alex/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

re-init

Browse Source
This commit is contained in:
alex
2025-04-21 11:15:37 +08:00
parent f1df0aae36
commit cba96645e5
26 changed files with 619 additions and 423 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
README.md
View File

@@ -42,11 +42,15 @@
3. 挂载
```bash
mkdir -p /mnt/{boot,nix}
mount /dev/sda2 /mnt/nix
mkdir -p /mnt/boot
mount /dev/sda1 /mnt/boot
```
3.1 不变系统
如何希望使用不变原子系统, 在 profile 中引入 `modules/nixos/sysatomic.nix` 模块.
4. 生成一个基本的配置
```bash
@@ -56,10 +60,8 @@
5. 克隆仓库到本地
```bash
nix-shell -p git
git clone https://github.com/synebula/.nix.git /mnt/.nix
cd /mnt/.nix/
nix develop --extra-experimental-features "nix-command flakes"
git clone https://github.com/synebula/.nix.git /mnt/nix/.nix
cd /mnt/nix/.nix
```
6. 将 /mnt/etc/nixos 中的 `hardware-configuration.nix` 拷贝到 `/mnt/.nix/profiles/<profile>/hardware-configuration.nix` 其中`<profile>`指需要的 profile。
@@ -67,19 +69,20 @@ nix develop --extra-experimental-features "nix-command flakes"
```bash
cp /mnt/etc/nixos/hardware-configuration.nix /mnt/.nix/profiles/<profile>/hardware-configuration.nix
```
7. 用户名修改: 编辑 `/mnt/.nix/flake.nix` 修改 **username** 变量。
8. 使用 `mkpasswd {PASSWORD} -m sha-512` 命令生成的密码哈希串替换掉 `/mnt/.nix/modules/nixos/user-group.nix` 中的 `users.users.<name>.hashedPassword` 值替换掉。
9. 安装
```bash
nixos-install --option substituters "https://mirrors.ustc.edu.cn/nix-channels/store https://cache.nixos.org" --no-root-passwd --flake .#<profile>
./nixos-install.sh <profile>
# 或者
./nixos-install <profile>
nixos-install --option substituters "https://mirrors.ustc.edu.cn/nix-channels/store https://cache.nixos.org" --no-root-passwd --flake .#<profile>
```
10. 重启
@@ -90,6 +93,6 @@ reboot
### 日常更新系统脚本
``` bash
./nixos-switch
```
```bash
./nixos-switch.sh
```

214
flake.lock generated Normal file
View File

@@ -0,0 +1,214 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1693208669,
"narHash": "sha256-hHFaaUsZ860wvppPeiu7nJn/nXZjJfnqAQEu9SPFE9I=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "5bac4a1c06cd77cf8fc35a658ccb035a6c50cd2c",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-23.05",
"repo": "home-manager",
"type": "github"
}
},
"home-manager-unstable": {
"inputs": {
"nixpkgs": [
"nixpkgs-unstable"
]
},
"locked": {
"lastModified": 1693859358,
"narHash": "sha256-r3Pak/ao3p8weTzR+Ry3qQrfRsmSOwWW5sAe73mrYKs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "886ea1d213efd1082f419d066e89ef37635dc970",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"hyprland": {
"inputs": {
"hyprland-protocols": "hyprland-protocols",
"nixpkgs": "nixpkgs",
"systems": "systems",
"wlroots": "wlroots",
"xdph": "xdph"
},
"locked": {
"lastModified": 1693468538,
"narHash": "sha256-3kWvxxIlMwYqUg4txxBipH3CEQglLNGPjtQnpNeoHJY=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "fc0c1896e097b3c3b2170ae69d38724e43960fe1",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "Hyprland",
"type": "github"
}
},
"hyprland-protocols": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1691753796,
"narHash": "sha256-zOEwiWoXk3j3+EoF3ySUJmberFewWlagvewDRuWYAso=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "0c2ce70625cb30aef199cb388f99e19a61a6ce03",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-protocols",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1693158576,
"narHash": "sha256-aRTTXkYvhXosGx535iAFUaoFboUrZSYb1Ooih/auGp0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a999c1cc0c9eb2095729d5aa03e0d8f7ed256780",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1693377291,
"narHash": "sha256-vYGY9bnqEeIncNarDZYhm6KdLKgXMS+HA2mTRaWEc80=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e7f38be3775bab9659575f192ece011c033655f0",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1693341273,
