Archived
1
0
This commit is contained in:
Gürkan 2021-06-25 13:49:04 +02:00
commit 42f085e9ff
48 changed files with 2248 additions and 0 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
secrets.nix
websites.nix

42
configuration.nix Normal file
View File

@ -0,0 +1,42 @@
{ config, pkgs, options, lib, ... }:
{
imports =
[
# This has to be manually symlinked per host
/etc/nixos/special.nix
];
# When there is a false positive
# nixpkgs.config.allowBroken = true;
i18n = {
defaultLocale = "en_DK.UTF-8";
};
time.timeZone = "Europe/Berlin";
boot = {
tmpOnTmpfs = true;
kernel.sysctl = {
"kernel.pty.max" = 24000;
"kernel.sysrq" = 1;
"vm.swappiness" = 10;
};
cleanTmpDir = true;
};
services = {
journald.extraConfig = ''
SystemMaxUse=1G
'';
};
nix = {
# package = pkgs.nixFlakes;
extraOptions = ''
keep-outputs = true
keep-derivations = true
# experimental-features = nix-command flakes
'';
};
}

91
machines/innixos.nix Normal file
View File

@ -0,0 +1,91 @@
{ config, lib, pkgs, ... }:
{
networking.hostName = "innixos";
imports = [
../modules/laptop/common.nix
];
boot = {
# @Reference if you want to modify kernel
# kernelPatches = [{
# name = "enable-kmemleak";
# patch = null;
# extraConfig = ''
# DEBUG_KMEMLEAK y
# '';
#}];
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [
"video=eDP-1:1920x1080@60"
];
kernelModules = [
"acpi_call"
"i2c-dev"
"ddcci"
"ddcci-backlight"
];
extraModulePackages = with config.boot.kernelPackages; [
acpi_call
tp_smapi
ddcci-driver
];
initrd = {
luks.devices."nixcrypt" = {
device = "/dev/disk/by-uuid/d68365d0-19c8-4cb0-b891-1dd09ab3d558";
allowDiscards = true;
};
availableKernelModules = [
"acpi_call"
"ahci"
"battery"
"i915"
"rtsx_pci_sdmmc"
"sd_mod"
"thinkpad_acpi"
"tp_smapi"
"usb_storage"
"usbhid"
"xhci_pci"
];
};
loader.grub.device = "/dev/sda";
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/3201a948-6b32-4dba-9033-7c9ea039922e";
fsType = "btrfs";
options = [
"noatime"
"nodiratime"
"compress-force=zstd:2"
];
};
"/boot" = {
device = "/dev/disk/by-uuid/3311203b-d097-4b83-9afa-29e864775815";
fsType = "ext2";
};
};
nix.maxJobs = lib.mkDefault 8;
hardware.cpu.intel.updateMicrocode = true;
system.stateVersion = "19.03";
services = {
xserver.videoDrivers = [ "intel" ];
printing.drivers = [ pkgs.hplipWithPlugin ];
};
}

104
machines/innodellix.nix Normal file
View File

@ -0,0 +1,104 @@
{ config, lib, pkgs, modulesPath, ... }:
let
secrets = import ../modules/secrets.nix;
in
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
../modules/laptop/common.nix
];
# Use the systemd-boot EFI boot loader.
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
networking.hostName = "innodellix";
system.stateVersion = "20.09";
boot = {
initrd = {
availableKernelModules = [
"ahci"
"battery"
"i915"
"nvme"
"rtsx_pci_sdmmc"
"sd_mod"
"usb_storage"
"xhci_pci"
];
luks.devices = {
root = {
preLVM = true;
device = "/dev/nvme0n1p2";
};
};
};
kernelModules = [ "kvm-intel" "i915" ];
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [
"i915.enable_fbc=1"
"i915.enable_guc=2"
"i915.modeset=1"
"video=eDP-1:1920x1200@60"
];
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/5474a12e-4fcb-44cb-9107-e7f333392836";
fsType = "btrfs";
options = [
"noatime"
"nodiratime"
"discard"
];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/B74E-E1F3";
fsType = "vfat";
};
swapDevices = [
{
device = "/dev/mapper/vg0-swap";
size = 8191;
}
];
powerManagement = {
cpuFreqGovernor = lib.mkDefault "powersave";
# Disable hid driver (gyro/accel) while sleeping
powerDownCommands = ''
${pkgs.kmod}/bin/modprobe -r intel_hid
'';
resumeCommands = ''
${pkgs.kmod}/bin/modprobe intel_hid
'';
};
hardware = {
video.hidpi.enable = lib.mkDefault true;
sensor.iio.enable = true;
};
services = {
printing.drivers = [ pkgs.hplipWithPlugin ];
};
environment.etc = {
"NetworkManager/system-connections/VPN-af.nmconnection" = {
mode = "0600";
text = secrets.afVpnConnectionConf;
};
"NetworkManager/system-connections/VPN-aw.nmconnection" = {
mode = "0600";
text = secrets.awVpnConnectionConf;
};
};
}

