From cba96645e5f0f11d73e51379d9de792265075a6e Mon Sep 17 00:00:00 2001 From: alex Date: Mon, 21 Apr 2025 11:15:37 +0800 Subject: [PATCH] re-init --- README.md | 25 +- flake.lock | 214 ++++++++++++++++++ flake.nix | 12 +- home/core.nix | 24 +- home/desktop.nix | 37 +-- modules/home/develop.nix | 12 + modules/home/fcitx.nix | 22 ++ modules/home/hyprland/default.nix | 6 + modules/home/vscode/default.nix | 21 +- modules/home/vscode/settings.json | 2 +- modules/nixos/core.nix | 75 ------ modules/nixos/core/boot.nix | 22 ++ modules/nixos/core/default.nix | 66 ++++++ modules/nixos/core/system.nix | 91 ++++++++ modules/nixos/fonts/default.nix | 4 - modules/nixos/{tmpsys.nix => sysatomic.nix} | 5 +- modules/nixos/{user-group.nix => user.nix} | 4 - modules/nixos/virtualize/libvirtd/default.nix | 4 +- overlays/default.nix | 7 + profiles/apollo/default.nix | 40 ++++ profiles/gaea/default.nix | 84 ++----- profiles/gaea/hardware-configuration.nix | 58 ----- profiles/gaea/hardware.nix | 25 ++ profiles/luna/default.nix | 117 +--------- profiles/luna/hardware-configuration.nix | 35 --- profiles/luna/networking.nix | 30 +++ 26 files changed, 619 insertions(+), 423 deletions(-) create mode 100644 flake.lock create mode 100644 modules/home/develop.nix create mode 100644 modules/home/fcitx.nix delete mode 100644 modules/nixos/core.nix create mode 100644 modules/nixos/core/boot.nix create mode 100644 modules/nixos/core/default.nix create mode 100644 modules/nixos/core/system.nix rename modules/nixos/{tmpsys.nix => sysatomic.nix} (93%) rename modules/nixos/{user-group.nix => user.nix} (71%) create mode 100644 profiles/apollo/default.nix delete mode 100644 profiles/gaea/hardware-configuration.nix create mode 100644 profiles/gaea/hardware.nix delete mode 100644 profiles/luna/hardware-configuration.nix create mode 100644 profiles/luna/networking.nix diff --git a/README.md b/README.md index 530cc8c..a596dff 100644 --- a/README.md +++ b/README.md @@ -42,11 +42,15 @@ 3. 挂载 ```bash + mkdir -p /mnt/{boot,nix} mount /dev/sda2 /mnt/nix - mkdir -p /mnt/boot mount /dev/sda1 /mnt/boot ``` +3.1 不变系统 + +如何希望使用不变原子系统, 在 profile 中引入 `modules/nixos/sysatomic.nix` 模块. + 4. 生成一个基本的配置 ```bash @@ -56,10 +60,8 @@ 5. 克隆仓库到本地 ```bash -nix-shell -p git -git clone https://github.com/synebula/.nix.git /mnt/.nix -cd /mnt/.nix/ -nix develop --extra-experimental-features "nix-command flakes" +git clone https://github.com/synebula/.nix.git /mnt/nix/.nix +cd /mnt/nix/.nix ``` 6. 将 /mnt/etc/nixos 中的 `hardware-configuration.nix` 拷贝到 `/mnt/.nix/profiles//hardware-configuration.nix`, 其中``指需要的 profile。 @@ -67,19 +69,20 @@ nix develop --extra-experimental-features "nix-command flakes" ```bash cp /mnt/etc/nixos/hardware-configuration.nix /mnt/.nix/profiles//hardware-configuration.nix ``` + 7. 用户名修改: 编辑 `/mnt/.nix/flake.nix` 修改 **username** 变量。 8. 使用 `mkpasswd {PASSWORD} -m sha-512` 命令生成的密码哈希串替换掉 `/mnt/.nix/modules/nixos/user-group.nix` 中的 `users.users..hashedPassword` 值替换掉。 - 9. 安装 ```bash -nixos-install --option substituters "https://mirrors.ustc.edu.cn/nix-channels/store https://cache.nixos.org" --no-root-passwd --flake .# +./nixos-install.sh # 或者 -./nixos-install +nixos-install --option substituters "https://mirrors.ustc.edu.cn/nix-channels/store https://cache.nixos.org" --no-root-passwd --flake .# + ``` 10. 重启 @@ -90,6 +93,6 @@ reboot ### 日常更新系统脚本 -``` bash -./nixos-switch -``` \ No newline at end of file +```bash +./nixos-switch.sh +``` diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..8a0fd3d --- /dev/null +++ b/flake.lock @@ -0,0 +1,214 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1693208669, + "narHash": "sha256-hHFaaUsZ860wvppPeiu7nJn/nXZjJfnqAQEu9SPFE9I=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "5bac4a1c06cd77cf8fc35a658ccb035a6c50cd2c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-23.05", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager-unstable": { + "inputs": { + "nixpkgs": [ + "nixpkgs-unstable" + ] + }, + "locked": { + "lastModified": 