"narHash": "sha256-wrsPjsIx2767909MPGhSIOmkpGELM9eufqLQOPxmZQg=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2ab91c8d65c00fd22a441c69bbf1bc9b420d5ea1",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-23.05",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"home-manager-unstable": "home-manager-unstable",
"hyprland": "hyprland",
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable"
}
},
"systems": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"wlroots": {
"flake": false,
"locked": {
"host": "gitlab.freedesktop.org",
"lastModified": 1692976565,
"narHash": "sha256-eBKkG7tMxg92NskEn8dHRFY245JwjirWRoOZzW6DnUw=",
"owner": "wlroots",
"repo": "wlroots",
"rev": "717ded9bb0191ea31bf4368be32e7a15fe1b8294",
"type": "gitlab"
},
"original": {
"host": "gitlab.freedesktop.org",
"owner": "wlroots",
"repo": "wlroots",
"rev": "717ded9bb0191ea31bf4368be32e7a15fe1b8294",
"type": "gitlab"
}
},
"xdph": {
"inputs": {
"hyprland-protocols": [
"hyprland",
"hyprland-protocols"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1691841170,
"narHash": "sha256-RCTm1/MVWYPnReMgyp7tr2ogGYo/pvw38jZaFwemgPU=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "57a3a41ba6b358109e4fc25c6a4706b5f7d93c6b",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

12
flake.nix
View File

@@ -1,4 +1,3 @@
# Configuration file init by: nix flake init -t github:misterio77/nix-starter-config#standard
{
outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, home-manager-unstable, ... }@inputs:
let
@@ -42,7 +41,6 @@
# Available through 'home-manager --flake .#your-username@your-hostname'
# Or run 'nix build .#homeConfigurations.<username>.activationPackage' in none-nixos distro first
homeConfigurations = {
# FIXME replace with your username@hostname
"${username}" = home-manager-unstable.lib.homeManagerConfiguration {
pkgs = nixpkgs-unstable.packages.x86_64-linux; # Home-manager requires 'pkgs' instance
extraSpecialArgs = {
@@ -65,28 +63,26 @@
inputs = {
# Nixpkgs
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
# You can access packages and modules from different nixpkgs revs
# at the same time. Here's an working example:
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# Also see the 'unstable-packages' overlay at 'overlays/default.nix'.
# The Nix User Repository
# nur.url = github:nix-community/NUR;
# Home manager
home-manager = {
url = "github:nix-community/home-manager/release-24.11";
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
# Home manager
home-manager-unstable = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
hyprland.url = "github:hyprwm/Hyprland";
# Impermanence system
impermanence.url = "github:nix-community/impermanence";
# TODO: Add any other flake you might need
# hardware.url = "github:nixos/nixos-hardware";

24
home/core.nix
View File

@@ -13,11 +13,8 @@
];
};
# Enable home-manager and git
# Enable git
programs = {
# home-manager.enable = true;
# git.enable = true;
git = {
enable = true;
@@ -60,6 +57,25 @@
shellAliases = { };
};
zsh = {
enable = true;
enableCompletion = true;
autosuggestion.enable = true;
syntaxHighlighting.enable = true;
shellAliases = {
la = "ls -la";
ll = "ls -l";
edit = "sudo -e";
update = "sudo nixos-rebuild switch";
};
history.size = 10000;
history.ignoreAllDups = true;
history.path = "$HOME/.zsh_history";
history.ignorePatterns = ["rm *" "pkill *" "cp *"];
};
vim = {
enable = true;
plugins = with pkgs.vimPlugins; [ vim-airline ];

37
home/desktop.nix
View File

@@ -12,13 +12,14 @@
# inputs.nix-colors.homeManagerModules.default
# You can also split up your configuration and import pieces of it here:
# ./nvim.nix
./core.nix
# ../modules/home/hyprland
./core
../modules/home/hyprland
../modules/home/v2ray
../modules/home/xdg
../modules/home/theme
../modules/home/fcitx
../modules/home/vscode
# ../modules/home/v2ray
../modules/home/xdg.nix
../modules/home/theme.nix
../modules/home/develop
];
home = {
@@ -34,37 +35,17 @@
zip
unzip
lsof
htop
pciutils # lspci etc.