112
machines/nixosis.nix Normal file
View File

@ -0,0 +1,112 @@
{ config, lib, pkgs, ... }:
let
baseconfig = { allowUnfree = true; };
unstable = import (
fetchTarball https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz
) { config = baseconfig; };
in
{
networking.hostName = "nixosis";
imports = [
../modules/laptop/common.nix
];
boot = {
kernelModules = [ "kvm-intel" ];
kernelPackages = unstable.linuxPackages_latest;
kernelParams = [ "video.report_key_events=0 video=eDP-1:1920x1080@48" ];
extraModprobeConfig = ''
options ath10k_core skip_otp=y
'';
initrd = {
availableKernelModules = [
"ahci"
"ehci_pci"
"i915"
"rtsx_pci_sdmmc"
"sd_mod"
"usb_storage"
"xhci_pci"
];
luks.devices."nixos" = {
device = "/dev/disk/by-uuid/342a3bc9-ad42-48e8-ac63-f593e15ed796";
allowDiscards = true;
};
};
loader = {
efi.canTouchEfiVariables = true;
systemd-boot = {
enable = true;
consoleMode = "auto";
};
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/aa5c5d6a-ff10-4ffd-bf87-a4e7140ae32f";
fsType = "btrfs";
options = [
"noatime"
"nodiratime"
"compress-force=zstd:2"
];
};
"/boot" = {
device = "/dev/disk/by-uuid/19A6-F429";
fsType = "vfat";
};
};
nix.maxJobs = lib.mkDefault 8;
hardware = {
cpu.intel.updateMicrocode = true;
# bumblebee.enable = true;
};
system.stateVersion = "19.03";
# Because ACPI is a pile of shit and MSI is the fly buzzing around it
systemd.services."fuck-msi-shit-lid"= {
enable = true;
wantedBy = [
"multi-user.target"
"graphical-session.target"
];
description = "Probing the LID state like a MORON because of fuckin MSI";
script = "while true; do cat /proc/acpi/button/lid/LID0/state > /dev/null ; sleep 2; done";
serviceConfig = {
Restart = "always";
RestartSec = 2;
StartLimitIntervalSec = 0;
};
};
powerManagement = {
cpuFreqGovernor = lib.mkDefault "powersave";
powerDownCommands = ''
${pkgs.utillinux}/bin/rfkill block wlan
'';
resumeCommands = ''
${pkgs.utillinux}/bin/rfkill unblock wlan
'';
};
services.xserver.resolutions = [
{ x = 1920; y = 1080; }
{ x = 1600; y = 1200; }
{ x = 1024; y = 786; }
];
}

32
machines/rocksteady.nix Normal file
View File

@ -0,0 +1,32 @@
{ ... }:
{
networking.hostName = "rocksteady";
imports = [
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
../modules/server/common.nix
];
boot = {
loader.grub.device = "/dev/vda";
kernelModules = [ "tcp_bbr" ];
kernel.sysctl = {
"net.ipv4.tcp_congestion_control" = "bbr";
};
};
fileSystems."/" = {
device = "/dev/vda1";
fsType = "ext4";
options = [ "noatime" ];
};
swapDevices = [
{
device = "/swapfile";
size = 1024;
}
];
system.stateVersion = "20.03";
}

11
modules/aliases.nix Normal file
View File

@ -0,0 +1,11 @@
{ config, ... }:
{
environment.shellAliases = {
tailf = "tail -f";
vimdiff = "nvim -d";
sysup = "sudo nixos-rebuild switch --upgrade && if [[ $(whoami) == 'gurkan' ]]; then echo; echo \"Switching home-manager after waiting 15 sec...\"; sleep 15; nix-env -u && home-manager switch -b FUCK; fi";
sysclean = "if [[ $(whoami) == 'gurkan' ]]; then echo; echo \"Clearing home-manager...\"; home-manager expire-generations \"-10 days\"; fi; sudo nix-env -p /nix/var/nix/profiles/system --delete-generations +10 && sudo nix-collect-garbage; nix-collect-garbage; sudo nix-store --optimize";
syslist = "echo 'System:' ; sudo nix-env -p /nix/var/nix/profiles/system --list-generations; if [[ $(whoami) == 'gurkan' ]]; then echo; echo 'Home-manager:'; home-manager generations; fi";
pkglist = "for pack in `nixos-option environment.systemPackages | head -2 | tail -1 | tr -d \"[],\"`; do echo $pack ; done";
};
}

