diff --git a/nixos/flake.lock b/nixos/flake.lock index b82d463..38320cc 100644 --- a/nixos/flake.lock +++ b/nixos/flake.lock @@ -25,16 +25,16 @@ ] }, "locked": { - "lastModified": 1758463745, - "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", + "lastModified": 1747688870, + "narHash": "sha256-ypL9WAZfmJr5V70jEVzqGjjQzF0uCkz+AFQF7n9NmNc=", "owner": "nix-community", "repo": "home-manager", - "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", + "rev": "d5f1f641b289553927b3801580598d200a501863", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-25.05", + "ref": "release-24.11", "repo": "home-manager", "type": "github" } @@ -62,26 +62,26 @@ }, "nixpkgs": { "locked": { - "lastModified": 1758589230, - "narHash": "sha256-zMTCFGe8aVGTEr2RqUi/QzC1nOIQ0N1HRsbqB4f646k=", + "lastModified": 1751274312, + "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d1d883129b193f0b495d75c148c2c3a7d95789a0", + "rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674", "type": "github" }, "original": { "id": "nixpkgs", - "ref": "nixos-25.05", + "ref": "nixos-24.11", "type": "indirect" } }, "nixpkgs-unstable": { "locked": { - "lastModified": 1758427187, - "narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=", + "lastModified": 1757745802, + "narHash": "sha256-hLEO2TPj55KcUFUU1vgtHE9UEIOjRcH/4QbmfHNF820=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "554be6495561ff07b6c724047bdd7e0716aa7b46", + "rev": "c23193b943c6c689d70ee98ce3128239ed9e32d1", "type": "github" }, "original": { @@ -104,11 +104,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1758594056, - "narHash": "sha256-6XyKDRWqBngw1g73e789iyIaw/0VF04ELk/ATtlkTVU=", + "lastModified": 1724283233, + "narHash": "sha256-XMPn6YHwFOJCGLE9M5F3AEFKA0u+maf8CpIEWmvaQTQ=", "owner": "ThinkChaos", "repo": "openconnect-sso", - "rev": "2041471efd331d0591d34e122aefb02690fb233a", + "rev": "94f1ddfef1662d56ede0a093bcfc3d23156bc1a1", "type": "github" }, "original": { @@ -174,11 +174,11 @@ ] }, "locked": { - "lastModified": 1758425756, - "narHash": "sha256-L3N8zV6wsViXiD8i3WFyrvjDdz76g3tXKEdZ4FkgQ+Y=", + "lastModified": 1758007585, + "narHash": "sha256-HYnwlbY6RE5xVd5rh0bYw77pnD8lOgbT4mlrfjgNZ0c=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e0fdaea3c31646e252a60b42d0ed8eafdb289762", + "rev": "f77d4cfa075c3de66fc9976b80e0c4fc69e2c139", "type": "github" }, "original": { @@ -265,11 +265,11 @@ ] }, "locked": { - "lastModified": 1758600385, - "narHash": "sha256-lRK96/otQ9JAkrjYFkK8sKloujhZ+eS3RFFerMdEKAg=", + "lastModified": 1757304371, + "narHash": "sha256-EZ3Vwgh5xgXuiPUmr9e1a9dEu3hvEWhRurAKpsAwB2A=", "owner": "youwen5", "repo": "zen-browser-flake", - "rev": "8fdac24a43e541c644ea26b48ff886533d367155", + "rev": "3968348af022fe88468ef8de4f9683076e2e5e4b", "type": "github" }, "original": { diff --git a/nixos/flake.nix b/nixos/flake.nix index 60e1025..80814dc 100644 --- a/nixos/flake.nix +++ b/nixos/flake.nix @@ -2,12 +2,12 @@ description = "System configuration of my machines using flakes"; inputs = { - nixpkgs.url = "nixpkgs/nixos-25.05"; + nixpkgs.url = "nixpkgs/nixos-24.11"; nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; flake-utils.url = "github:numtide/flake-utils"; home-manager = { - url = "github:nix-community/home-manager/release-25.05"; + url = "github:nix-community/home-manager/release-24.11"; inputs.nixpkgs.follows = "nixpkgs"; }; openconnect-sso = { @@ -71,11 +71,11 @@ }; modules = [ + home-manager.nixosModule + sops-nix.nixosModules.sops + ./modules ./users - - home-manager.nixosModules.home-manager - sops-nix.nixosModules.sops ]; }; @@ -83,7 +83,6 @@ Tibo-NixDesk.modules = [ ./hosts/Tibo-NixDesk ]; Tibo-NixFat.modules = [ ./hosts/Tibo-NixFat ]; Tibo-NixTest.modules = [ ./hosts/Tibo-NixTest ]; - Tibo-NixTop.modules = [ ./hosts/Tibo-NixTop ]; }; }; } diff --git a/nixos/hosts/Tibo-NixTop/default.nix b/nixos/hosts/Tibo-NixTop/default.nix deleted file mode 100644 index 5de8df4..0000000 --- a/nixos/hosts/Tibo-NixTop/default.nix +++ /dev/null @@ -1,193 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page, on -# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - -{ config, lib, pkgs, ... }: - -{ - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; - - sisyphus = { - desktop.hyprland.enable = true; - - hardware = { - eid.enable = true; - nvidia = { - enable = true; - model = "Quadro T2000"; - }; - yubikey.enable = true; - }; - - networking = { - networkmanager.enable = true; - openconnect-sso.enable = true; - }; - - nix = { - flakes.enable = true; - gc.onFull.enable = true; - }; - - programs = { - direnv.enable = true; - home-manager.enable = true; - sops.enable = true; - ssh.enable = true; - }; - - services = { - pipewire.enable = true; - tailscale.enable = true; - }; - - users.tdpeuter.enable = true; - - virtualisation = { - docker.enable = true; - virtualbox.enable = true; - }; - }; - - boot = { - initrd = { - # Use EFI and YubiKey - kernelModules = [ "vfat" "nls_cp437" "nls_iso8859-1" "usbhid" ]; - - luks = { - # Enable YubiKey PBA - yubikeySupport = true; - devices."encrypted".yubikey = { - slot = 2; - twoFactor = false; - gracePeriod = 10; - keyLength = 64; - saltLength = 16; - storage.device = "/dev/nvme0n1p1"; - }; - }; - }; - - loader = { - # Use the systemd-boot EFI boot loader. - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - - # Use latest kernel. - kernelPackages = pkgs.linuxPackages_latest; - }; - - hardware.bluetooth = { - enable = true; - powerOnBoot = false; - }; - - programs.zsh.enable = true; - - services = { - auto-cpufreq = { - enable = true; - settings = { - battery = { - governor = "powersave"; - turbo = "never"; - }; - charger = { - governor = "performance"; - turbo = "auto"; - }; - }; - }; - - logind = { - # Handle the laptop lid switch as follows: - lidSwitch = "hybrid-sleep"; - lidSwitchExternalPower = "lock"; - lidSwitchDocked = "ignore"; - - # Handle the power key - powerKey = "suspend"; - }; - - - power-profiles-daemon.enable = false; - - thermald.enable = true; - - xserver = { - # Keyboard layout - xkb = { - layout = "us"; - variant = "altgr-intl"; - }; - }; - - # Touchpad - libinput.enable = true; - }; - - networking = { - hostName = "Tibo-NixTop"; # Define your hostname. - }; - - # Set your time zone. - time.timeZone = "Europe/Brussels"; - - # Select internationalisation properties. - i18n = { - defaultLocale = "en_GB.UTF-8"; # LANG - extraLocaleSettings.LC_TIME = "nl_BE.UTF-8"; - }; - - console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - useXkbConfig = true; # use xkb.options in tty. - }; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable touchpad support (enabled default in most desktopManager). - # services.libinput.enable = true; - - # List packages installed in system profile. - # You can use https://search.nixos.org/ to find more packages (and options). - environment = { - # Enabled to allow installed binaries in ~/.local/bin - localBinInPath = true; - - systemPackages = with pkgs; [ - git - vim-full # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - w3m - wget - zenith-nvidia - ]; - }; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "25.05"; # Did you read the comment? - -} - diff --git a/nixos/hosts/Tibo-NixTop/hardware-configuration.nix b/nixos/hosts/Tibo-NixTop/hardware-configuration.nix deleted file mode 