frp
xorg.xhost
# nur.repos.linyinfeng.wemeet
];
sessionVariables = {
XIM = "fcitx";
XIM_PROGRAM = "fcitx";
XMODIFIERS = "@im=fcitx";
};
};
programs = {
bash = {
initExtra = ''
export XIM="fcitx"
export XIM_PROGRAM="fcitx"
export XMODIFIERS="@im=fcitx"
'';
JAVA_HOME = "";
};
};
i18n.inputMethod = {
enabled = "fcitx5";
fcitx5.addons = with pkgs; [
fcitx5-chinese-addons
];
};
# Enable home-manager and git
programs = {

12
modules/home/develop.nix Normal file
View File

@@ -0,0 +1,12 @@
{ pkgs, ... }:
{
home = {
packages = with pkgs; [
dbeaver
go
nodejs
yarn
];
}
}

22
modules/home/fcitx.nix Normal file
View File

@@ -0,0 +1,22 @@
# 输入法配置模块
{ config, lib, pkgs, ... }:
{
home = {
packages = [ pkgs.catppuccin-fcitx5 ];
sessionVariables = {
GTK_IM_MODULE = "fcitx";
QT_IM_MODULE = "fcitx";
XIM = "fcitx";
XIM_PROGRAM = "fcitx";
XMODIFIERS = "@im=fcitx";
};
};
i18n.inputMethod = {
enabled = "fcitx5";
fcitx5.addons = with pkgs; [
fcitx5-chinese-addons
];
};
}

6
modules/home/hyprland/default.nix
View File

@@ -35,6 +35,7 @@
wayland.windowManager.hyprland = {
enable = true;
systemdIntegration = true;
enableNvidiaPatches = true;
# extraConfig = builtins.readFile ./conf/hyprland.conf;
};
@@ -55,6 +56,11 @@
recursive = true;
};
home.file.".config/swww" = {
source = ./conf/swww;
recursive = true;
};
home.file.".config/waybar" = {
source = ./conf/waybar;
recursive = true;

21
modules/home/vscode/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }:
{ pkgs, ... }:
{
imports = [
@@ -7,16 +7,21 @@
vscode = {
enable = true;
extensions = with pkgs.vscode-extensions; [
jnoortheen.nix-ide
bierner.markdown-mermaid
esbenp.prettier-vscode
foxundermoon.shell-format
github.copilot
github.copilot-chat
golang.go
jnoortheen.nix-ide
pkief.material-icon-theme
] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
# {
# name = "aws-toolkit-vscode";
# publisher = "amazonwebservices";
# version = "1.9.0";
# sha256 = "erRg/C0qSrPg0cK2qmnULOnFGj/mVQTyBy5Kyj1ZfVw=";
# }
{
name = "vscode-augment";
publisher = "augment";
version = "0.409.1";
sha256 = "erRg/C0qSrPg0cK2qmnULOnFGj/mVQTyBy5Kyj1ZfVw=";
}
];
userSettings = builtins.fromJSON (builtins.readFile ./settings.json);
};

2
modules/home/vscode/settings.json
View File

@@ -40,7 +40,7 @@
"git.enableSmartCommit": true,
"javascript.updateImportsOnFileMove.enabled": "always",
"security.workspace.trust.untrustedFiles": "open",
"terminal.integrated.fontFamily": "\"Source Code Pro\"",
"terminal.integrated.fontFamily": "'Source Code Pro'",
"terminal.integrated.tabs.location": "left",
"typescript.updateImportsOnFileMove.enabled": "always",
"workbench.iconTheme": "material-icon-theme"

75
modules/nixos/core.nix
View File

@@ -1,75 +0,0 @@
{ lib, ... }:
{
programs = {
git.enable = true;
dconf.enable = true;
vim = {
defaultEditor = true;
};
};