78
modules/laptop/common.nix Normal file
View File

@ -0,0 +1,78 @@
{ config, lib, pkgs, ... }:
let
secrets = import ../secrets.nix;
in
{
imports =
[
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
../aliases.nix
../overlays.nix
../packages.nix
../neovim.nix
../snapper.nix
../syncthing.nix
../users.nix
./dnscrypt.nix
./fonts.nix
./hardware.nix
./iphone.nix
./networking.nix
./packages.nix
./services.nix
./xserver.nix
./yubikey.nix
];
console = {
keyMap = "trq";
# Good for HiDPI on TTY
font = "latarcyrheb-sun32";
};
security.sudo.wheelNeedsPassword = false;
users = {
groups.gurkan.gid = 1000;
users = {
gurkan = {
isNormalUser = true;
uid = 1000;
shell = pkgs.zsh;
createHome = true;
home = "/home/gurkan";
group = "gurkan";
extraGroups = [
"adbusers"
"adm"
"audio"
"disk"
"docker"
"input"
"networkmanager"
"plugdev"
"vboxusers"
"video"
"wheel"
];
hashedPassword = secrets.gurkanPassword;
};
root = {
hashedPassword = secrets.rootPassword;
};
};
};
# Powersave
boot = {
extraModprobeConfig = lib.mkMerge [
"options snd_hda_intel power_save=1 power_save_controller=Y"
"options iwlwifi power_save=1 uapsd_disable=1 power_level=5"
"options i915 enable_dc=4 enable_fbc=1 enable_guc=2 enable_psr=1 disable_power_well=1"
"options iwlmvm power_scheme=3"
];
kernelParams = ["intel_pstate=disable"];
};
}

View File

@ -0,0 +1,73 @@
{ config, pkgs, ...}:
{
environment.etc."dnscrypt/config.toml".text = ''
server_names = ['scaleway-fr', 'quad9-dnscrypt-ip4-nofilter-pri', 'dnscrypt.eu-dk']
listen_addresses = ['127.0.0.1:53', '[::1]:53']
max_clients = 250
ipv4_servers = true
ipv6_servers = false
dnscrypt_servers = true
doh_servers = true
require_dnssec = false
require_nolog = true
require_nofilter = true
force_tcp = false
timeout = 2500
keepalive = 30
cert_refresh_delay = 240
fallback_resolver = '9.9.9.9:53'
ignore_system_dns = false
netprobe_timeout = 30
log_files_max_size = 10
log_files_max_age = 7
log_files_max_backups = 1
block_ipv6 = false
cache = true
cache_size = 512
cache_min_ttl = 60
cache_max_ttl = 720
cache_neg_min_ttl = 5
cache_neg_max_ttl = 60
[sources]
[sources.'public-resolvers']
urls = ['https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v2/public-resolvers.md', 'https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md']
cache_file = 'public-resolvers.md'
minisign_key = 'RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3'
refresh_delay = 72
'';
systemd.services.dnscrypt-proxy = {
enable = true;
wantedBy = [
"multi-user.target"
"graphical-session.target"
];
description = "dnscrypt service";
script = "${pkgs.dnscrypt-proxy2}/bin/dnscrypt-proxy -config /etc/dnscrypt/config.toml";
serviceConfig = {
Restart = "always";
RestartSec = 5;
StandardOutput = "syslog";
};
};
networking.networkmanager = {
insertNameservers = ["127.0.0.1"];
dispatcherScripts = [ {
source = pkgs.writeText "disableDNScryptOnVPN" ''
#!/usr/bin/env ${pkgs.bash}/bin/bash
if [[ "$2" == "vpn-up" ]]; then
logger "VPN connected, disabling dnscrypt-proxy"
${pkgs.systemd}/bin/systemctl stop dnscrypt-proxy
fi
if [[ "$2" == "vpn-down" ]]; then
logger "VPN disconnected, enabling dnscrypt-proxy"
${pkgs.systemd}/bin/systemctl start dnscrypt-proxy
fi
'';
type = "basic";
}
];
};
}

32
modules/laptop/fonts.nix Normal file
View File

@ -0,0 +1,32 @@
{ pkgs, config, ... }:
let
ionicons = pkgs.callPackage ../../modules/packages/ionicons.nix {};
lineicons = pkgs.callPackage ../../modules/packages/lineicons.nix {};
in
{
fonts = {
fontconfig.defaultFonts = {
emoji = [ "Twitter Color Emoji" ];
};
fonts = with pkgs; [
comic-relief
corefonts
dina-font
fira-code
fira-code-symbols
font-awesome_4
font-awesome-ttf
inconsolata
ionicons
liberation_ttf
lineicons
mplus-outline-fonts
noto-fonts
powerline-fonts
proggyfonts
source-code-pro
twemoji-color-font
ubuntu_font_family
];
};
}

