From 4af72b9d39352300c274531077a1b642cda1f8a3 Mon Sep 17 00:00:00 2001 From: alex Date: Mon, 21 Apr 2025 14:21:37 +0800 Subject: [PATCH] restructured and optimized content --- README.md | 25 +-- flake.nix | 14 +- home/core.nix | 28 +++- home/desktop.nix | 41 +---- modules/home/develop.nix | 12 ++ modules/home/fcitx.nix | 22 +++ modules/home/hyprland/default.nix | 9 +- modules/home/v2ray/default.nix | 20 +-- modules/home/vscode/default.nix | 21 ++- modules/home/vscode/settings.json | 2 +- modules/home/xdg.nix | 154 +++++++++--------- modules/nixos/core.nix | 70 -------- modules/nixos/core/boot.nix | 22 +++ modules/nixos/core/default.nix | 66 ++++++++ modules/nixos/core/system.nix | 91 +++++++++++ modules/nixos/fonts/default.nix | 92 +++++------ modules/nixos/fonts/fhs-fonts.nix | 66 ++++---- modules/nixos/sysatomic.nix | 61 +++++++ modules/nixos/{user-group.nix => user.nix} | 4 - modules/nixos/virtualize/libvirtd/default.nix | 4 +- overlays/default.nix | 7 + profiles/apollo/default.nix | 45 +++++ profiles/gaea/default.nix | 90 +--------- profiles/gaea/hardware-configuration.nix | 58 ------- profiles/gaea/hardware.nix | 25 +++ profiles/luna/default.nix | 127 ++------------- profiles/luna/hardware-configuration.nix | 35 ---- profiles/luna/networking.nix | 30 ++++ 28 files changed, 632 insertions(+), 609 deletions(-) create mode 100644 modules/home/develop.nix create mode 100644 modules/home/fcitx.nix delete mode 100644 modules/nixos/core.nix create mode 100644 modules/nixos/core/boot.nix create mode 100644 modules/nixos/core/default.nix create mode 100644 modules/nixos/core/system.nix create mode 100644 modules/nixos/sysatomic.nix rename modules/nixos/{user-group.nix => user.nix} (71%) create mode 100644 profiles/apollo/default.nix delete mode 100644 profiles/gaea/hardware-configuration.nix create mode 100644 profiles/gaea/hardware.nix delete mode 100644 profiles/luna/hardware-configuration.nix create mode 100644 profiles/luna/networking.nix diff --git a/README.md b/README.md index 530cc8c..a596dff 100644 --- a/README.md +++ b/README.md @@ -42,11 +42,15 @@ 3. 挂载 ```bash + mkdir -p /mnt/{boot,nix} mount /dev/sda2 /mnt/nix - mkdir -p /mnt/boot mount /dev/sda1 /mnt/boot ``` +3.1 不变系统 + +如何希望使用不变原子系统, 在 profile 中引入 `modules/nixos/sysatomic.nix` 模块. + 4. 生成一个基本的配置 ```bash @@ -56,10 +60,8 @@ 5. 克隆仓库到本地 ```bash -nix-shell -p git -git clone https://github.com/synebula/.nix.git /mnt/.nix -cd /mnt/.nix/ -nix develop --extra-experimental-features "nix-command flakes" +git clone https://github.com/synebula/.nix.git /mnt/nix/.nix +cd /mnt/nix/.nix ``` 6. 将 /mnt/etc/nixos 中的 `hardware-configuration.nix` 拷贝到 `/mnt/.nix/profiles//hardware-configuration.nix`, 其中``指需要的 profile。 @@ -67,19 +69,20 @@ nix develop --extra-experimental-features "nix-command flakes" ```bash cp /mnt/etc/nixos/hardware-configuration.nix /mnt/.nix/profiles//hardware-configuration.nix ``` + 7. 用户名修改: 编辑 `/mnt/.nix/flake.nix` 修改 **username** 变量。 8. 使用 `mkpasswd {PASSWORD} -m sha-512` 命令生成的密码哈希串替换掉 `/mnt/.nix/modules/nixos/user-group.nix` 中的 `users.users..hashedPassword` 值替换掉。 - 9. 安装 ```bash -nixos-install --option substituters "https://mirrors.ustc.edu.cn/nix-channels/store https://cache.nixos.org" --no-root-passwd --flake .# +./nixos-install.sh # 或者 -./nixos-install +nixos-install --option substituters "https://mirrors.ustc.edu.cn/nix-channels/store https://cache.nixos.org" --no-root-passwd --flake .# + ``` 10. 重启 @@ -90,6 +93,6 @@ reboot ### 日常更新系统脚本 -``` bash -./nixos-switch -``` \ No newline at end of file +```bash +./nixos-switch.sh +``` diff --git a/flake.nix b/flake.nix index 8c8ee6e..2ea7dba 100644 --- a/flake.nix +++ b/flake.nix @@ -1,4 +1,3 @@ -# Configuration file init by: nix flake init -t github:misterio77/nix-starter-config#standard { outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, home-manager-unstable, ... }@inputs: let @@ -42,7 +41,6 @@ # Available through 'home-manager --flake .#your-username@your-hostname' # Or run 'nix build .#homeConfigurations..activationPackage' in none-nixos distro first homeConfigurations = { - # FIXME replace with your username@hostname "${username}" = home-manager-unstable.lib.homeManagerConfiguration { pkgs = nixpkgs-unstable.packages.x86_64-linux; # Home-manager requires 'pkgs' instance extraSpecialArgs = { @@ -64,22 +62,17 @@ inputs = { # Nixpkgs - nixpkgs.url = "github:nixos/nixpkgs/nixos-${sysversion}"; - # You can access packages and modules from different nixpkgs revs - # at the same time. Here's an working example: + nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; - # Also see the 'unstable-packages' overlay at 'overlays/default.nix'. # The Nix User Repository # nur.url = github:nix-community/NUR; # Home manager home-manager = { - url = "github:nix-community/home-manager/release-${sysversion}"; + url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; - - # Home manager home-manager-unstable = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs-unstable"; @@ -87,6 +80,9 @@ hyprland.url = "github:hyprwm/Hyprland"; + # Impermanence system + impermanence.url = "github:nix-community/impermanence"; + # TODO: Add any other flake you might need # hardware.url = "github:nixos/nixos-hardware"; diff --git a/home/core.nix b/home/core.nix index b4932a0..d94f77b 100644 --- a/home/core.nix +++ b/home/core.nix @@ -1,7 +1,7 @@ # This is