1693859358, + "narHash": "sha256-r3Pak/ao3p8weTzR+Ry3qQrfRsmSOwWW5sAe73mrYKs=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "886ea1d213efd1082f419d066e89ef37635dc970", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "hyprland": { + "inputs": { + "hyprland-protocols": "hyprland-protocols", + "nixpkgs": "nixpkgs", + "systems": "systems", + "wlroots": "wlroots", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1693468538, + "narHash": "sha256-3kWvxxIlMwYqUg4txxBipH3CEQglLNGPjtQnpNeoHJY=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "fc0c1896e097b3c3b2170ae69d38724e43960fe1", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-protocols": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1691753796, + "narHash": "sha256-zOEwiWoXk3j3+EoF3ySUJmberFewWlagvewDRuWYAso=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "0c2ce70625cb30aef199cb388f99e19a61a6ce03", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1693158576, + "narHash": "sha256-aRTTXkYvhXosGx535iAFUaoFboUrZSYb1Ooih/auGp0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "a999c1cc0c9eb2095729d5aa03e0d8f7ed256780", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1693377291, + "narHash": "sha256-vYGY9bnqEeIncNarDZYhm6KdLKgXMS+HA2mTRaWEc80=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "e7f38be3775bab9659575f192ece011c033655f0", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1693341273, + "narHash": "sha256-wrsPjsIx2767909MPGhSIOmkpGELM9eufqLQOPxmZQg=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "2ab91c8d65c00fd22a441c69bbf1bc9b420d5ea1", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "home-manager-unstable": "home-manager-unstable", + "hyprland": "hyprland", + "nixpkgs": "nixpkgs_2", + "nixpkgs-unstable": "nixpkgs-unstable" + } + }, + "systems": { + "locked": { + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "owner": "nix-systems", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-linux", + "type": "github" + } + }, + "wlroots": { + "flake": false, + "locked": { + "host": "gitlab.freedesktop.org", + "lastModified": 1692976565, + "narHash": "sha256-eBKkG7tMxg92NskEn8dHRFY245JwjirWRoOZzW6DnUw=", + "owner": "wlroots", + "repo": "wlroots", + "rev": "717ded9bb0191ea31bf4368be32e7a15fe1b8294", + "type": "gitlab" + }, + "original": { + "host": "gitlab.freedesktop.org", + "owner": "wlroots", + "repo": "wlroots", + "rev": "717ded9bb0191ea31bf4368be32e7a15fe1b8294", + "type": "gitlab" + } + }, + "xdph": { + "inputs": { + "hyprland-protocols": [ + "hyprland", + "hyprland-protocols" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1691841170, + "narHash": "sha256-RCTm1/MVWYPnReMgyp7tr2ogGYo/pvw38jZaFwemgPU=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "57a3a41ba6b358109e4fc25c6a4706b5f7d93c6b", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix index 6b6d4de..2ea7dba 100644 --- a/flake.nix +++ b/flake.nix @@ -1,4 +1,3 @@ -# Configuration file init by: nix flake init -t github:misterio77/nix-starter-config#standard { outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, home-manager-unstable, ... }@inputs: let @@ -42,7 +41,6 @@ # Available through 'home-manager --flake .#your-username@your-hostname' # Or run 'nix build .#homeConfigurations..activationPackage' in none-nixos distro first homeConfigurations = { - # FIXME replace with your username@hostname "${username}" = home-manager-unstable.lib.homeManagerConfiguration { pkgs = nixpkgs-unstable.packages.x86_64-linux; # Home-manager requires 'pkgs' instance extraSpecialArgs = { @@ -65,28 +63,26 @@ inputs = { # Nixpkgs nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; - # You can access packages and modules from different nixpkgs revs - # at the same time. Here's an working example: nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; - # Also see the 'unstable-packages' overlay at 'overlays/default.nix'. # The Nix User Repository # nur.url = github:nix-community/NUR; # Home manager home-manager = { - url = "github:nix-community/home-manager/release-24.11"; + url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; - - # Home manager home-manager-unstable = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs-unstable"; }; hyprland.url = "github:hyprwm/Hyprland"; + + # Impermanence system impermanence.url = "github:nix-community/impermanence"; + # TODO: Add any other flake you might need # hardware.url = "github:nixos/nixos-hardware"; diff --git a/home/core.nix b/home/core.nix index 6d1897e..d94f77b 100644 --- a/home/core.nix +++ b/home/core.nix @@ -13,11 +13,8 @@ ]; }; - # Enable home-manager and git + # Enable git programs = { - # home-manager.enable = true; - # git.enable = true; - git = { enable = true; @@ -60,6 +57,25 @@ shellAliases = { }; }; + zsh = { + enable = true; + enableCompletion = true; + autosuggestion.enable = true; + syntaxHighlighting.enable = true; + + shellAliases = { + la = "ls -la"; + ll = "ls -l"; + edit = "sudo -e"; + update = "sudo nixos-rebuild switch"; + }; + + history.size = 10000; + history.ignoreAllDups = true; + history.path = "$HOME/.zsh_history"; + history.ignorePatterns = ["rm *" "pkill *" "cp *"]; + }; + vim = { enable = true; plugins = with pkgs.vimPlugins; [ vim-airline ]; diff --git a/home/desktop.nix b/home/desktop.nix index 35e6e3f..f6bf5b5 100644 --- a/home/desktop.nix +++ b/home/desktop.nix @@ -12,13 +12,14 @@ # inputs.nix-colors.homeManagerModules.default # You can also split up your configuration and import pieces of it here: - # ./nvim.nix - ./core.nix - # ../modules/home/hyprland + ./core + ../modules/home/hyprland + ../modules/home/v2ray + ../modules/home/xdg + ../modules/home/theme + ../modules/home/fcitx ../modules/home/vscode - # ../modules/home/v2ray - ../modules/home/xdg.nix - ../modules/home/theme.nix + ../modules/home/develop ]; home = { @@ -34,37 +35,17 @@ zip unzip lsof + htop pciutils # lspci etc. - frp xorg.xhost - - # nur.repos.linyinfeng.wemeet ]; sessionVariables = { - XIM = "fcitx"; - XIM_PROGRAM = "fcitx"; - XMODIFIERS = "@im=fcitx"; - }; - }; - - programs = { - bash = { - initExtra = '' - export XIM="fcitx" - export XIM_PROGRAM="fcitx" - export XMODIFIERS="@im=fcitx" - ''; + JAVA_HOME = ""; }; }; - i18n.inputMethod = { - enabled = "fcitx5"; - fcitx5.addons = with pkgs; [ - fcitx5-chinese-addons - ]; - }; # Enable home-manager and git programs = { diff --git a/modules/home/develop.nix b/modules/home/develop.nix new file mode 100644 index 0000000..16f9b28 --- /dev/null +++ b/modules/home/develop.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: + +{ + home = { + packages = with pkgs; [ + dbeaver + go + nodejs + yarn + ]; + } +} \ No newline at end of file diff --git a/modules/home/fcitx.nix b/modules/home/fcitx.nix new file mode 100644 index 0000000..cbf2be4 --- /dev/null +++ b/modules/home/fcitx.nix @@ -0,0 +1,22 @@ +# 输入法配置模块 +{ config, lib, pkgs, ... }: + +{ + home = { + packages = [ pkgs.catppuccin-fcitx5 ]; + sessionVariables = { + GTK_IM_MODULE = "fcitx"; + QT_IM_MODULE = "fcitx"; + XIM = "fcitx"; + XIM_PROGRAM = "fcitx"; + XMODIFIERS = "@im=fcitx"; + }; + }; + + i18n.inputMethod = { + enabled = "fcitx5"; + fcitx5.addons = with pkgs; [ + fcitx5-chinese-addons + ]; + }; +} diff --git a/modules/home/hyprland/default.nix b/modules/home/hyprland/default.nix index c001971..b382563 100644 --- a/modules/home/hyprland/default.nix +++ b/modules/home/hyprland/default.nix @@ -35,6 +35,7 @@ wayland.windowManager.hyprland = { enable = true; systemdIntegration = true; + enableNvidiaPatches = true; # extraConfig = builtins.readFile ./conf/hyprland.conf; }; @@ -55,6 +56,11 @@ recursive = true; }; + home.file.".config/swww" = { + source = ./conf/swww; + recursive = true; + }; + home.file.".config/waybar" = { source = ./conf/waybar; recursive = true; diff --git a/modules/home/vscode/default.nix b/modules/home/vscode/default.nix index 344ba38..8164301 100644 --- a/modules/home/vscode/default.nix +++ b/modules/home/vscode/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ pkgs, ... }: { imports = [ @@ -7,16 +7,21 @@ vscode = { enable = true; extensions = with pkgs.vscode-extensions; [ - jnoortheen.nix-ide + bierner.markdown-mermaid esbenp.prettier-vscode + foxundermoon.shell-format + github.copilot + github.copilot-chat + golang.go + jnoortheen.nix-ide pkief.material-icon-theme ] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [ - # { - # name = "aws-toolkit-vscode"; - # publisher = "amazonwebservices"; - # version = "1.9.0"; - # sha256 = "erRg/C0qSrPg0cK2qmnULOnFGj/mVQTyBy5Kyj1ZfVw="; - # } + { + name = "vscode-augment"; + publisher = "augment"; + version = "0.409.1"; + sha256 = "erRg/C0qSrPg0cK2qmnULOnFGj/mVQTyBy5Kyj1ZfVw="; + } ]; userSettings = builtins.fromJSON (builtins.readFile ./settings.json); }; diff --git a/modules/home/vscode/settings.json b/modules/home/vscode/settings.json