View File

@ -0,0 +1,57 @@
{ config, lib, pkgs, ... }:
{
imports = [ ./helper-modules/usb-wakeup-disable.nix ];
hardware = {
bluetooth.enable = true;
logitech.wireless.enable = true;
keyboard.zsa.enable = true;
enableRedistributableFirmware = true;
firmware = [ pkgs.firmwareLinuxNonfree ];
opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [
vaapiIntel
vaapiVdpau
libvdpau-va-gl
intel-media-driver
];
};
# WTH is pulseaudio under hardware section?
pulseaudio = {
enable = true;
package = pkgs.pulseaudioFull;
support32Bit = true;
extraModules = [ pkgs.pulseaudio-modules-bt ];
# @Reference to blacklist any devices' auto-switch
# load-module module-switch-on-connect blacklist="myshit"
extraConfig = ''
load-module module-switch-on-connect
load-module module-alsa-card device_id="1" name="usb-Logitech_Logitech_G933_Gaming_Wireless_Headset-00" card_name="alsa_card.usb-Logitech_Logitech_G933_Gaming_Wireless_Headset-00" namereg_fail=false tsched=yes fixed_latency_range=yes ignore_dB=no deferred_volume=yes use_ucm=yes avoid_resampling=yes card_properties="module-udev-detect.discovered=1" tsched_buffer_size=65536 tsched_buffer_watermark=20000
'';
};
usb.wakeupDisabled = [
{
# Logitech G413 gaming keyboard
vendor = "046d";
product = "c33a";
}
{
# Logitech unifying receiver (mouse)
vendor = "046d";
product = "c52b";
}
{
# ZSA Moonlander
vendor = "3297";
product = "1969";
}
];
};
}

View File

@ -0,0 +1,63 @@
// Workman-P-TR Keyboard Layout symbols for xkb on X.Org Server 7.x
// Based on Workman-P by 09-06-2010 OJ Bucao. https://workmanlayout.org
// 24-07-2021 Gu:rkan. https://gurkan.in
partial alphanumeric_keys
xkb_symbols "workman-p-tr" {
name[Group1]= "Turkish (Workman-P-TR)";
include "us(basic)"
// Alphanumeric section
key <AE01> { [ 1, exclam ] };
key <AE02> { [ 2, apostrophe ] };
key <AE03> { [ 3, asciicircum ] };
key <AE04> { [ 4, plus, dollar ] };
key <AE05> { [ 5, percent ] };
key <AE06> { [ 6, ampersand ] };
key <AE07> { [ 7, slash ] };
key <AE08> { [ 8, parenleft ] };
key <AE09> { [ 9, parenright ] };
key <AE10> { [ 0, equal ] };
key <AD01> { [ q, Q, at ] };
key <AD02> { [ d, D ] };
key <AD03> { [ r, R ] };
key <AD04> { [ w, W ] };
key <AD05> { [ b, B ] };
key <AD06> { [ j, J ] };
key <AD07> { [ f, F ] };
key <AD08> { [ u, U, udiaeresis, Udiaeresis ] };
key <AD09> { [ p, P ] };
key <AD10> { [ colon, semicolon ] };
key <AD11> { [ asciitilde, asciitilde, grave, grave ] };
key <AC01> { [ a, A ] };
key <AC02> { [ s, S, scedilla, Scedilla ] };
key <AC03> { [ h, H ] };
key <AC04> { [ t, T ] };
key <AC05> { [ g, G, gbreve, Gbreve ] };
key <AC06> { [ y, Y ] };
key <AC07> { [ n, N ] };
key <AC08> { [ e, E ] };
key <AC09> { [ o, O, odiaeresis, Odiaeresis ] };
key <AC10> { [ i, Iabovedot, idotless, I ] };
key <AC11> { [ bar, backslash ] };
key <AB01> { [ z, Z ] };
key <AB02> { [ x, X ] };
key <AB03> { [ m, M ] };
key <AB04> { [ c, C, ccedilla, Ccedilla ] };
key <AB05> { [ v, V ] };
key <AB06> { [ k, K ] };
key <AB07> { [ l, L ] };
key <AB08> { [ comma, less ] };
key <AB09> { [ period, greater ] };
key <AB10> { [ slash, question ] };
// End alphanumeric section
key <CAPS> { [ BackSpace, Escape, BackSpace, BackSpace ] };
include "level3(ralt_switch)"
};

View File

@ -0,0 +1,67 @@
# Don't let USB devices wake the computer from sleep by adding a
# `{ vendor = "...."; product = "...."; }` attrset to the
# `hardware.usb.wakeupDisabled` configuration option.
{ config, pkgs, lib, ... }:
let
inherit (builtins) length;
inherit (lib)
concatStringsSep optionalString optional toLower forEach types mkOption
hasInfix;
cfg = config.hardware.usb.wakeupDisabled;
vendorProductStr = types.strMatching "^[0-9a-fA-F]{4}$";
vendorProductStrDesc = ty: ''
The device's ${ty} ID, as a 4-digit hex string.
${ty} IDs of USB devices can be listed with <code>nix-shell -p usbutils
--run lsusb</code>, where an output line like <code>Bus 002 Device 003: ID
046d:c52b Logitech, Inc. Unifying Receiver</code> has a vendor ID of
<code>046d</code> and a product ID of <code>c52b</code>.
All strings are converted to lowercase.
'';
udevRules = pkgs.writeTextDir "etc/udev/rules.d/90-usb-wakeup-configure.rules"
(concatStringsSep "\n" (forEach cfg (devCfg:
let wakeStr = if devCfg.wakeup then "enabled" else "disabled";
in concatStringsSep ", " [
''ACTION=="add"''
''ATTRS{idVendor}=="${toLower devCfg.vendor}"''
''ATTRS{idProduct}=="${toLower devCfg.product}"''
''ATTR{power/wakeup}="${wakeStr}"''
])));
in {
options.hardware.usb.wakeupDisabled = mkOption {
description =
"Prevent USB devices from waking the computer from sleep/hibernation.";
default = [ ];
type = types.listOf (types.submodule {
options = {
vendor = mkOption {
description = vendorProductStrDesc "Vendor";
type = vendorProductStr;
example = "046d";
};
product = mkOption {
description = vendorProductStrDesc "Product";
type = vendorProductStr;
example = "c52b";
};
wakeup = mkOption {
description = ''
Is this device allowed to wake the computer from sleep?
By default, any devices here are explicitly
<emphasis>not</emphasis> allowed to wake the computer from sleep.
'';
type = types.bool;
default = false;
example = true;
};
};
});
};
config = { services.udev.packages = optional (length cfg != 0) udevRules; };
}