your home-manager configuration file # Use this to configure your home environment (it replaces ~/.config/nixpkgs/home.nix) -{ inputs, outputs, lib, config, pkgs, username, useremail, ... }: { +{ inputs, outputs, lib, config, pkgs, username, useremail, sysversion, ... }: { home = { inherit username; @@ -13,11 +13,8 @@ ]; }; - # Enable home-manager and git + # Enable git programs = { - # home-manager.enable = true; - # git.enable = true; - git = { enable = true; @@ -60,6 +57,25 @@ shellAliases = { }; }; + zsh = { + enable = true; + enableCompletion = true; + autosuggestion.enable = true; + syntaxHighlighting.enable = true; + + shellAliases = { + la = "ls -la"; + ll = "ls -l"; + edit = "sudo -e"; + update = "sudo nixos-rebuild switch"; + }; + + history.size = 10000; + history.ignoreAllDups = true; + history.path = "$HOME/.zsh_history"; + history.ignorePatterns = ["rm *" "pkill *" "cp *"]; + }; + vim = { enable = true; plugins = with pkgs.vimPlugins; [ vim-airline ]; @@ -106,5 +122,5 @@ systemd.user.startServices = "sd-switch"; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - home.stateVersion = "23.05"; + home.stateVersion = sysversion; } diff --git a/home/desktop.nix b/home/desktop.nix index 60db685..5fe6bff 100644 --- a/home/desktop.nix +++ b/home/desktop.nix @@ -12,13 +12,12 @@ # inputs.nix-colors.homeManagerModules.default # You can also split up your configuration and import pieces of it here: - # ./nvim.nix ./core.nix ../modules/home/hyprland ../modules/home/vscode - ../modules/home/v2ray ../modules/home/xdg.nix ../modules/home/theme.nix + ../modules/home/fcitx.nix ]; home = { @@ -27,58 +26,24 @@ bc # GNU software calculator vlc imv - motrix microsoft-edge - telegram-desktop # firefox # chromium zip unzip lsof + htop pciutils # lspci etc. - steam-run - frp - obsidian - wpsoffice-cn xorg.xhost - - dbeaver - postman - # jdk - nodejs - yarn - flutter - oraclejdk - jetbrains.idea-community - # nur.repos.linyinfeng.wemeet ]; sessionVariables = { - JAVA_HOME = "${pkgs.oraclejdk}"; - XIM = "fcitx"; - XIM_PROGRAM = "fcitx"; - XMODIFIERS = "@im=fcitx"; - }; - }; - - programs = { - bash = { - initExtra = '' - export XIM="fcitx" - export XIM_PROGRAM="fcitx" - export XMODIFIERS="@im=fcitx" - ''; + JAVA_HOME = ""; }; }; - i18n.inputMethod = { - enabled = "fcitx5"; - fcitx5.addons = with pkgs; [ - fcitx5-chinese-addons - ]; - }; # Enable home-manager and git programs = { diff --git a/modules/home/develop.nix b/modules/home/develop.nix new file mode 100644 index 0000000..c1bc0fb --- /dev/null +++ b/modules/home/develop.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: + +{ + home = { + packages = with pkgs; [ + dbeaver-bin + go + nodejs + yarn + ]; + }; +} diff --git a/modules/home/fcitx.nix b/modules/home/fcitx.nix new file mode 100644 index 0000000..cbf2be4 --- /dev/null +++ b/modules/home/fcitx.nix @@ -0,0 +1,22 @@ +# 输入法配置模块 +{ config, lib, pkgs, ... }: + +{ + home = { + packages = [ pkgs.catppuccin-fcitx5 ]; + sessionVariables = { + GTK_IM_MODULE = "fcitx"; + QT_IM_MODULE = "fcitx"; + XIM = "fcitx"; + XIM_PROGRAM = "fcitx"; + XMODIFIERS = "@im=fcitx"; + }; + }; + + i18n.inputMethod = { + enabled = "fcitx5"; + fcitx5.addons = with pkgs; [ + fcitx5-chinese-addons + ]; + }; +} diff --git a/modules/home/hyprland/default.nix b/modules/home/hyprland/default.nix index b382563..6744a19 100644 --- a/modules/home/hyprland/default.nix +++ b/modules/home/hyprland/default.nix @@ -35,7 +35,6 @@ wayland.windowManager.hyprland = { enable = true; systemdIntegration = true; - enableNvidiaPatches = true; # extraConfig = builtins.readFile ./conf/hyprland.conf; }; @@ -56,10 +55,10 @@ recursive = true; }; - home.file.".config/swww" = { - source = ./conf/swww; - recursive = true; - }; + # home.file.".config/swww" = { + # source = ./conf/swww; + # recursive = true; + # }; home.file.".config/waybar" = { source = ./conf/waybar; diff --git a/modules/home/v2ray/default.nix b/modules/home/v2ray/default.nix index 3de11ef..24d686f 100644 --- a/modules/home/v2ray/default.nix +++ b/modules/home/v2ray/default.nix @@ -1,11 +1,11 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ]; - - home.packages = with pkgs; [ - v2ray - v2raya - ]; +{ config, lib, pkgs, ... }: + +{ + imports = [ + ]; + + home.packages = with pkgs; [ + v2ray + v2raya + ]; } \ No newline at end of file diff --git a/modules/home/vscode/default.nix b/modules/home/vscode/default.nix index 344ba38..8164301 100644 --- a/modules/home/vscode/default.nix +++ b/modules/home/vscode/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ pkgs, ... }: { imports = [ @@ -7,16 +7,21 @@ vscode = { enable = true; extensions = with pkgs.vscode-extensions; [ - jnoortheen.nix-ide + bierner.markdown-mermaid esbenp.prettier-vscode + foxundermoon.shell-format + github.copilot + github.copilot-chat + golang.go + jnoortheen.nix-ide pkief.material-icon-theme ] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [ - # { - # name = "aws-toolkit-vscode"; - # publisher = "amazonwebservices"; - # version = "1.9.0"; - # sha256 = "erRg/C0qSrPg0cK2qmnULOnFGj/mVQTyBy5Kyj1ZfVw="; - # } + { + name = "vscode-augment"; + publisher = "augment"; + version = "0.409.1"; + sha256 = "erRg/C0qSrPg0cK2qmnULOnFGj/mVQTyBy5Kyj1ZfVw="; + } ]; userSettings = builtins.fromJSON (builtins.readFile ./settings.json); }; diff --git a/modules/home/vscode/settings.json