100644 index ac27dba..0000000 --- a/nixos/hosts/Tibo-NixTop/hardware-configuration.nix +++ /dev/null @@ -1,41 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/e759b10f-7949-4094-9272-d91340dcc5b6"; - fsType = "ext4"; - }; - - boot.initrd.luks.devices."encrypted".device = "/dev/disk/by-uuid/2b6586fa-8823-4add-94f3-132aab17b7b8"; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/12CE-A600"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eno2.useDHCP = lib.mkDefault true; - # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/nixos/modules/desktop/gnome/default.nix b/nixos/modules/desktop/gnome/default.nix index 2ce218c..e522780 100644 --- a/nixos/modules/desktop/gnome/default.nix +++ b/nixos/modules/desktop/gnome/default.nix @@ -6,30 +6,54 @@ in { options.sisyphus.desktop.gnome.enable = lib.mkEnableOption "GNOME"; config = lib.mkIf cfg.enable { - services = { - gnome = { - core-apps.enable = false; - core-developer-tools.enable = false; - core-shell.enable = true; - }; + services.xserver = { + enable = true; - xserver = { - enable = true; + excludePackages = with pkgs; [ + xterm + ]; - excludePackages = with pkgs; [ - xterm - ]; - - displayManager.gdm.enable = true; - desktopManager.gnome.enable = true; - - videoDrivers = [ "nvidia" ]; - }; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; }; # Start a new instance of application instead of going to that window. environment.systemPackages = with pkgs.gnomeExtensions; [ launch-new-instance ]; + + # Do not use these packages + environment.gnome.excludePackages = (with pkgs; [ + baobab + epiphany # Web browser + evince # Document viewer + gnome-connections # Remote desktop client + gnome-console + gnome-photos + gnome-text-editor + gnome-tour + loupe # Image viewer + snapshot # Camera + ]) ++ (with pkgs.gnome; [ + eog # Image viewer + file-roller # Archive manager + geary # Mail client + gedit + gnome-calculator + gnome-calendar + gnome-characters + gnome-clocks + gnome-contacts + gnome-disk-utility + gnome-font-viewer + gnome-logs + gnome-maps + gnome-music + gnome-system-monitor + gnome-weather + simple-scan + totem # Movie player + yelp # Help viewer + ]); }; } diff --git a/nixos/modules/desktop/hyprland/default.nix b/nixos/modules/desktop/hyprland/default.nix index 73ace5d..f4ee140 100644 --- a/nixos/modules/desktop/hyprland/default.nix +++ b/nixos/modules/desktop/hyprland/default.nix @@ -23,8 +23,6 @@ in { waycorner wlsunset wl-clipboard # Copying to system clipboard in vim - wl-mirror # Mirror an output - wdisplays # Tool to configure displays glib @@ -47,9 +45,9 @@ in { }; services = { - dbus.enable = true; displayManager.ly.enable = true; gnome.gnome-keyring.enable = true; + power-profiles-daemon.enable = true; xserver.videoDrivers = [ "nvidia" ]; }; }; diff --git a/nixos/modules/virtualisation/virtualbox/default.nix b/nixos/modules/virtualisation/virtualbox/default.nix index 4d5ee2c..a86ada5 100644 --- a/nixos/modules/virtualisation/virtualbox/default.nix +++ b/nixos/modules/virtualisation/virtualbox/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs-unstable, ... }: +{ config, lib, pkgs, ... }: let cfg = config.sisyphus.virtualisation.virtualbox; @@ -11,7 +11,6 @@ in { enable = true; enableExtensionPack = true; enableHardening = true; - package = pkgs-unstable.virtualbox; }; guest = { enable = true; @@ -21,12 +20,6 @@ in { }; }; - - # https://www.virtualbox.org/ticket/22248#comment:1 - # and - # https://github.com/NixOS/nixpkgs/pull/444438 - boot.kernelParams = [ "kvm.enable_virt_at_load=0" ]; - # Define the group users.groups.vboxusers = {}; diff --git a/nixos/overlays/spotify/default.nix