View File

@ -0,0 +1,63 @@
// Workman-P-TR Keyboard Layout symbols for xkb on X.Org Server 7.x
// Based on Workman-P by 09-06-2010 OJ Bucao. https://workmanlayout.org
// 24-07-2021 Gu:rkan. https://gurkan.in
partial alphanumeric_keys
xkb_symbols "workman-p-tr" {
name[Group1]= "Turkish (Workman-P-TR)";
include "us(basic)"
// Alphanumeric section
key <AE01> { [ 1, exclam ] };
key <AE02> { [ 2, apostrophe ] };
key <AE03> { [ 3, asciicircum ] };
key <AE04> { [ 4, plus, dollar ] };
key <AE05> { [ 5, percent ] };
key <AE06> { [ 6, ampersand ] };
key <AE07> { [ 7, slash ] };
key <AE08> { [ 8, parenleft ] };
key <AE09> { [ 9, parenright ] };
key <AE10> { [ 0, equal ] };
key <AD01> { [ q, Q, at ] };
key <AD02> { [ d, D ] };
key <AD03> { [ r, R ] };
key <AD04> { [ w, W ] };
key <AD05> { [ b, B ] };
key <AD06> { [ j, J ] };
key <AD07> { [ f, F ] };
key <AD08> { [ u, U, udiaeresis, Udiaeresis ] };
key <AD09> { [ p, P ] };
key <AD10> { [ colon, semicolon ] };
key <AD11> { [ asciitilde, asciitilde, grave, grave ] };
key <AC01> { [ a, A ] };
key <AC02> { [ s, S, scedilla, Scedilla ] };
key <AC03> { [ h, H ] };
key <AC04> { [ t, T ] };
key <AC05> { [ g, G, gbreve, Gbreve ] };
key <AC06> { [ y, Y ] };
key <AC07> { [ n, N ] };
key <AC08> { [ e, E ] };
key <AC09> { [ o, O, odiaeresis, Odiaeresis ] };
key <AC10> { [ i, Iabovedot, idotless, I ] };
key <AC11> { [ bar, backslash ] };
key <AB01> { [ z, Z ] };
key <AB02> { [ x, X ] };
key <AB03> { [ m, M ] };
key <AB04> { [ c, C, ccedilla, Ccedilla ] };
key <AB05> { [ v, V ] };
key <AB06> { [ k, K ] };
key <AB07> { [ l, L ] };
key <AB08> { [ comma, less ] };
key <AB09> { [ period, greater ] };
key <AB10> { [ slash, question ] };
// End alphanumeric section
key <CAPS> { [ BackSpace, Escape, BackSpace, BackSpace ] };
include "level3(ralt_switch)"
};

38
modules/laptop/iphone.nix Normal file
View File

@ -0,0 +1,38 @@
{ config, pkgs, lib, ... }:
let
cfg = config.iphone;
in
{
options.iphone = {
enable = lib.mkOption { default = false; };
directory = lib.mkOption { default = "/tmp/iPhone"; };
user = lib.mkOption { };
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [
pkgs.libimobiledevice
pkgs.usbmuxd
(pkgs.writeScriptBin "iphone" ''
echo "restarting iphone service" && \
echo "if does not work, restart or kill-start usbmuxd service" && \
sudo systemctl restart iphone \
&& ${pkgs.xdg_utils}/bin/xdg-open ${cfg.directory}
'')
];
services.usbmuxd.enable = true;
services.usbmuxd.user = cfg.user;
systemd.services.iphone = {
preStart = "mkdir -p ${cfg.directory}; chown ${cfg.user} ${cfg.directory}";
script = ''
${pkgs.libimobiledevice}/bin/idevicepair pair \
&& exec ${pkgs.ifuse}/bin/ifuse ${cfg.directory}
'';
serviceConfig = {
PermissionsStartOnly = true;
User = cfg.user;
Type = "forking";
};
};
};
}