# This setups a SSH server. Very important if you're setting up a headless system.
# Feel free to remove if you don't need it.
services.openssh = {
enable = true;
# Forbid root login through SSH.
# Use keys only. Remove if you want to SSH using password (not recommended)
settings = {
# permitRootLogin = "no";
# passwordAuthentication = false;
};
};
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = lib.mkDefault false;
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "zh_CN.UTF-8";
LC_IDENTIFICATION = "zh_CN.UTF-8";
LC_MEASUREMENT = "zh_CN.UTF-8";
LC_MONETARY = "zh_CN.UTF-8";
LC_NAME = "zh_CN.UTF-8";
LC_NUMERIC = "zh_CN.UTF-8";
LC_PAPER = "zh_CN.UTF-8";
LC_TELEPHONE = "zh_CN.UTF-8";
LC_TIME = "zh_CN.UTF-8";
};
time.timeZone = "Asia/Shanghai";
nix = {
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Deduplicate and optimize nix store
auto-optimise-store = true;
substituters = [
"https://mirrors.ustc.edu.cn/nix-channels/store"
"https://mirror.sjtu.edu.cn/nix-channels/store"
"https://mirrors.tuna.tsinghua.edu.cn/nix-channels/store"
"https://nixos-cn.cachix.org"
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
"nixos-cn.cachix.org-1:L0jEaL6w7kwQOPlLoCR3ADx+E3Q8SEFEcB9Jaibl0Xg="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
# 添加以下配置以允许失败时从源码构建
fallback = true;
keep-going = true;
};
gc = {
automatic = true;
dates = "daily";
options = "--delete-older-than 31d";
};
};
}

22
modules/nixos/core/boot.nix Normal file
View File

@@ -0,0 +1,22 @@
# 引导配置
{ config, lib, pkgs, ... }:
{
boot = {
loader = {
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
grub = {
enable = true;
efiSupport = true;
device = "nodev";
};
};
# Allow to modify store. It's dangerous!!
readOnlyNixStore = lib.mkDefault true;
};
}

66
modules/nixos/core/default.nix Normal file
View File

@@ -0,0 +1,66 @@
{ lib, ... }:
{
imports = [
./boot
./system
];
programs = {
git.enable = true;
dconf.enable = true;
vim = {
defaultEditor = true;
};
};
# This setups a SSH server. Very important if you're setting up a headless system.
# Feel free to remove if you don't need it.
services = {
openssh = {
enable = true;
# Forbid root login through SSH.
# Use keys only. Remove if you want to SSH using password (not recommended)
settings = {
# permitRootLogin = "no";
# passwordAuthentication = false;
KbdInteractiveAuthentication = false;
X11Forwarding = false;
};
};
journald.extraConfig = ''
SystemMaxUse=500M
MaxFileSec=7day
'';
};
# Configure firewall
networking.firewall = lib.mkDefault {
enable = true;
allowedTCPPorts = [ 22 80 443 ]; # 根据需要调整
allowedUDPPorts = [ 53 ]; # 根据需要调整
# 如果需要,可以添加特定服务的规则
allowedTCPPortRanges = [
{ from = 1714; to = 1764; } # KDE Connect
];
};
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "zh_CN.UTF-8";
LC_IDENTIFICATION = "zh_CN.UTF-8";
LC_MEASUREMENT = "zh_CN.UTF-8";
LC_MONETARY = "zh_CN.UTF-8";
LC_NAME = "zh_CN.UTF-8";
LC_NUMERIC = "zh_CN.UTF-8";
LC_PAPER = "zh_CN.UTF-8";
LC_TELEPHONE = "zh_CN.UTF-8";
LC_TIME = "zh_CN.UTF-8";
};
time.timeZone = "Asia/Shanghai";
}

91
modules/nixos/core/system.nix Normal file
View File

@@ -0,0 +1,91 @@
{ inputs, outputs, config, lib, ... }:
{
security = {
sudo.enable = true;
polkit.enable = true;
};