b/modules/home/vscode/settings.json index 9e9fce5..2e64934 100644 --- a/modules/home/vscode/settings.json +++ b/modules/home/vscode/settings.json @@ -40,7 +40,7 @@ "git.enableSmartCommit": true, "javascript.updateImportsOnFileMove.enabled": "always", "security.workspace.trust.untrustedFiles": "open", - "terminal.integrated.fontFamily": "\"Source Code Pro\"", + "terminal.integrated.fontFamily": "'Source Code Pro'", "terminal.integrated.tabs.location": "left", "typescript.updateImportsOnFileMove.enabled": "always", "workbench.iconTheme": "material-icon-theme" diff --git a/modules/home/xdg.nix b/modules/home/xdg.nix index 5bf8d2d..4e117e7 100644 --- a/modules/home/xdg.nix +++ b/modules/home/xdg.nix @@ -1,77 +1,77 @@ -# XDG stands for "Cross-Desktop Group", with X used to mean "cross". -# It's a bunch of specifications from freedesktop.org intended to standardize desktops and -# other GUI applications on various systems (primarily Unix-like) to be interoperable: -# https://www.freedesktop.org/wiki/Specifications/ -{ config, pkgs, ... }: { - home.packages = with pkgs; [ - xdg-utils # provides cli tools such as `xdg-mime` `xdg-open` - xdg-user-dirs - ]; - - xdg = { - enable = true; - cacheHome = config.home.homeDirectory + "/.cache"; - - # manage $XDG_CONFIG_HOME/mimeapps.list - # xdg search all desktop entries from $XDG_DATA_DIRS, check it by command: - # echo $XDG_DATA_DIRS - # the system-level desktop entries can be list by command: - # ls -l /run/current-system/sw/share/applications/ - # the user-level desktop entries can be list by command(user ryan): - # ls /etc/profiles/per-user/ryan/share/applications/ - mimeApps = { - enable = true; - # defaultApplications = - # let - # browser = [ "microsoft-edge.desktop" ]; - # in - # { - # "application/json" = browser; - # "application/pdf" = browser; # TODO: pdf viewer - - # "text/html" = browser; - # "text/xml" = browser; - # "application/xml" = browser; - # "application/xhtml+xml" = browser; - # "application/xhtml_xml" = browser; - # "application/rdf+xml" = browser; - # "application/rss+xml" = browser; - # "application/x-extension-htm" = browser; - # "application/x-extension-html" = browser; - # "application/x-extension-shtml" = browser; - # "application/x-extension-xht" = browser; - # "application/x-extension-xhtml" = browser; - - # "x-scheme-handler/about" = browser; - # "x-scheme-handler/ftp" = browser; - # "x-scheme-handler/http" = browser; - # "x-scheme-handler/https" = browser; - # "x-scheme-handler/unknown" = browser; - - # "x-scheme-handler/discord" = [ "discord.desktop" ]; - # "x-scheme-handler/tg" = [ "telegramdesktop.desktop" ]; - - # "audio/*" = [ "vlc.desktop" ]; - # "video/*" = [ "vlc.dekstop" ]; - # "image/*" = [ "imv.desktop" ]; - # "image/gif" = [ "imv.desktop" ]; - # "image/jpeg" = [ "imv.desktop" ]; - # "image/png" = [ "imv.desktop" ]; - # "image/webp" = [ "imv.desktop" ]; - # }; - - associations.removed = - { - # ...... - }; - }; - - userDirs = { - enable = false; - createDirectories = false; - extraConfig = { - XDG_SCREENSHOTS_DIR = "${config.xdg.userDirs.pictures}/Screenshots"; - }; - }; - }; -} +# XDG stands for "Cross-Desktop Group", with X used to mean "cross". +# It's a bunch of specifications from freedesktop.org intended to standardize desktops and +# other GUI applications on various systems (primarily Unix-like) to be interoperable: +# https://www.freedesktop.org/wiki/Specifications/ +{ config, pkgs, ... }: { + home.packages = with pkgs; [ + xdg-utils # provides cli tools such as `xdg-mime` `xdg-open` + xdg-user-dirs + ]; + + xdg = { + enable = true; + cacheHome = config.home.homeDirectory + "/.cache"; + + # manage $XDG_CONFIG_HOME/mimeapps.list + # xdg search all desktop entries from $XDG_DATA_DIRS, check it by command: + # echo $XDG_DATA_DIRS + # the system-level desktop entries can be list by command: + # ls -l /run/current-system/sw/share/applications/ + # the user-level desktop entries can be list by command(user ryan): + # ls /etc/profiles/per-user/ryan/share/applications/ + mimeApps = { + enable = true; + # defaultApplications = + # let + # browser = [ "microsoft-edge.desktop" ]; + # in + # { + # "application/json" = browser; + # "application/pdf" = browser; # TODO: pdf viewer + + # "text/html" = browser; + # "text/xml" = browser; + # "application/xml" = browser; + # "application/xhtml+xml" = browser; + # "application/xhtml_xml" = browser; + # "application/rdf+xml" = browser; + # "application/rss+xml" = browser; + # "application/x-extension-htm" = browser; + # "application/x-extension-html" = browser; + # "application/x-extension-shtml" = browser; + # "application/x-extension-xht" = browser; + # "application/x-extension-xhtml" = browser; + + # "x-scheme-handler/about" = browser; + # "x-scheme-handler/ftp" = browser; + # "x-scheme-handler/http" = browser; + # "x-scheme-handler/https" = browser; + # "x-scheme-handler/unknown" = browser; + + # "x-scheme-handler/discord" = [ "discord.desktop" ]; + # "x-scheme-handler/tg" = [ "telegramdesktop.desktop" ]; + + # "audio/*" = [ "vlc.desktop" ]; + # "video/*" = [ "vlc.dekstop" ]; + # "image/*" = [ "imv.desktop" ]; + # "image/gif" = [ "imv.desktop" ]; + # "image/jpeg" = [ "imv.desktop" ]; + # "image/png" = [ "imv.desktop" ]; + # "image/webp" = [ "imv.desktop" ]; + # }; + + associations.removed = + { + # ...... + }; + }; + + userDirs = { + enable = false; + createDirectories = false; + extraConfig = { + XDG_SCREENSHOTS_DIR = "${config.xdg.userDirs.pictures}/Screenshots"; + }; + }; + }; +} diff --git a/modules/nixos/core.nix b/modules/nixos/core.nix deleted file mode 100644 index e1b49e2..0000000 --- a/modules/nixos/core.