b/nixos/overlays/spotify/default.nix index 84be4da..fc77396 100644 --- a/nixos/overlays/spotify/default.nix +++ b/nixos/overlays/spotify/default.nix @@ -9,7 +9,7 @@ final: prev: { sha256 = "sha256-UzpHAHpQx2MlmBNKm2turjeVmgp5zXKWm3nZbEo0mYE="; }; - cargoHash = "sha256-oGpe+kBf6kBboyx/YfbQBt1vvjtXd1n2pOH6FNcbF8M="; + cargoHash = "sha256-oHfk68mAIcmOenW7jn71Xpt8hWVDtxyInWhVN2rH+kk="; buildInputs = with final; [ cargo diff --git a/nixos/users/tdpeuter/dotfiles.nix b/nixos/users/tdpeuter/dotfiles.nix index 53d0e4d..d56b93e 100644 --- a/nixos/users/tdpeuter/dotfiles.nix +++ b/nixos/users/tdpeuter/dotfiles.nix @@ -78,13 +78,14 @@ in { source = ../../../stow/zellij/.config/zellij; }; ".gnupg" = { - inherit (config.programs.gnupg.agent) enable; + enable = false; + # inherit (config.programs.gnupg.agent) enable; # TODO Enable Me source = ../../../stow/gnupg/.gnupg; recursive = true; - onChange = '' - chmod 700 /home/tdpeuter/.gnupg - # chmod 600 /home/tdpeuter/.gnupg/* # Already read-only? - ''; +# onChange = '' +# chmod 700 /home/tdpeuter/.gnupg +# chmod 600 /home/tdpeuter/.gnupg/* +# ''; }; ".ssh/config" = lib.mkIf config.sisyphus.programs.ssh.enable { inherit (config.sisyphus.programs.ssh) enable; @@ -103,10 +104,12 @@ in { } (lib.mkIf (config.users.users.tdpeuter.shell == pkgs.zsh) { ".oh-my-zsh" = { + enable = config.users.users.tdpeuter.shell == pkgs.zsh; source = "${pkgs.oh-my-zsh}/share/oh-my-zsh"; recursive = true; }; ".oh-my-zsh/themes/tdpeuter.zsh-theme" = { + enable = config.users.users.tdpeuter.shell == pkgs.zsh; source = ../../../stow/zsh/.oh-my-zsh/themes/tdpeuter.zsh-theme; }; ".zshrc" = { diff --git a/nixos/users/tdpeuter/firefox.nix b/nixos/users/tdpeuter/firefox.nix index 09cd1d6..b24a25b 100644 --- a/nixos/users/tdpeuter/firefox.nix +++ b/nixos/users/tdpeuter/firefox.nix @@ -14,7 +14,6 @@ in { nativeMessagingHosts = with pkgs; [ tridactyl-native ]; - # https://mozilla.github.io/policy-templates/ extraPolicies = { DisableFirefoxStudies = true; DisablePocket = true; @@ -27,20 +26,7 @@ in { # https://discourse.nixos.org/t/declare-firefox-extensions-and-settings/36265 ExtensionSettings = { - "amazon@search.mozilla.org".installation_mode = "blocked"; - "google@search.mozilla.org".installation_mode = "blocked"; - }; - - # Anything in about:config - Preferences = { - "browser.newtabpage.activity-stream.showSponsoredCheckboxes" = { - Value = false; - Status = "locked"; - }; - "browser.newtabpage.pinned" = { - Value = "[]"; - Status = "default"; - }; + "amazom@search.mozilla.org".installation_mode = "blocked"; }; }; @@ -56,24 +42,12 @@ in { ]; profiles.tdpeuter.search= { - default = "ddg"; # Reference by id instead of by name + default = "DuckDuckGo"; force = true; engines = { - "bing".metaData.hidden = true; - "ebay".metaData.hidden = true; + "Bing".metaData.hidden = true; + "eBay".metaData.hidden = true; - "GitHub" = { - urls = [{ - template = "https://github.com/search"; - params = [ - { name = "q"; value = "{searchTerms}"; } - { name = "type"; value = "repositories"; } - ]; - }]; - - icon = "${pkgs.icosystem}/share/icons/icosystem/scalable/apps/github-mark.svg"; - definedAliases = [ "@gh" ]; - }; "Nix Packages" = { urls = [{ template = "https://search.nixos.org/packages"; @@ -97,6 +71,18 @@ in { icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; definedAliases = [ "@no" ]; }; + "GitHub" = { + urls = [{ + template = "https://github.com/search"; + params = [ + { name = "q"; value = "{searchTerms}"; } + { name = "type"; value = "repositories"; } + ]; + }]; + + icon = "${pkgs.icosystem}/share/icons/icosystem/scalable/apps/github-mark.svg"; + definedAliases = [ "@gh" ]; + }; }; }; };