index 9e9fce5..2e64934 100644 --- a/modules/home/vscode/settings.json +++ b/modules/home/vscode/settings.json @@ -40,7 +40,7 @@ "git.enableSmartCommit": true, "javascript.updateImportsOnFileMove.enabled": "always", "security.workspace.trust.untrustedFiles": "open", - "terminal.integrated.fontFamily": "\"Source Code Pro\"", + "terminal.integrated.fontFamily": "'Source Code Pro'", "terminal.integrated.tabs.location": "left", "typescript.updateImportsOnFileMove.enabled": "always", "workbench.iconTheme": "material-icon-theme" diff --git a/modules/nixos/core.nix b/modules/nixos/core.nix deleted file mode 100644 index 7b6b7ec..0000000 --- a/modules/nixos/core.nix +++ /dev/null @@ -1,75 +0,0 @@ -{ lib, ... }: -{ - programs = { - git.enable = true; - dconf.enable = true; - vim = { - defaultEditor = true; - }; - }; - - - # This setups a SSH server. Very important if you're setting up a headless system. - # Feel free to remove if you don't need it. - services.openssh = { - enable = true; - # Forbid root login through SSH. - # Use keys only. Remove if you want to SSH using password (not recommended) - settings = { - # permitRootLogin = "no"; - # passwordAuthentication = false; - }; - }; - - - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - networking.firewall.enable = lib.mkDefault false; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "zh_CN.UTF-8"; - LC_IDENTIFICATION = "zh_CN.UTF-8"; - LC_MEASUREMENT = "zh_CN.UTF-8"; - LC_MONETARY = "zh_CN.UTF-8"; - LC_NAME = "zh_CN.UTF-8"; - LC_NUMERIC = "zh_CN.UTF-8"; - LC_PAPER = "zh_CN.UTF-8"; - LC_TELEPHONE = "zh_CN.UTF-8"; - LC_TIME = "zh_CN.UTF-8"; - }; - - time.timeZone = "Asia/Shanghai"; - - nix = { - settings = { - # Enable flakes and new 'nix' command - experimental-features = "nix-command flakes"; - # Deduplicate and optimize nix store - auto-optimise-store = true; - substituters = [ - "https://mirrors.ustc.edu.cn/nix-channels/store" - "https://mirror.sjtu.edu.cn/nix-channels/store" - "https://mirrors.tuna.tsinghua.edu.cn/nix-channels/store" - "https://nixos-cn.cachix.org" - "https://nix-community.cachix.org" - "https://cache.nixos.org/" - ]; - trusted-public-keys = [ - "nixos-cn.cachix.org-1:L0jEaL6w7kwQOPlLoCR3ADx+E3Q8SEFEcB9Jaibl0Xg=" - "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" - ]; - # 添加以下配置以允许失败时从源码构建 - fallback = true; - keep-going = true; - }; - gc = { - automatic = true; - dates = "daily"; - options = "--delete-older-than 31d"; - }; - }; -} diff --git a/modules/nixos/core/boot.nix b/modules/nixos/core/boot.nix new file mode 100644 index 0000000..f061f4e --- /dev/null +++ b/modules/nixos/core/boot.nix @@ -0,0 +1,22 @@ +# 引导配置 +{ config, lib, pkgs, ... }: + +{ + boot = { + loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot"; + }; + + grub = { + enable = true; + efiSupport = true; + device = "nodev"; + }; + }; + + # Allow to modify store. It's dangerous!! + readOnlyNixStore = lib.mkDefault true; + }; +} \ No newline at end of file diff --git a/modules/nixos/core/default.nix b/modules/nixos/core/default.nix new file mode 100644 index 0000000..c45c928 --- /dev/null +++ b/modules/nixos/core/default.nix @@ -0,0 +1,66 @@ +{ lib, ... }: +{ + imports = [ + ./boot + ./system + ]; + + programs = { + git.enable = true; + dconf.enable = true; + vim = { + defaultEditor = true; + }; + }; + + + # This setups a SSH server. Very important if you're setting up a headless system. + # Feel free to remove if you don't need it. + services = { + openssh = { + enable = true; + # Forbid root login through SSH. + # Use keys only. Remove if you want to SSH using password (not recommended) + settings = { + # permitRootLogin = "no"; + # passwordAuthentication = false; + KbdInteractiveAuthentication = false; + X11Forwarding = false; + }; + }; + + journald.extraConfig = '' + SystemMaxUse=500M + MaxFileSec=7day + ''; + }; + + + # Configure firewall + networking.firewall = lib.mkDefault { + enable = true; + allowedTCPPorts = [ 22 80 443 ]; # 根据需要调整 + allowedUDPPorts = [ 53 ]; # 根据需要调整 + # 如果需要,可以添加特定服务的规则 + allowedTCPPortRanges = [ + { from = 1714; to = 1764; } # KDE Connect + ]; + }; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "zh_CN.UTF-8"; + LC_IDENTIFICATION = "zh_CN.UTF-8"; + LC_MEASUREMENT = "zh_CN.UTF-8"; + LC_MONETARY = "zh_CN.UTF-8"; + LC_NAME = "zh_CN.UTF-8"; + LC_NUMERIC = "zh_CN.UTF-8"; + LC_PAPER = "zh_CN.UTF-8"; + LC_TELEPHONE = "zh_CN.UTF-8"; + LC_TIME = "zh_CN.UTF-8"; + }; + + time.timeZone = "Asia/Shanghai"; +} diff --git a/modules/nixos/core/system.nix b/modules/nixos/core/system.nix new file mode 100644 index 0000000..a0831e8 --- /dev/null +++ b/modules/nixos/core/system.nix @@ -0,0 +1,91 @@ +{ inputs, outputs, config, lib, ... }: + +{ + security = { + sudo.enable = true; + polkit.enable = true; + }; + + services = { + printing.enable = true; + acpid.enable = true; + upower.enable = true; + }; + + nix = { + # This will add each flake input as a registry + # To make nix3 commands consistent with your flake + registry = lib.mapAttrs (_: value: { flake = value; }) inputs; + + # This will additionally add your inputs to the system's legacy channels + # Making legacy nix commands consistent as well, awesome! + nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; + + + settings = { + # Enable flakes and new 'nix' command + experimental-features = "nix-command flakes"; + substituters = [ + "https://mirrors.ustc.edu.cn/nix-channels/store" + "https://nixos-cn.cachix.org" + "https://nix-community.cachix.org" + "https://cache.nixos.org/" + ]; + trusted-public-keys = [ + "nixos-cn.cachix.org-1:L0jEaL6w7kwQOPlLoCR3ADx+E3Q8SEFEcB9Jaibl0Xg=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + trusted-users = [ "root" ]; + + # Enable local binary cache + keep-outputs = true; + keep-derivations = true; + + max-jobs = "auto"; + cores = 0; # Use all available cores + + # Deduplicate and optimize nix store during build + # auto-optimise-store = true; + }; + + gc = { + automatic = true; # Enable automatic garbage collection + dates = "weekly"; # Execute garbage collection weekly + persistent = true; # Keep settings after reboot + randomizedDelaySec = "15min"; # Add up to 15 minutes of random delay + options = "--delete-older-than 30d"; # Delete files older than 30 days + }; + + # Automatically run garbage collection whenever there is not enough space left + # Free up to 5GiB whenever there is less than 1GiB left: + extraOptions = '' + min-free = ${toString (1 * 1024 * 1024 * 1024)} + max-free = ${toString (5 * 1024 * 1024 * 1024)} + ''; + }; + + nixpkgs = { + # You can add overlays here + overlays = [ + # Add overlays your own flake exports (from overlays and pkgs dir): + outputs.overlays.additions + outputs.overlays.modifications + outputs.overlays.unstable-packages + + # You can also add overlays exported from other flakes: + # neovim-nightly-overlay.overlays.default + + # Or define it inline, for example: + # (final: prev: { + # hi = final.hello.overrideAttrs (oldAttrs: { + # patches = [ ./change-hello-to-hi.patch ]; + # }); + # }) + ]; + # Configure your nixpkgs instance + config = { + # Disable if you don't want unfree packages + allowUnfree = true; + }; + }; +} diff --git a/modules/nixos/fonts/default.nix b/modules/nixos/fonts/default.nix index d8e3820..abbeaa4 100644 --- a/modules/nixos/fonts/default.nix +++ b/modules/nixos/fonts/default.nix @@ -16,10 +16,6 @@ fontDir.enable = true; fonts = with pkgs; [ - # icon fonts - material-design-icons - font-awesome - # Noto 系列字体是 Google 主导的,名字的含义是「没有豆腐」q(no tofu),因为缺字时显示的方框或者方框被叫作 tofu # Noto 系列字族名只支持英文,命名规则是 Noto + Sans 或 Serif + 文字名称。 # 其中汉字部分叫 Noto Sans/Serif CJK SC/TC/HK/JP/KR,最后一个词是地区变种。 diff --git a/modules/nixos/tmpsys.nix b/modules/nixos/sysatomic.nix similarity index 93% rename from modules/nixos/tmpsys.nix rename to modules/nixos/sysatomic.nix index 3d6f684..59c5d6c 100644 --- a/modules/nixos/tmpsys.nix +++ b/modules/nixos/sysatomic.nix @@ -1,4 +1,4 @@ - +# 配置原子系统, 使用 tmpfs 作为根文件系统, 并配置持久化存储 { config, pkgs, username, inputs, lib, ... }: { imports = [ @@ -45,17 +45,14 @@ ".cache" ".local" ".ssh" - ".gnupg" ".vscode" ".npm" - ".cargo" ".nix" "data" "doc" ]; files = [ - ".bash_history" ".zsh_history" ".gitconfig" ]; diff --git a/modules/nixos/user-group.nix b/modules/nixos/user.nix similarity index 71% rename from modules/nixos/user-group.nix rename to modules/nixos/user.nix index b45707e..35abc94 100644 --- a/modules/nixos/user-group.nix +++ b/modules/nixos/user.nix @@ -5,9 +5,6 @@ # Define a user account. Don't forget to set a password with ‘passwd’. users = { - groups = { - docker = { }; - }; users."