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ lib, ... }: -{ - programs = { - git.enable = true; - dconf.enable = true; - vim = { - defaultEditor = true; - }; - }; - - - # This setups a SSH server. Very important if you're setting up a headless system. - # Feel free to remove if you don't need it. - services.openssh = { - enable = true; - # Forbid root login through SSH. - # Use keys only. Remove if you want to SSH using password (not recommended) - settings = { - # permitRootLogin = "no"; - # passwordAuthentication = false; - }; - }; - - - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - networking.firewall.enable = lib.mkDefault false; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "zh_CN.UTF-8"; - LC_IDENTIFICATION = "zh_CN.UTF-8"; - LC_MEASUREMENT = "zh_CN.UTF-8"; - LC_MONETARY = "zh_CN.UTF-8"; - LC_NAME = "zh_CN.UTF-8"; - LC_NUMERIC = "zh_CN.UTF-8"; - LC_PAPER = "zh_CN.UTF-8"; - LC_TELEPHONE = "zh_CN.UTF-8"; - LC_TIME = "zh_CN.UTF-8"; - }; - - time.timeZone = "Asia/Shanghai"; - - nix = { - settings = { - # Enable flakes and new 'nix' command - experimental-features = "nix-command flakes"; - # Deduplicate and optimize nix store - auto-optimise-store = true; - substituters = [ - "https://mirrors.ustc.edu.cn/nix-channels/store" - "https://nixos-cn.cachix.org" - "https://nix-community.cachix.org" - "https://cache.nixos.org/" - ]; - trusted-public-keys = [ - "nixos-cn.cachix.org-1:L0jEaL6w7kwQOPlLoCR3ADx+E3Q8SEFEcB9Jaibl0Xg=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; - }; - gc = { - automatic = true; - dates = "daily"; - options = "--delete-older-than 7d"; - }; - }; -} diff --git a/modules/nixos/core/boot.nix b/modules/nixos/core/boot.nix new file mode 100644 index 0000000..f061f4e --- /dev/null +++ b/modules/nixos/core/boot.nix @@ -0,0 +1,22 @@ +# 引导配置 +{ config, lib, pkgs, ... }: + +{ + boot = { + loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot"; + }; + + grub = { + enable = true; + efiSupport = true; + device = "nodev"; + }; + }; + + # Allow to modify store. It's dangerous!! + readOnlyNixStore = lib.mkDefault true; + }; +} \ No newline at end of file diff --git a/modules/nixos/core/default.nix b/modules/nixos/core/default.nix new file mode 100644 index 0000000..762d36e --- /dev/null +++ b/modules/nixos/core/default.nix @@ -0,0 +1,66 @@ +{ lib, ... }: +{ + imports = [ + ./boot.nix + ./system.nix + ]; + + programs = { + git.enable = true; + dconf.enable = true; + vim = { + defaultEditor = true; + }; + }; + + + # This setups a SSH server. Very important if you're setting up a headless system. + # Feel free to remove if you don't need it. + services = { + openssh = { + enable = true; + # Forbid root login through SSH. + # Use keys only. Remove if you want to SSH using password (not recommended) + settings = { + # permitRootLogin = "no"; + # passwordAuthentication = false; + KbdInteractiveAuthentication = false; + X11Forwarding = false; + }; + }; + + journald.extraConfig = '' + SystemMaxUse=500M + MaxFileSec=7day + ''; + }; + + + # Configure firewall + networking.firewall = lib.mkDefault { + enable = true; + allowedTCPPorts = [ 22 80 443 ]; # 根据需要调整 + allowedUDPPorts = [ 53 ]; # 根据需要调整 + # 如果需要,可以添加特定服务的规则 + allowedTCPPortRanges = [ + { from = 1714; to = 1764; } # KDE Connect + ]; + }; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "zh_CN.UTF-8"; + LC_IDENTIFICATION = "zh_CN.UTF-8"; + LC_MEASUREMENT = "zh_CN.UTF-8"; + LC_MONETARY = "zh_CN.UTF-8"; + LC_NAME = "zh_CN.UTF-8"; + LC_NUMERIC = "zh_CN.UTF-8"; + LC_PAPER = "zh_CN.UTF-8"; + LC_TELEPHONE = "zh_CN.UTF-8"; + LC_TIME = "zh_CN.UTF-8"; + }; + + time.timeZone = "Asia/Shanghai"; +} diff --git a/modules/nixos/core/system.nix b/modules/nixos/core/system.nix new file mode 100644 index 0000000..a0831e8 --- /dev/null +++ b/modules/nixos/core/system.nix @@ -0,0 +1,91 @@ +{ inputs, outputs, config, lib, ... }: + +{ + security = { + sudo.enable = true; + polkit.enable = true; + }; + + services = { + printing.enable = true; + acpid.enable = true; + upower.enable = true; + }; + + nix = { + # This will add each flake input as a registry + # To make nix3 commands consistent with your flake + registry = lib.mapAttrs (_: value: { flake = value; }) inputs; + + # This will additionally add your inputs to the system's legacy channels + # Making legacy nix commands consistent as well, awesome! + nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; + + + settings = { + # Enable flakes and new 'nix' command + experimental-features = "nix-command flakes"; + substituters = [ + "https://mirrors.ustc.edu.cn/nix-channels/store" + "https://nixos-cn.cachix.org" + "https://nix-community.cachix.org" + "https://cache.nixos.org/" + ]; + trusted-public-keys = [ + "nixos-cn.cachix.org-1:L0jEaL6w7kwQOPlLoCR3ADx+E3Q8SEFEcB9Jaibl0Xg=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + trusted-users = [ "root" ]; + + # Enable local binary cache + keep-outputs = true; + keep-derivations = true; + + max-jobs = "auto"; + cores = 0; # Use all available cores + + # Deduplicate and optimize nix