View File

@ -0,0 +1,31 @@
{ config, pkgs, ...}:
{
networking = {
firewall = {
allowedTCPPortRanges = [
# kdeConnect:
{ from = 1714; to = 1764; }
];
allowedUDPPortRanges = [
# kdeConnect:
{ from = 1714; to = 1764; }
];
};
networkmanager = {
# @Reference
# appendNameservers = ["127.0.0.1"];
# insertNameservers = ["51.158.168.202"]; # Public Pi-hole
enable = true;
wifi.powersave = true;
};
# @Reference
# extraHosts = ''
# 69.162.something myhost1
# '';
};
}

View File

@ -0,0 +1,19 @@
{ pkgs, config, lib, ... }:
{
# Packages not needed in servers
environment.systemPackages = with pkgs; [
acpi
adoptopenjdk-bin
dnscrypt-proxy2
geteltorito # for converting iso to img
iw
linuxPackages.cpupower
lm_sensors
networkmanager-openvpn
nix-review
powertop
ruby # I am not ashamed
smbclient
wirelesstools
];
}

127
modules/laptop/services.nix Normal file
View File

@ -0,0 +1,127 @@
{ config, lib, pkgs, ... }:
# let
# baseconfig = { allowUnfree = true; allowBroken = true; };
# unstable = import (
# fetchTarball https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz
# ) { config = baseconfig; };
# in
{
sound.enable = true;
services = {
acpid.enable = true;
fwupd.enable = true;
gnome.gnome-keyring.enable = true;
greenclip.enable = true; # clipboard daemon
# @Reference to unmark a broken haskell package, wth..
# greenclip.package = (with pkgs.haskell.lib; markUnbroken (addExtraLibrary pkgs.haskellPackages.greenclip pkgs.xlibs.libXScrnSaver));
gvfs.enable = true;
printing.enable = true;
udisks2.enable = true; # automount daemon
logind.extraConfig = ''
HandleSuspendKey=ignore
HandlePowerKey=ignore
'';
udev.extraRules = lib.mkMerge [
# set kyber as IO scheduler for SSDs
''ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="kyber"''
# autosuspend USB devices
''ACTION=="add", SUBSYSTEM=="usb", TEST=="power/control", ATTR{power/control}="auto"''
# autosuspend PCI devices
''ACTION=="add", SUBSYSTEM=="pci", TEST=="power/control", ATTR{power/control}="auto"''
# disable Ethernet Wake-on-LAN
''ACTION=="add", SUBSYSTEM=="net", NAME=="enp*", RUN+="${pkgs.ethtool}/sbin/ethtool -s $name wol d"''
# @Reference to run a script on AC connect/disconnect
# ''SUBSYSTEM=="power_supply", ATTR{online}=="0", RUN+="${power_adjust}/bin/power_adjust disconnected"''
# ''SUBSYSTEM=="power_supply", ATTR{online}=="1", RUN+="${power_adjust}/bin/power_adjust connected"''
];
tlp = {
enable = true;
settings = {
"MAX_LOST_WORK_SECS_ON_BAT" = 15;
"WOL_DISABLE" = "Y";
# CPU
"CPU_MIN_PERF_ON_AC" = 0;
"CPU_MAX_PERF_ON_AC" = 100;
"CPU_MIN_PERF_ON_BAT" = 0;
"CPU_MAX_PERF_ON_BAT" = 50;
"CPU_SCALING_GOVERNOR_ON_AC" = "performance";
"CPU_SCALING_GOVERNOR_ON_BAT" = "schedutil";
"CPU_SCALING_MIN_FREQ_ON_AC" = 2000000;
"CPU_SCALING_MAX_FREQ_ON_AC" = 2600000;
"CPU_SCALING_MIN_FREQ_ON_BAT" = 800000;
"CPU_SCALING_MAX_FREQ_ON_BAT" = 2100000;
# GPU
"INTEL_GPU_MIN_FREQ_ON_AC" = 0;
"INTEL_GPU_MIN_FREQ_ON_BAT" = 0;
"INTEL_GPU_MAX_FREQ_ON_AC" = 1100;
"INTEL_GPU_MAX_FREQ_ON_BAT" = 400;
"INTEL_GPU_BOOST_FREQ_ON_AC" = 1100;
"INTEL_GPU_BOOST_FREQ_ON_BAT" = 500;
};
};
my_snapper = {
subvolume = "/home";
};
my_syncthing = {
user = "gurkan";
group = "gurkan";
configDir = "/home/gurkan/.syncthing-config";
repoPath = "/home/gurkan/syncfolder";
};
};
systemd.services = {
# Do not restart these, since it fucks up the current session
systemd-logind.restartIfChanged = false;
polkit.restartIfChanged = false;
display-manager.restartIfChanged = false;
NetworkManager.restartIfChanged = false;
wpa_supplicant.restartIfChanged = false;
lock-before-sleeping = {
restartIfChanged = false;
unitConfig = {
Description = "Helper service to bind locker to sleep.target";
};
serviceConfig = {
ExecStart = "${pkgs.slock}/bin/slock";
Type = "simple";
};
before = [
"pre-sleep.service"
];
wantedBy= [
"pre-sleep.service"
];
environment = {
DISPLAY = ":0";
XAUTHORITY = "/home/gurkan/.Xauthority";
};
};
};
virtualisation.docker = {
enable = true;
enableOnBoot = false;
};
# iphone settings
iphone = {
enable = true;
user = "gurkan";
};
# android settings
programs.adb.enable = true;
}