services = {
printing.enable = true;
acpid.enable = true;
upower.enable = true;
};
nix = {
# This will add each flake input as a registry
# To make nix3 commands consistent with your flake
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
substituters = [
"https://mirrors.ustc.edu.cn/nix-channels/store"
"https://nixos-cn.cachix.org"
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
"nixos-cn.cachix.org-1:L0jEaL6w7kwQOPlLoCR3ADx+E3Q8SEFEcB9Jaibl0Xg="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
trusted-users = [ "root" ];
# Enable local binary cache
keep-outputs = true;
keep-derivations = true;
max-jobs = "auto";
cores = 0; # Use all available cores
# Deduplicate and optimize nix store during build
# auto-optimise-store = true;
};
gc = {
automatic = true; # Enable automatic garbage collection
dates = "weekly"; # Execute garbage collection weekly
persistent = true; # Keep settings after reboot
randomizedDelaySec = "15min"; # Add up to 15 minutes of random delay
options = "--delete-older-than 30d"; # Delete files older than 30 days
};
# Automatically run garbage collection whenever there is not enough space left
# Free up to 5GiB whenever there is less than 1GiB left:
extraOptions = ''
min-free = ${toString (1 * 1024 * 1024 * 1024)}
max-free = ${toString (5 * 1024 * 1024 * 1024)}
'';
};
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
}

4
modules/nixos/fonts/default.nix
View File

@@ -16,10 +16,6 @@
fontDir.enable = true;
fonts = with pkgs; [
# icon fonts
material-design-icons
font-awesome
# Noto 系列字体是 Google 主导的名字的含义是「没有豆腐」qno tofu因为缺字时显示的方框或者方框被叫作 tofu
# Noto 系列字族名只支持英文,命名规则是 Noto + Sans 或 Serif + 文字名称。
# 其中汉字部分叫 Noto Sans/Serif CJK SC/TC/HK/JP/KR最后一个词是地区变种。

5
modules/nixos/tmpsys.nix → modules/nixos/sysatomic.nix
View File

@@ -1,4 +1,4 @@
# 配置原子系统, 使用 tmpfs 作为根文件系统, 并配置持久化存储
{ config, pkgs, username, inputs, lib, ... }:
{
imports = [
@@ -45,17 +45,14 @@
".cache"
".local"
".ssh"
".gnupg"
".vscode"
".npm"
".cargo"
".nix"
"data"
"doc"
];
files = [
".bash_history"
".zsh_history"
".gitconfig"
];

4
modules/nixos/user-group.nix → modules/nixos/user.nix
View File

@@ -5,9 +5,6 @@
# Define a user account. Don't forget to set a password with passwd.
users = {
groups = {
docker = { };
};
users."${username}" = {
# the hashed password with salt is generated by run `mkpasswd`.
hashedPassword = "$y$j9T$inkrp6FuM46uoPFVrOlbz1$igJed6pECf4AENVaLT4mk.Q4z02MmxjWnGo.OVvCyC.";
@@ -21,7 +18,6 @@
"audio"
];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQOn+imHUzz7KvNYE1mBTjwhMZ0HMyVNwkc6p/6Qak0ejzdyx6mNk9AlKOZB1UQvniWBT8z//u/8DqMT9OL8X0VZmQQTTIpSnvuYRxkH6thkoX9c0umo9GrMGWZN3WIsD71dfiJLMagqPxX7HWgkONBFxJHmBUfP4CXLgLdZs7dUMBm5tILx09zWU7Ttv120NuFdPYENAg8hNka3hjBbXbnDQdp2Y8TPY2Dbcg3MnVZ6Q7LMfKUkVYIoDHEiN6ZAJQaYIU+f2PeNxCb5WqRo2AiZwuzJtQO0VARRIf8hAs5wnX3gU68sWBvLr7payeaYsAyD+C7I4EpyNA8TrwKotrmripv+y5hjHiG7fL97vZEzSfIJH2KEAg7ojGDBbcwAcBKGn4PjwaCdUM7MGm6hj7cMHJf/32rXyc4u7LUZxTjXS5/dKWhF+sCycbBASRlSW93jlnxoUY/zPK4IRnzaF0WL7kUxfBglfFf8UMSgAZNncESNr36hsWFKcFqKUto48= alex@zion.xzdcbj.com.cn"
];
};
};

4
modules/nixos/virtualize/libvirtd/default.nix
View File

@@ -10,8 +10,8 @@
# Ref: https://nixos.wiki/wiki/NixOps/Virtualization
boot = {