store during build + # auto-optimise-store = true; + }; + + gc = { + automatic = true; # Enable automatic garbage collection + dates = "weekly"; # Execute garbage collection weekly + persistent = true; # Keep settings after reboot + randomizedDelaySec = "15min"; # Add up to 15 minutes of random delay + options = "--delete-older-than 30d"; # Delete files older than 30 days + }; + + # Automatically run garbage collection whenever there is not enough space left + # Free up to 5GiB whenever there is less than 1GiB left: + extraOptions = '' + min-free = ${toString (1 * 1024 * 1024 * 1024)} + max-free = ${toString (5 * 1024 * 1024 * 1024)} + ''; + }; + + nixpkgs = { + # You can add overlays here + overlays = [ + # Add overlays your own flake exports (from overlays and pkgs dir): + outputs.overlays.additions + outputs.overlays.modifications + outputs.overlays.unstable-packages + + # You can also add overlays exported from other flakes: + # neovim-nightly-overlay.overlays.default + + # Or define it inline, for example: + # (final: prev: { + # hi = final.hello.overrideAttrs (oldAttrs: { + # patches = [ ./change-hello-to-hi.patch ]; + # }); + # }) + ]; + # Configure your nixpkgs instance + config = { + # Disable if you don't want unfree packages + allowUnfree = true; + }; + }; +} diff --git a/modules/nixos/fonts/default.nix b/modules/nixos/fonts/default.nix index 50659d9..abbeaa4 100644 --- a/modules/nixos/fonts/default.nix +++ b/modules/nixos/fonts/default.nix @@ -1,48 +1,44 @@ -{ config, lib, pkgs, ... }: - -{ - imports = [ - ./fhs-fonts.nix - ]; - - environment.systemPackages = with pkgs; [ - twemoji-color-font - ]; - - # all fonts are linked to /nix/var/nix/profiles/system/sw/share/X11/fonts - fonts = { - # use fonts specified by user rather than default ones - enableDefaultFonts = false; - fontDir.enable = true; - - fonts = with pkgs; [ - # icon fonts - material-design-icons - font-awesome - - # Noto 系列字体是 Google 主导的,名字的含义是「没有豆腐」q(no tofu),因为缺字时显示的方框或者方框被叫作 tofu - # Noto 系列字族名只支持英文,命名规则是 Noto + Sans 或 Serif + 文字名称。 - # 其中汉字部分叫 Noto Sans/Serif CJK SC/TC/HK/JP/KR,最后一个词是地区变种。 - noto-fonts # 大部分文字的常见样式,不包含汉字 - noto-fonts-cjk # 汉字部分 - noto-fonts-emoji # 彩色的表情符号字体 - noto-fonts-extra # 提供额外的字重和宽度变种 - - # 思源系列字体是 Adobe 主导的。其中汉字部分被称为「思源黑体」和「思源宋体」,是由 Adobe + Google 共同开发的 - source-sans # 无衬线字体,不含汉字。字族名叫 Source Sans 3 和 Source Sans Pro,以及带字重的变体,加上 Source Sans 3 VF - source-serif # 衬线字体,不含汉字。字族名叫 Source Code Pro,以及带字重的变体 - source-han-sans # 思源黑体 - source-han-serif # 思源宋体 - - # nerdfonts - (nerdfonts.override { - fonts = [ - # "FiraCode" - "JetBrainsMono" - # "Iosevka" - ]; - }) - - ]; - }; -} +{ config, lib, pkgs, ... }: + +{ + imports = [ + ./fhs-fonts.nix + ]; + + environment.systemPackages = with pkgs; [ + twemoji-color-font + ]; + + # all fonts are linked to /nix/var/nix/profiles/system/sw/share/X11/fonts + fonts = { + # use fonts specified by user rather than default ones + enableDefaultFonts = false; + fontDir.enable = true; + + fonts = with pkgs; [ + # Noto 系列字体是 Google 主导的,名字的含义是「没有豆腐」q(no tofu),因为缺字时显示的方框或者方框被叫作 tofu + # Noto 系列字族名只支持英文,命名规则是 Noto + Sans 或 Serif + 文字名称。 + # 其中汉字部分叫 Noto Sans/Serif CJK SC/TC/HK/JP/KR,最后一个词是地区变种。 + noto-fonts # 大部分文字的常见样式,不包含汉字 + noto-fonts-cjk # 汉字部分 + noto-fonts-emoji # 彩色的表情符号字体 + noto-fonts-extra # 提供额外的字重和宽度变种 + + # 思源系列字体是 Adobe 主导的。其中汉字部分被称为「思源黑体」和「思源宋体」,是由 Adobe + Google 共同开发的 + source-sans # 无衬线字体,不含汉字。字族名叫 Source Sans 3 和 Source Sans Pro,以及带字重的变体,加上 Source Sans 3 VF + source-serif # 衬线字体,不含汉字。字族名叫 Source Code Pro,以及带字重的变体 + source-han-sans # 思源黑体 + source-han-serif # 思源宋体 + + # nerdfonts + (nerdfonts.override { + fonts = [ + # "FiraCode" + "JetBrainsMono" + # "Iosevka" + ]; + }) + + ]; + }; +} diff --git a/modules/nixos/fonts/fhs-fonts.nix b/modules/nixos/fonts/fhs-fonts.nix index 3743c74..9fc2a47 100644 --- a/modules/nixos/fonts/fhs-fonts.nix +++ b/modules/nixos/fonts/fhs-fonts.nix @@ -1,33 +1,33 @@ -{ - config, - pkgs, - ... -}: { - ################################################################################### - # - # Copy from https://github.com/NixOS/nixpkgs/issues/119433#issuecomment-1326957279 - # Mainly for flatpak - # 1. bindfs resolves all symlink, - # 2. allowing all fonts to be accessed at `/usr/share/fonts` - # 3. without letting /nix into the sandbox. - # - ################################################################################### - - system.fsPackages = [pkgs.bindfs]; - fileSystems = let - mkRoSymBind = path: { - device = path; - fsType = "fuse.bindfs"; - options = ["ro" "resolve-symlinks" "x-gvfs-hide"]; - }; - aggregatedFonts = pkgs.buildEnv { - name = "system-fonts"; - paths = config.fonts.fonts; - pathsToLink = ["/share/fonts"]; - }; - in { - # Create an FHS mount to support flatpak host icons/fonts - "/usr/share/icons" = mkRoSymBind (config.system.path + "/share/icons"); - "/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts"); - }; -} +{ + config, + pkgs, + ... +}: { + ################################################################################### + # + # Copy from https://github.com/NixOS/nixpkgs/issues/119433#issuecomment-1326957279 + # Mainly for flatpak + # 1. bindfs resolves all symlink, + # 2. allowing all fonts to be accessed at `/usr/share/fonts` + # 3. without letting /nix into the sandbox. + # + ################################################################################### + + system.fsPackages = [pkgs.bindfs]; + fileSystems = let + mkRoSymBind = path: { + device = path; + fsType = "fuse.bindfs"; + options = ["ro" "resolve-symlinks" "x-gvfs-hide"]; + }; + aggregatedFonts = pkgs.buildEnv { + name = "system-fonts"; + paths = config.fonts.fonts; + pathsToLink = ["/share/fonts"]; + }; + in { + # Create an FHS mount to support flatpak host icons/fonts + "/usr/share/icons" = mkRoSymBind (config.system.path + "/share/icons"); + "/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts"); + }; +} diff --git a/modules/nixos/sysatomic.nix b/modules/nixos/sysatomic.nix new file mode 100644 index 0000000..59c5d6c --- /dev/null +++ b/modules/nixos/sysatomic.nix @@ -0,0 +1,61 @@ +# 配置原子系统, 使用 tmpfs 作为根文件系统, 并配置持久化存储 +{ config, pkgs, username, inputs, lib, ... }: +{ + imports = [ + inputs.impermanence.nixosModules.impermanence + ]; + + # 启用 tmpfs 作为根文件系统 + fileSystems."/" = lib.mkForce { + device = "none"; + fsType = "tmpfs"; + options = [ "relatime" "mode=755" ]; + }; + + # 将 /nix 目录绑定到持久化存储 + fileSystems."/nix" = lib.mkForce { + device = "/dev/disk/by-label/nixos"; # 需要根据实际情况修改 + fsType = "btrfs"; + options = [ "compress-force=zstd" ]; + + }; + + # 配置持久化存储 + environment.persistence."/nix/persistent" = { + hideMounts = true; + directories = [ + "/etc/nixos" + "/etc/NetworkManager/system-connections" + "/var/log" + "/var/lib" + "/root" + ]; + + files = [ + "/etc/machine-id" + "/etc/ssh/ssh_host_ed25519_key" + "/etc/ssh/ssh_host_ed25519_key.pub" + "/etc/ssh/ssh_host_rsa_key" + "/etc/ssh/ssh_host_rsa_key.pub" + ]; + + users.${username} = { + directories = [ + ".config" + ".cache" + ".local" + ".ssh" + ".vscode" + ".npm" + ".nix" + "data" + "doc" + ]; + + files = [ + ".zsh_history" + ".gitconfig" + ]; + }; + }; +} diff --git a/modules/nixos/user-group.nix b/modules/nixos/user.nix similarity index 71% rename from modules/nixos/user-group.nix rename to modules/nixos/user.nix index b45707e..35abc94 100644 --- a/modules/nixos/user-group.nix +++ b/modules/nixos/user.nix @@ -5,9 +5,6 @@ # Define a user account. Don't forget to set a password with ‘passwd’. users = { - groups = { - docker = { }; - }; users."${username}" = { # the hashed password with salt is generated by run `mkpasswd`. hashedPassword = "$y$j9T$inkrp6FuM46uoPFVrOlbz1$igJed6pECf4AENVaLT4mk.Q4z02MmxjWnGo.OVvCyC."; @@ -21,7 +18,6 @@ "audio" ]; openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQOn+imHUzz7KvNYE1mBTjwhMZ0HMyVNwkc6p/6Qak0ejzdyx6mNk9AlKOZB1UQvniWBT8z//u/8DqMT9OL8X0VZmQQTTIpSnvuYRxkH6thkoX9c0umo9GrMGWZN3WIsD71dfiJLMagqPxX7HWgkONBFxJHmBUfP4CXLgLdZs7dUMBm5tILx09zWU7Ttv120NuFdPYENAg8hNka3hjBbXbnDQdp2Y8TPY2Dbcg3MnVZ6Q7LMfKUkVYIoDHEiN6ZAJQaYIU+f2PeNxCb5WqRo2AiZwuzJtQO0VARRIf8hAs5wnX3gU68sWBvLr7payeaYsAyD+C7I4EpyNA8TrwKotrmripv+y5hjHiG7fL97vZEzSfIJH2KEAg7ojGDBbcwAcBKGn4PjwaCdUM7MGm6hj7cMHJf/32rXyc4u7LUZxTjXS5/dKWhF+sCycbBASRlSW93jlnxoUY/zPK4IRnzaF0WL7kUxfBglfFf8UMSgAZNncESNr36hsWFKcFqKUto48= alex@zion.xzdcbj.com.cn" ]; }; }; diff --git a/modules/nixos/virtualize/libvirtd/default.nix b/modules/nixos/virtualize/libvirtd/default.nix index 7ec826b..9a37d23 100644 --- a/modules/nixos/virtualize/libvirtd/default.nix +++ b/modules/nixos/virtualize/libvirtd/default.nix @@ -10,8 +10,8 @@ # Ref: https://nixos.wiki/wiki/NixOps/Virtualization boot = { - kernelModules = [ "kvm-intel" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ]; - kernelParams = [ "intel_iommu=on" "iommu=pt" ]; + kernelModules = [ "kvm-amd" "kvm-intel" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ]; + kernelParams = [ "amd_iommu=on" "intel_iommu=on" "iommu=pt" ]; # extraModprobeConfig = "options vfio-pci ids=8086:1901,10de:1b81,10de:10f0"; }; virtualisation.libvirtd = { diff --git a/overlays/default.nix b/overlays/default.nix index d96dc0c..98090bd 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -25,6 +25,13 @@ }; }; + home-manager-unstable = final: _prev: { + hunstable = import inputs.home-manager-unstable { + system = final.system; + config.allowUnfree = true; + }; + }; + nur-packages = final: _prev: { nur = import inputs.nur { nurpkgs = final; diff --git a/profiles/apollo/default.nix b/profiles/apollo/default.nix new file mode 100644 index 0000000..339ee34 --- /dev/null +++ b/profiles/apollo/default.nix @@ -0,0 +1,45 @@ +{ inputs, outputs, lib, pkgs, config, self, username, useremail, hostname, sysversion, ... }: +let + inherit (inputs) home-manager hyprland; +in +{ + # You can import other NixOS modules here + imports = [ + # If you want to use modules your own flake exports (from modules/nixos): + # outputs.nixosModules.example + + # Or modules from other flakes (such as nixos-hardware): + # inputs.hardware.nixosModules.common-cpu-amd + # inputs.hardware.nixosModules.common-ssd + + # You can also split up your configuration and import pieces of it here: + # ./users.nix + + # Import your generated (nixos-generate-config) hardware configuration + ./hardware-configuration.nix + ./networking.nix + "${self}/modules/nixos/core" + "${self}/modules/nixos/user.nix" + "${self}/modules/nixos/sysatomic.nix" + + home-manager.nixosModules.home-manager + { + # home-manager.useGlobalPkgs = true; + # home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { + inherit inputs outputs hostname username hyprland sysversion; + }; + home-manager.users."