${username}" = { # the hashed password with salt is generated by run `mkpasswd`. hashedPassword = "$y$j9T$inkrp6FuM46uoPFVrOlbz1$igJed6pECf4AENVaLT4mk.Q4z02MmxjWnGo.OVvCyC."; @@ -21,7 +18,6 @@ "audio" ]; openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQOn+imHUzz7KvNYE1mBTjwhMZ0HMyVNwkc6p/6Qak0ejzdyx6mNk9AlKOZB1UQvniWBT8z//u/8DqMT9OL8X0VZmQQTTIpSnvuYRxkH6thkoX9c0umo9GrMGWZN3WIsD71dfiJLMagqPxX7HWgkONBFxJHmBUfP4CXLgLdZs7dUMBm5tILx09zWU7Ttv120NuFdPYENAg8hNka3hjBbXbnDQdp2Y8TPY2Dbcg3MnVZ6Q7LMfKUkVYIoDHEiN6ZAJQaYIU+f2PeNxCb5WqRo2AiZwuzJtQO0VARRIf8hAs5wnX3gU68sWBvLr7payeaYsAyD+C7I4EpyNA8TrwKotrmripv+y5hjHiG7fL97vZEzSfIJH2KEAg7ojGDBbcwAcBKGn4PjwaCdUM7MGm6hj7cMHJf/32rXyc4u7LUZxTjXS5/dKWhF+sCycbBASRlSW93jlnxoUY/zPK4IRnzaF0WL7kUxfBglfFf8UMSgAZNncESNr36hsWFKcFqKUto48= alex@zion.xzdcbj.com.cn" ]; }; }; diff --git a/modules/nixos/virtualize/libvirtd/default.nix b/modules/nixos/virtualize/libvirtd/default.nix index 7ec826b..9a37d23 100644 --- a/modules/nixos/virtualize/libvirtd/default.nix +++ b/modules/nixos/virtualize/libvirtd/default.nix @@ -10,8 +10,8 @@ # Ref: https://nixos.wiki/wiki/NixOps/Virtualization boot = { - kernelModules = [ "kvm-intel" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ]; - kernelParams = [ "intel_iommu=on" "iommu=pt" ]; + kernelModules = [ "kvm-amd" "kvm-intel" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ]; + kernelParams = [ "amd_iommu=on" "intel_iommu=on" "iommu=pt" ]; # extraModprobeConfig = "options vfio-pci ids=8086:1901,10de:1b81,10de:10f0"; }; virtualisation.libvirtd = { diff --git a/overlays/default.nix b/overlays/default.nix index d96dc0c..98090bd 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -25,6 +25,13 @@ }; }; + home-manager-unstable = final: _prev: { + hunstable = import inputs.home-manager-unstable { + system = final.system; + config.allowUnfree = true; + }; + }; + nur-packages = final: _prev: { nur = import inputs.nur { nurpkgs = final; diff --git a/profiles/apollo/default.nix b/profiles/apollo/default.nix new file mode 100644 index 0000000..ae491b2 --- /dev/null +++ b/profiles/apollo/default.nix @@ -0,0 +1,40 @@ +{ inputs, outputs, lib, pkgs, config, self, username, useremail, hostname, sysversion, ... }: +let + inherit (inputs) home-manager hyprland; +in +{ + # You can import other NixOS modules here + imports = [ + # If you want to use modules your own flake exports (from modules/nixos): + # outputs.nixosModules.example + + # Or modules from other flakes (such as nixos-hardware): + # inputs.hardware.nixosModules.common-cpu-amd + # inputs.hardware.nixosModules.common-ssd + + # You can also split up your configuration and import pieces of it here: + # ./users.nix + + # Import your generated (nixos-generate-config) hardware configuration + ./hardware-configuration + ./networking + "${self}/modules/nixos/core" + "${self}/modules/nixos/user" + "${self}/modules/nixos/sysatomic" + + home-manager.nixosModules.home-manager + { + # home-manager.useGlobalPkgs = true; + # home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { + inherit inputs outputs hostname username hyprland sysversion; + }; + home-manager.users."${username}" = import "${self}/home/desktop"; + } + ]; + + networking.hostName = "${hostname}"; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + system.stateVersion = sysversion; +} diff --git a/profiles/gaea/default.nix b/profiles/gaea/default.nix index e31bd7b..35abb8b 100644 --- a/profiles/gaea/default.nix +++ b/profiles/gaea/default.nix @@ -13,23 +13,23 @@ in # inputs.hardware.nixosModules.common-ssd # You can also split up your configuration and import pieces of it here: - # ./users.nix + # ./users # Import your generated (nixos-generate-config) hardware configuration - ./hardware-configuration.nix - ./networking.nix - "${self}/modules/nixos/core.nix" - "${self}/modules/nixos/nvidia.nix" - "${self}/modules/nixos/gnome.nix" - "${self}/modules/nixos/hyprland.nix" - "${self}/modules/nixos/user-group.nix" - "${self}/modules/nixos/samba.nix" - "${self}/modules/nixos/zfs.nix" - "${self}/modules/nixos/adb.nix" + ./hardware-configuration + ./networking + "${self}/modules/nixos/core" + "${self}/modules/nixos/sysatomic" + "${self}/modules/nixos/nvidia" + "${self}/modules/nixos/hyprland" + "${self}/modules/nixos/user" + "${self}/modules/nixos/samba" + "${self}/modules/nixos/zfs" + "${self}/modules/nixos/adb" "${self}/modules/nixos/virtualize/libvirtd" - "${self}/modules/nixos/virtualize/android.nix" - "${self}/modules/nixos/virtualize/docker.nix" + "${self}/modules/nixos/virtualize/android" + "${self}/modules/nixos/virtualize/docker" "${self}/modules/nixos/fonts" @@ -59,31 +59,9 @@ in } ]; - boot = { - loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; - }; - - grub = { - enable = true; - efiSupport = true; - device = "nodev"; - }; - }; - - zfs.extraPools = [ "zroot" ]; - - # Allow to modify store. It's dangerous!! - readOnlyNixStore = true; - }; - - environment.systemPackages = with pkgs;[ # audio control software pamixer - ntfs3g ]; # set hdmi audio default device @@ -93,42 +71,6 @@ in extraConfig = "set-card-profile 1 output:alsa_output.pci-0000_00_1f.3.hdmi-stereo"; }; - nix = { - # This will add each flake input as a registry - # To make nix3 commands consistent with your flake - registry = lib.mapAttrs (_: value: { flake = value; }) inputs; - - # This will additionally add your inputs to the system's legacy channels - # Making legacy nix commands consistent as well, awesome! - nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; - }; - - nixpkgs = { - # You can add overlays here - overlays = [ - # Add overlays your own flake exports (from overlays and pkgs dir): - outputs.overlays.additions - outputs.overlays.modifications - outputs.overlays.unstable-packages - outputs.overlays.nur-packages - - # You can also add overlays exported from other flakes: - # neovim-nightly-overlay.overlays.default - - # Or define it inline, for example: - # (final: prev: { - # hi = final.hello.overrideAttrs (oldAttrs: { - # patches = [ ./change-hello-to-hi.patch ]; - # }); - # }) - ]; - # Configure your nixpkgs instance - config = { - # Disable if you don't want unfree packages - allowUnfree = true; - }; - }; - # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion system.stateVersion = sysversion; } diff --git a/profiles/gaea/hardware-configuration.nix b/profiles/gaea/hardware-configuration.nix deleted file mode 100644 index 8fbef2a..0000000 --- a/profiles/gaea/hardware-configuration.nix +++ /dev/null @@ -1,58 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, username, ... }: - -{ - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { - device = "/dev/disk/by-uuid/1be5aa7e-2b12-4532-9e42-65cd48b72aa6"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/F436-93A1"; - fsType = "vfat"; - }; - - fileSystems."/home/${username}/tmp" = - { - device = "none"; - fsType = "tmpfs"; - options = [ "uid=1000" "gid=100" "defaults" "size=8G" "mode=755" ]; - }; - - fileSystems."/tmp" = - { - device = "tmpfs"; - fsType = "tmpfs"; - }; - - swapDevices = [{ - device = "/var/swapfile"; - size = 8 * 1024; - }]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eno1.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/profiles/gaea/hardware.nix b/profiles/gaea/hardware.nix new file mode 100644 index 0000000..2abac50 --- /dev/null +++ b/profiles/gaea/hardware.nix @@ -0,0 +1,25 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, username, ... }: + +{ + + fileSystems."/home/${username}/tmp" = + { + device = "none"; + fsType = "tmpfs"; + options = [ "uid=1000" "gid=100" "defaults" "size=8G" "mode=755" ]; + }; + + fileSystems."/tmp" = + { + device = "tmpfs"; + fsType = "tmpfs"; + }; + + swapDevices = [{ + device = "/var/swapfile"; + size = 16 * 1024; + }]; +} diff --git a/profiles/luna/default.nix b/profiles/luna/default.nix index 95a393f..b9ec7df 100644 --- a/profiles/luna/default.nix +++ b/profiles/luna/default.nix @@ -16,126 +16,23 @@ in # ./users.nix # Import your generated (nixos-generate-config) hardware configuration - ./hardware-configuration.nix - "${self}/modules/nixos/core.nix" - "${self}/modules/nixos/user-group.nix" - "${self}/modules/nixos/tmpsys.nix" + ./hardware-configuration + ./networking + "${self}/modules/nixos/core" + "${self}/modules/nixos/user" home-manager.nixosModules.home-manager { # home-manager.useGlobalPkgs = true; # home-manager.useUserPackages = true; home-manager.extraSpecialArgs = { - inherit inputs outputs hostname username useremail hyprland sysversion; + inherit inputs outputs hostname username hyprland sysversion; }; - home-manager.users."