kernelModules = [ "kvm-intel" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ];
kernelParams = [ "intel_iommu=on" "iommu=pt" ];
kernelModules = [ "kvm-amd" "kvm-intel" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ];
kernelParams = [ "amd_iommu=on" "intel_iommu=on" "iommu=pt" ];
# extraModprobeConfig = "options vfio-pci ids=8086:1901,10de:1b81,10de:10f0";
};
virtualisation.libvirtd = {

7
overlays/default.nix
View File

@@ -25,6 +25,13 @@
};
};
home-manager-unstable = final: _prev: {
hunstable = import inputs.home-manager-unstable {
system = final.system;
config.allowUnfree = true;
};
};
nur-packages = final: _prev: {
nur = import inputs.nur {
nurpkgs = final;

40
profiles/apollo/default.nix Normal file
View File

@@ -0,0 +1,40 @@
{ inputs, outputs, lib, pkgs, config, self, username, useremail, hostname, sysversion, ... }:
let
inherit (inputs) home-manager hyprland;
in
{
# You can import other NixOS modules here
imports = [
# If you want to use modules your own flake exports (from modules/nixos):
# outputs.nixosModules.example
# Or modules from other flakes (such as nixos-hardware):
# inputs.hardware.nixosModules.common-cpu-amd
# inputs.hardware.nixosModules.common-ssd
# You can also split up your configuration and import pieces of it here:
# ./users.nix
# Import your generated (nixos-generate-config) hardware configuration
./hardware-configuration
./networking
"${self}/modules/nixos/core"
"${self}/modules/nixos/user"
"${self}/modules/nixos/sysatomic"
home-manager.nixosModules.home-manager
{
# home-manager.useGlobalPkgs = true;
# home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = {
inherit inputs outputs hostname username hyprland sysversion;
};
home-manager.users."${username}" = import "${self}/home/desktop";
}
];
networking.hostName = "${hostname}";
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = sysversion;
}

84
profiles/gaea/default.nix
View File

@@ -13,23 +13,23 @@ in
# inputs.hardware.nixosModules.common-ssd
# You can also split up your configuration and import pieces of it here:
# ./users.nix
# ./users
# Import your generated (nixos-generate-config) hardware configuration
./hardware-configuration.nix
./networking.nix
"${self}/modules/nixos/core.nix"
"${self}/modules/nixos/nvidia.nix"
"${self}/modules/nixos/gnome.nix"
"${self}/modules/nixos/hyprland.nix"
"${self}/modules/nixos/user-group.nix"
"${self}/modules/nixos/samba.nix"
"${self}/modules/nixos/zfs.nix"
"${self}/modules/nixos/adb.nix"
./hardware-configuration
./networking
"${self}/modules/nixos/core"
"${self}/modules/nixos/sysatomic"
"${self}/modules/nixos/nvidia"
"${self}/modules/nixos/hyprland"
"${self}/modules/nixos/user"
"${self}/modules/nixos/samba"
"${self}/modules/nixos/zfs"
"${self}/modules/nixos/adb"
"${self}/modules/nixos/virtualize/libvirtd"
"${self}/modules/nixos/virtualize/android.nix"
"${self}/modules/nixos/virtualize/docker.nix"
"${self}/modules/nixos/virtualize/android"
"${self}/modules/nixos/virtualize/docker"
"${self}/modules/nixos/fonts"
@@ -59,31 +59,9 @@ in
}
];
boot = {
loader = {
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
grub = {
enable = true;
efiSupport = true;
device = "nodev";
};
};
zfs.extraPools = [ "zroot" ];