${username}" = { ... }: { + imports = [ + "${self}/home/desktop.nix" + "${self}/modules/home/develop.nix" + ]; + }; + } + ]; + + networking.hostName = "${hostname}"; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + system.stateVersion = sysversion; +} diff --git a/profiles/gaea/default.nix b/profiles/gaea/default.nix index 3e7fe8b..c879d57 100644 --- a/profiles/gaea/default.nix +++ b/profiles/gaea/default.nix @@ -1,4 +1,4 @@ -{ inputs, outputs, lib, pkgs, config, self, username, useremail, hostname, ... }: +{ inputs, outputs, lib, pkgs, config, self, username, useremail, hostname, sysversion, ... }: let inherit (inputs) home-manager hyprland nixpkgs-unstable; in @@ -13,22 +13,21 @@ in # inputs.hardware.nixosModules.common-ssd # You can also split up your configuration and import pieces of it here: - # ./users.nix + # ./users # Import your generated (nixos-generate-config) hardware configuration - ./hardware-configuration.nix - ./networking.nix - "${self}/modules/nixos/core.nix" + ./hardware-configuration + ./networking + "${self}/modules/nixos/core" + "${self}/modules/nixos/sysatomic.nix" "${self}/modules/nixos/nvidia.nix" - "${self}/modules/nixos/gnome.nix" "${self}/modules/nixos/hyprland.nix" - "${self}/modules/nixos/user-group.nix" + "${self}/modules/nixos/user.nix" "${self}/modules/nixos/samba.nix" "${self}/modules/nixos/zfs.nix" "${self}/modules/nixos/adb.nix" "${self}/modules/nixos/virtualize/libvirtd" - "${self}/modules/nixos/virtualize/android.nix" "${self}/modules/nixos/virtualize/docker.nix" "${self}/modules/nixos/fonts" @@ -38,7 +37,7 @@ in # home-manager.useGlobalPkgs = true; # home-manager.useUserPackages = true; home-manager.extraSpecialArgs = { - inherit inputs outputs hostname username useremail hyprland; + inherit inputs outputs hostname username useremail hyprland sysversion; # enable unstable packages nixpkgs = nixpkgs-unstable; @@ -59,31 +58,9 @@ in } ]; - boot = { - loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; - }; - - grub = { - enable = true; - efiSupport = true; - device = "nodev"; - }; - }; - - zfs.extraPools = [ "zroot" ]; - - # Allow to modify store. It's dangerous!! - readOnlyNixStore = true; - }; - - environment.systemPackages = with pkgs;[ # audio control software pamixer - ntfs3g ]; # set hdmi audio default device @@ -93,55 +70,6 @@ in extraConfig = "set-card-profile 1 output:alsa_output.pci-0000_00_1f.3.hdmi-stereo"; }; - nix = { - # This will add each flake input as a registry - # To make nix3 commands consistent with your flake - registry = lib.mapAttrs (_: value: { flake = value; }) inputs; - - # This will additionally add your inputs to the system's legacy channels - # Making legacy nix commands consistent as well, awesome! - nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; - - settings = { - substituters = [ - "https://mirrors.ustc.edu.cn/nix-channels/store" - "https://nixos-cn.cachix.org" - "https://nix-community.cachix.org" - "https://cache.nixos.org/" - ]; - trusted-public-keys = [ - "nixos-cn.cachix.org-1:L0jEaL6w7kwQOPlLoCR3ADx+E3Q8SEFEcB9Jaibl0Xg=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; - }; - }; - - nixpkgs = { - # You can add overlays here - overlays = [ - # Add overlays your own flake exports (from overlays and pkgs dir): - outputs.overlays.additions - outputs.overlays.modifications - outputs.overlays.unstable-packages - outputs.overlays.nur-packages - - # You can also add overlays exported from other flakes: - # neovim-nightly-overlay.overlays.default - - # Or define it inline, for example: - # (final: prev: { - # hi = final.hello.overrideAttrs (oldAttrs: { - # patches = [ ./change-hello-to-hi.patch ]; - # }); - # }) - ]; - # Configure your nixpkgs instance - config = { - # Disable if you don't want unfree packages - allowUnfree = true; - }; - }; - # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - system.stateVersion = "23.05"; + system.stateVersion = sysversion; } diff --git a/profiles/gaea/hardware-configuration.nix b/profiles/gaea/hardware-configuration.nix deleted file mode 100644 index 8fbef2a..0000000 --- a/profiles/gaea/hardware-configuration.nix +++ /dev/null @@ -1,58 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, username, ... }: - -{ - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { - device = "/dev/disk/by-uuid/1be5aa7e-2b12-4532-9e42-65cd48b72aa6"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/F436-93A1"; - fsType = "vfat"; - }; - - fileSystems."/home/${username}/tmp" = - { - device = "none"; - fsType = "tmpfs"; - options = [ "uid=1000" "gid=100" "defaults" "size=8G" "mode=755" ]; - }; - - fileSystems."/tmp" = - { - device = "tmpfs"; - fsType = "tmpfs"; - }; - - swapDevices = [{ - device = "/var/swapfile"; - size = 8 * 1024; - }]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eno1.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/profiles/gaea/hardware.nix b/profiles/gaea/hardware.nix new file mode 100644 index 0000000..2abac50 --- /dev/null +++ b/profiles/gaea/hardware.nix @@ -0,0 +1,25 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, username, ... }: + +{ + + fileSystems."/home/${username}/tmp" = + { + device = "none"; + fsType = "tmpfs"; + options = [ "uid=1000" "gid=100" "defaults" "size=8G" "mode=755" ]; + }; + + fileSystems."