # # **************************************************************************** #
@ -64,6 +64,11 @@
system.stateVersion = "24.05"; system.stateVersion = "24.05";
environment.etc.nixosFlakeName.text = "${flakeName}"; environment.etc.nixosFlakeName.text = "${flakeName}";
services.journald.extraConfig = ''
SystemMaxUse=100M
SystemMaxFileSize=50M
'';
hardware.logitech.wireless.enable = true; hardware.logitech.wireless.enable = true;
hardware.logitech.wireless.enableGraphical = true; hardware.logitech.wireless.enableGraphical = true;
} }

20
osConfigs/hosts/laptop.nix
View File

@ -1,8 +1,24 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
boot.initrd.luks.devices.cryptroot.device = "/dev/disk/by-uuid/a4593b01-069d-4a5d-a550-74a762b89b3f"; boot.initrd.luks.yubikeySupport = true;
boot.initrd.luks.devices.cryptroot.allowDiscards = true; boot.initrd.kernelModules = [ "vfat" "nls_cp437" "nls_iso8859-1" "usbhid" ];
boot.initrd.luks.devices.cryptroot = {
device = "/dev/disk/by-uuid/a4593b01-069d-4a5d-a550-74a762b89b3f";
allowDiscards = true;
#set up initial : https://wiki.nixos.org/wiki/Yubikey_based_Full_Disk_Encryption_(FDE)_on_NixOS
yubikey = {
twoFactor = false;
keyLength = 64;
saltLength = 32;
storage = {
device = "/dev/disk/by-uuid/BA5C-F216";
path = "/default";
};
};
};
boot.blacklistedKernelModules = [ "nvidia" "nvidia_drm" "nvidia_uvm" ];
mods.displayManager.enable = true; mods.displayManager.enable = true;
mods.virtualManager.enable = false; mods.virtualManager.enable = false;

1
osConfigs/hosts/server.nix
View File

@ -74,7 +74,6 @@
virtualisation.docker = { virtualisation.docker = {
liveRestore = false; liveRestore = false;
enableOnBoot = true; enableOnBoot = true;
# package = inputs.pkgs-docker-2750.legacyPackages."x86_64-linux".docker;
# daemon.settings = { # daemon.settings = {
# runtimes.nvidia.path = "${pkgs.nvidia-docker}/bin/nvidia-container-runtime"; # runtimes.nvidia.path = "${pkgs.nvidia-docker}/bin/nvidia-container-runtime";
# exec-opts = ["native.cgroupdriver=cgroupfs"]; # exec-opts = ["native.cgroupdriver=cgroupfs"];