View File

@ -0,0 +1,64 @@
{ config, pkgs, ... }:
# let
# baseconfig = { allowUnfree = true; };
# unstable = import (
# fetchTarball https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz
# ) { config = baseconfig; };
# in
{
boot.blacklistedKernelModules = [ "nouveau" ];
services.xserver = {
enable = true;
layout = "tr";
windowManager.awesome = {
enable = true;
# package = pkgs.myAwesome;
# Can't work yet: https://discourse.nixos.org/t/awesomewm-luamodules-apparently-not-taking-effect/8507/2
# luaModules = [
# pkgs.luaPackages.penlight
# pkgs.luaPackages.inspect
# ];
};
desktopManager = {
xterm.enable = false;
session = [
{
name = "HM-awesome";
start = ''
${pkgs.runtimeShell} $HOME/.hm-xsession &
waitPID=$!
'';
}
];
};
displayManager = {
defaultSession = "HM-awesome";
autoLogin = {
enable = true;
user = "gurkan";
};
lightdm= {
enable = true;
greeters.enso.enable = true;
};
};
libinput = {
enable = true;
touchpad = {
disableWhileTyping = true;
naturalScrolling = true;
};
};
extraLayouts.workman-p-tr = {
description = "My workman turkish mod";
languages = [ "eng" ];
symbolsFile = ./helper-modules/workman-p-tr;
};
};
}

View File

@ -0,0 +1,40 @@
{ config, lib, pkgs, ... }:
{
services = {
pcscd.enable = true; # smartcard daemon, needed for yubikey
udev.extraRules = ''
ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0407", MODE="664", GROUP="adm"
''; # Optional, if you have a user/group preference
};
systemd.services.pcscd = { # Causes pcscd to ignore non-auth one
environment = {
PCSCLITE_FILTER_IGNORE_READER_NAMES = "Yubico YubiKey OTP+FIDO+CCID";
};
};
programs = {
ssh = {
startAgent = true;
agentPKCS11Whitelist = "/nix/store/*";
};
gnupg.agent = {
enable = true;
enableBrowserSocket = true;
# enableSSHSupport = true; # OMG SO SECURE AND SLOW
};
};
environment.systemPackages = with pkgs; [
ccid
gnupg
opensc
pcsctools
pcsclite
pinentry_qt5
# those 2 are only needed for initial setup
# yubikey-manager
# yubico-piv-tool
];
}

83
modules/neovim.nix Normal file
View File

@ -0,0 +1,83 @@
{pkgs, ...}:
let
# Get sha256 by running nix-prefetch-url --unpack https://github.com/[owner]/[name]/archive/[rev].tar.gz
customVimPlugins = with pkgs.vimUtils; {
myNeoSolarized = buildVimPluginFrom2Nix {
name = "NeoSolarized";
src = pkgs.fetchFromGitHub {
owner = "malob";
repo = "NeoSolarized";
rev = "a8e6e52";
sha256 = "0bxrm2vm3z1y37sm6m2hdn72g2sw31dx1xhmjvd0ng72cnp84d9k";
};
};
oscyank = buildVimPluginFrom2Nix {
name = "oscyank";
src = pkgs.fetchFromGitHub {
owner = "ojroques";
repo = "vim-oscyank";
rev = "fdbac11";
sha256 = "1mbs8v8k7698qnck5n38lqaz8sl07d1p31c84injb460l6jfv1s7";
};
};
terminus = buildVimPluginFrom2Nix {
name = "terminus";
src = pkgs.fetchFromGitHub {
owner = "wincent";
repo = "terminus";
rev = "340ea44d";
sha256 = "170ks4lrpyj280pvm2kjndx2q1r7ca4w8ix0zdsgvzrmq54psxad";
};
};
nvim-web-devicons = buildVimPluginFrom2Nix {
name = "nvim-web-devicons";
src = pkgs.fetchFromGitHub {
owner = "kyazdani42";
repo = "nvim-web-devicons";
rev = "61693bf";
sha256 = "0siifa9gxj6kz9w4fpnra6afyri6y0b34605aqkf7820krhcmckz";
};
};
};
in {
programs.neovim = {
enable = true;
vimAlias = true;
configure = {
customRC = ''
source ~/.config/nvim/nix.vim
'';
packages.myVimPackages = with pkgs.vimPlugins // customVimPlugins; {
start = [
airline
colorizer
indentLine
# jedi-vim
LeaderF
limelight-vim
myNeoSolarized
nerdcommenter
nvim-web-devicons
oscyank
syntastic
tagbar
terminus
todo-txt-vim
vim-airline-themes
# vim-easytags
vim-flake8
vim-fugitive
vim-go
vim-gutentags
vim-illuminate
vim-nix
# vim-polyglot
vim-trailing-whitespace
vimwiki
YouCompleteMe
zenburn
];
};
};
};
}