# Allow to modify store. It's dangerous!!
readOnlyNixStore = true;
};
environment.systemPackages = with pkgs;[
# audio control software
pamixer
ntfs3g
];
# set hdmi audio default device
@@ -93,42 +71,6 @@ in
extraConfig = "set-card-profile 1 output:alsa_output.pci-0000_00_1f.3.hdmi-stereo";
};
nix = {
# This will add each flake input as a registry
# To make nix3 commands consistent with your flake
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
};
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
outputs.overlays.nur-packages
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = sysversion;
}

58
profiles/gaea/hardware-configuration.nix
View File

@@ -1,58 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, username, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-uuid/1be5aa7e-2b12-4532-9e42-65cd48b72aa6";
fsType = "ext4";
};
fileSystems."/boot" =
{
device = "/dev/disk/by-uuid/F436-93A1";
fsType = "vfat";
};
fileSystems."/home/${username}/tmp" =
{
device = "none";
fsType = "tmpfs";
options = [ "uid=1000" "gid=100" "defaults" "size=8G" "mode=755" ];
};
fileSystems."/tmp" =
{
device = "tmpfs";
fsType = "tmpfs";
};
swapDevices = [{
device = "/var/swapfile";
size = 8 * 1024;
}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

25
profiles/gaea/hardware.nix Normal file
View File

@@ -0,0 +1,25 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, username, ... }:
{
fileSystems."/home/${username}/tmp" =
{
device = "none";
fsType = "tmpfs";
options = [ "uid=1000" "gid=100" "defaults" "size=8G" "mode=755" ];
};
fileSystems."/tmp" =
{
device = "tmpfs";
fsType = "tmpfs";
};
swapDevices = [{
device = "/var/swapfile";
size = 16 * 1024;
}];
}

117
profiles/luna/default.nix
View File

@@ -16,126 +16,23 @@ in
# ./users.nix
# Import your generated (nixos-generate-config) hardware configuration
./hardware-configuration.nix
"${self}/modules/nixos/core.nix"
"${self}/modules/nixos/user-group.nix"
"${self}/modules/nixos/tmpsys.nix"
./hardware-configuration
./networking
"${self}/modules/nixos/core"
"${self}/modules/nixos/user"
home-manager.nixosModules.home-manager
{
# home-manager.useGlobalPkgs = true;
# home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = {
inherit inputs outputs hostname username useremail hyprland sysversion;
inherit inputs outputs hostname username hyprland sysversion;
};
home-manager.users."${username}" = import ../../home/desktop.nix;
home-manager.users."${username}" = import "${self}/home/desktop";
}
];
boot.loader = {
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
grub = {
enable = true;
efiSupport = true;
device = "nodev";
};
};
networking = {
hostName = "${hostname}";
wireless.enable = false; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
networkmanager.enable = true;
enableIPv6 = false; # disable ipv6
interfaces.enp0s3 = {
useDHCP = false;
ipv4.addresses = [
{
address = "10.7.45.130";
prefixLength = 32;
}
];
};
defaultGateway = "10.7.45.1";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
};
users.users."${username}".packages = with pkgs; [
vim
];
# This setups a SSH server. Very important if you're setting up a headless system.
# Feel free to remove if you don't need it.
services.openssh = {
enable = true;
# Forbid root login through SSH.
# Use keys only. Remove if you want to SSH using password (not recommended)
settings = {
# permitRootLogin = "no";
# passwordAuthentication = false;
};
};
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = lib.mkDefault false;
nix = {
# This will add each flake input as a registry
# To make nix3 commands consistent with your flake
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Deduplicate and optimize nix store
auto-optimise-store = true;
};
};
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
networking.hostName = "${hostname}";
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = sysversion;

35
profiles/luna/hardware-configuration.nix
View File

@@ -1,35 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ ];
boot.initrd.availableKernelModules = [ "ata_piix" "ohci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/f8c5e9ad-010f-4201-9465-7486c5ffbaaa";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/FEB9-6991";
fsType = "vfat";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
virtualisation.virtualbox.guest.enable = true;
}

30
profiles/luna/networking.nix Normal file
View File

@@ -0,0 +1,30 @@
# 网络配置
{ config, lib, pkgs, ... }:
{
networking = {
wireless.enable = false; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
networkmanager.enable = true;
enableIPv6 = false; # disable ipv6
interfaces.enp0s3 = {
useDHCP = false;
ipv4.addresses = [
{
address = "10.7.45.130";
prefixLength = 24;
}
];
};
defaultGateway = "10.7.45.1";
nameservers = [
"119.29.29.29" # DNSPod
"223.5.5.5" # AliDNS
];
};
}