/tmp" = + { + device = "tmpfs"; + fsType = "tmpfs"; + }; + + swapDevices = [{ + device = "/var/swapfile"; + size = 16 * 1024; + }]; +} diff --git a/profiles/luna/default.nix b/profiles/luna/default.nix index b0b19ed..339ee34 100644 --- a/profiles/luna/default.nix +++ b/profiles/luna/default.nix @@ -1,4 +1,4 @@ -{ inputs, outputs, lib, pkgs, config, self, username, useremail, hostname, ... }: +{ inputs, outputs, lib, pkgs, config, self, username, useremail, hostname, sysversion, ... }: let inherit (inputs) home-manager hyprland; in @@ -17,128 +17,29 @@ in # Import your generated (nixos-generate-config) hardware configuration ./hardware-configuration.nix - "${self}/modules/nixos/core.nix" - "${self}/modules/nixos/user-group.nix" + ./networking.nix + "${self}/modules/nixos/core" + "${self}/modules/nixos/user.nix" + "${self}/modules/nixos/sysatomic.nix" home-manager.nixosModules.home-manager { # home-manager.useGlobalPkgs = true; # home-manager.useUserPackages = true; home-manager.extraSpecialArgs = { - inherit inputs outputs hostname username hyprland; + inherit inputs outputs hostname username hyprland sysversion; + }; + home-manager.users."${username}" = { ... }: { + imports = [ + "${self}/home/desktop.nix" + "${self}/modules/home/develop.nix" + ]; }; - home-manager.users."${username}" = import ../../home/desktop.nix; } ]; - boot.loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; - }; - - grub = { - enable = true; - efiSupport = true; - device = "nodev"; - }; - }; - - # FIXME: Add the rest of your current configuration - - # TODO: Set your hostname - networking = { - hostName = "${hostname}"; - - wireless.enable = false; # Enables wireless support via wpa_supplicant. - - # Configure network proxy if necessary - # proxy.default = "http://user:password@proxy:port/"; - # proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - networkmanager.enable = true; - - enableIPv6 = false; # disable ipv6 - interfaces.enp0s3 = { - useDHCP = false; - ipv4.addresses = [ - { - address = "10.7.45.130"; - prefixLength = 32; - } - ]; - }; - defaultGateway = "10.7.45.1"; - nameservers = [ - "119.29.29.29" # DNSPod - "223.5.5.5" # AliDNS - ]; - }; - - users.users."${username}".packages = with pkgs; [ - vim - ]; - - - # This setups a SSH server. Very important if you're setting up a headless system. - # Feel free to remove if you don't need it. - services.openssh = { - enable = true; - # Forbid root login through SSH. - # Use keys only. Remove if you want to SSH using password (not recommended) - settings = { - # permitRootLogin = "no"; - # passwordAuthentication = false; - }; - }; - - - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = lib.mkDefault false; - - nix = { - # This will add each flake input as a registry - # To make nix3 commands consistent with your flake - registry = lib.mapAttrs (_: value: { flake = value; }) inputs; - - # This will additionally add your inputs to the system's legacy channels - # Making legacy nix commands consistent as well, awesome! - nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; - - settings = { - # Enable flakes and new 'nix' command - experimental-features = "nix-command flakes"; - # Deduplicate and optimize nix store - auto-optimise-store = true; - }; - }; - nixpkgs = { - # You can add overlays here - overlays = [ - # Add overlays your own flake exports (from overlays and pkgs dir): - outputs.overlays.additions - outputs.overlays.modifications - outputs.overlays.unstable-packages - - # You can also add overlays exported from other flakes: - # neovim-nightly-overlay.overlays.default - - # Or define it inline, for example: - # (final: prev: { - # hi = final.hello.overrideAttrs (oldAttrs: { - # patches = [ ./change-hello-to-hi.patch ]; - # }); - # }) - ]; - # Configure your nixpkgs instance - config = { - # Disable if you don't want unfree packages - allowUnfree = true; - }; - }; + networking.hostName = "${hostname}"; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion - system.stateVersion = "23.05"; + system.stateVersion = sysversion; } diff --git a/profiles/luna/hardware-configuration.nix b/profiles/luna/hardware-configuration.nix deleted file mode 100644 index 3f34a3a..0000000 --- a/profiles/luna/hardware-configuration.nix +++ /dev/null @@ -1,35 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ ]; - - boot.initrd.availableKernelModules = [ "ata_piix" "ohci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/f8c5e9ad-010f-4201-9465-7486c5ffbaaa"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/FEB9-6991"; - fsType = "vfat"; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s3.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - virtualisation.virtualbox.guest.enable = true; -} diff --git a/profiles/luna/networking.nix b/profiles/luna/networking.nix new file mode 100644 index 0000000..9018628 --- /dev/null +++ b/profiles/luna/networking.nix @@ -0,0 +1,30 @@ +# 网络配置 +{ config, lib, pkgs, ... }: + +{ + networking = { + wireless.enable = false; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # proxy.default = "http://user:password@proxy:port/"; + # proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + networkmanager.enable = true; + + enableIPv6 = false; # disable ipv6 + interfaces.enp0s3 = { + useDHCP = false; + ipv4.addresses = [ + { + address = "10.7.45.130"; + prefixLength = 24; + } + ]; + }; + defaultGateway = "10.7.45.1"; + nameservers = [ + "119.29.29.29" # DNSPod + "223.5.5.5" # AliDNS + ]; + }; +}