View File

@ -0,0 +1,43 @@
diff --git a/autoload/xolox/easytags.vim b/autoload/xolox/easytags.vim
index d0dec21..3c85e6a 100644
--- a/autoload/xolox/easytags.vim
+++ b/autoload/xolox/easytags.vim
@@ -78,19 +78,25 @@ function! xolox#easytags#check_ctags_compatible(name, min_version) " {{{2
call xolox#misc#msg#debug("easytags.vim %s: Command '%s' returned nonzero exit code %i!", g:xolox#easytags#version, a:name, result['exit_code'])
else
" Extract the version number from the output.
- let pattern = '\(Exuberant\|Universal\) Ctags \zs\(\d\+\(\.\d\+\)*\|Development\)'
- let g:easytags_ctags_version = matchstr(get(result['stdout'], 0, ''), pattern)
- " Deal with development builds.
- if g:easytags_ctags_version == 'Development'
- call xolox#misc#msg#debug("easytags.vim %s: Assuming development build is compatible ..", g:xolox#easytags#version, a:name)
- return 1
- endif
- " Make sure the version is compatible.
- if xolox#misc#version#at_least(a:min_version, g:easytags_ctags_version)
- call xolox#misc#msg#debug("easytags.vim %s: Version is compatible! :-)", g:xolox#easytags#version)
- return 1
- else
- call xolox#misc#msg#debug("easytags.vim %s: Version is not compatible! :-(", g:xolox#easytags#version)
+ let pattern = '\(\w\+\) Ctags \(\d\+\(\.\d\+\)*\|Development\)'
+ let match = matchlist(get(result['stdout'], 0, ''), pattern)
+ let g:easytags_ctags_fork = match[1]
+ let g:easytags_ctags_version = match[2]
+ if g:easytags_ctags_fork != '' && g:easytags_ctags_version != ''
+ call xolox#misc#msg#debug("easytags.vim %s: Detected %s Ctags %s", g:xolox#easytags#version, g:easytags_ctags_fork, g:easytags_ctags_version)
+ if g:easytags_ctags_fork == 'Universal'
+ " All versions should be compatible.
+ call xolox#misc#msg#debug("easytags.vim %s: Assuming all versions is compatible ..", g:xolox#easytags#version)
+ return 1
+ elseif g:easytags_ctags_fork == 'Exuberant'
+ " Make sure the version is compatible.
+ if xolox#misc#version#at_least(a:min_version, g:easytags_ctags_version)
+ call xolox#misc#msg#debug("easytags.vim %s: Version is compatible! :-)", g:xolox#easytags#version)
+ return 1
+ else
+ call xolox#misc#msg#debug("easytags.vim %s: Version is not compatible! :-(", g:xolox#easytags#version)
+ endif
+ endif
endif
endif
call xolox#misc#msg#debug("easytags.vim %s: Standard output of command: %s", g:xolox#easytags#version, string(result['stdout']))

View File

@ -0,0 +1,11 @@
self: super:
{
autorandr = super.autorandr.overrideAttrs (old: rec {
src = super.fetchFromGitHub {
owner = "seqizz";
repo = "autorandr";
rev = "5d3b326";
sha256 = "0a2nsvidcj7y343axbfh3nvxyys03ni43cradlj6xkhmqk0yjkd1";
};
});
}

View File

@ -0,0 +1,17 @@
self: super:
{
myAwesome = super.awesome.overrideAttrs (old: rec {
pname = "myAwesome";
version = "git-20200926-59ff7c";
src = super.fetchFromGitHub {
# owner = "awesomeWM";
# repo = "awesome";
# rev = "7a759432d3100ff6870e0b2b427e3352bf17c7cc";
# sha256 = "0kjndz8q1cagmybsc0cdw97c9ydldahrlv140bfvl1xzhhbmx0hg";
owner = "Elv13";
repo = "awesome-1";
rev = "59ff7c2d3413c5212bac05ea3ca7122f790cfcc7";
sha256 = "0pp94gmrmrk74n6i7svairxlfymxbfp1bkav43ihjl9fi9d0jq4p";
};
});
}

View File

@ -0,0 +1,100 @@
self: super:
let
baseconfig = { allowUnfree = true; };
unstable = import (
fetchTarball https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz
) { config = baseconfig; };
bleeding = import (
fetchTarball https://github.com/NixOS/nixpkgs/archive/master.tar.gz
) { config = baseconfig; };
# Get sha256 by running nix-prefetch-url --unpack https://github.com/[owner]/[name]/archive/[rev].tar.gz
customVimPlugins = with super.vimUtils; {
myNeoSolarized = buildVimPluginFrom2Nix {
name = "NeoSolarized";
src = super.fetchFromGitHub {
owner =<