${username}" = import ../../home/desktop.nix; + home-manager.users."${username}" = import "${self}/home/desktop"; } ]; - boot.loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; - }; - - grub = { - enable = true; - efiSupport = true; - device = "nodev"; - }; - }; - - networking = { - hostName = "${hostname}"; - - wireless.enable = false; # Enables wireless support via wpa_supplicant. - - # Configure network proxy if necessary - # proxy.default = "http://user:password@proxy:port/"; - # proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - networkmanager.enable = true; - - enableIPv6 = false; # disable ipv6 - interfaces.enp0s3 = { - useDHCP = false; - ipv4.addresses = [ - { - address = "10.7.45.130"; - prefixLength = 32; - } - ]; - }; - defaultGateway = "10.7.45.1"; - nameservers = [ - "119.29.29.29" # DNSPod - "223.5.5.5" # AliDNS - ]; - }; - - users.users."${username}".packages = with pkgs; [ - vim - ]; - - - # This setups a SSH server. Very important if you're setting up a headless system. - # Feel free to remove if you don't need it. - services.openssh = { - enable = true; - # Forbid root login through SSH. - # Use keys only. Remove if you want to SSH using password (not recommended) - settings = { - # permitRootLogin = "no"; - # passwordAuthentication = false; - }; - }; - - - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = lib.mkDefault false; - - nix = { - # This will add each flake input as a registry - # To make nix3 commands consistent with your flake - registry = lib.mapAttrs (_: value: { flake = value; }) inputs; - - # This will additionally add your inputs to the system's legacy channels - # Making legacy nix commands consistent as well, awesome! - nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; - - settings = { - # Enable flakes and new 'nix' command - experimental-features = "nix-command flakes"; - # Deduplicate and optimize nix store - auto-optimise-store = true; - }; - }; - nixpkgs = { - # You can add overlays here - overlays = [ - # Add overlays your own flake exports (from overlays and pkgs dir): - outputs.overlays.additions - outputs.overlays.modifications - outputs.overlays.unstable-packages - - # You can also add overlays exported from other flakes: - # neovim-nightly-overlay.overlays.default - - # Or define it inline, for example: - # (final: prev: { - # hi = final.hello.overrideAttrs (oldAttrs: { - # patches = [ ./change-hello-to-hi.patch ]; - # }); - # }) - ]; - # Configure your nixpkgs instance - config = { - # Disable if you don't want unfree packages - allowUnfree = true; - }; - }; + networking.hostName = "${hostname}"; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion system.stateVersion = sysversion; diff --git a/profiles/luna/hardware-configuration.nix b/profiles/luna/hardware-configuration.nix deleted file mode 100644 index 3f34a3a..0000000 --- a/profiles/luna/hardware-configuration.nix +++ /dev/null @@ -1,35 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ ]; - - boot.initrd.availableKernelModules = [ "ata_piix" "ohci_pci" "ehci_pci" "ahci" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/f8c5e9ad-010f-4201-9465-7486c5ffbaaa"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/FEB9-6991"; - fsType = "vfat"; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s3.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - virtualisation.virtualbox.guest.enable = true; -} diff --git a/profiles/luna/networking.nix b/profiles/luna/networking.nix new file mode 100644 index 0000000..9018628 --- /dev/null +++ b/profiles/luna/networking.nix @@ -0,0 +1,30 @@ +# 网络配置 +{ config, lib, pkgs, ... }: + +{ + networking = { + wireless.enable = false; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # proxy.default = "http://user:password@proxy:port/"; + # proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + networkmanager.enable = true; + + enableIPv6 = false; # disable ipv6 + interfaces.enp0s3 = { + useDHCP = false; + ipv4.addresses = [ + { + address = "10.7.45.130"; + prefixLength = 24; + } + ]; + }; + defaultGateway = "10.7.45.1"; + nameservers = [ + "119.29.29.29" # DNSPod + "223.5.5.5" # AliDNS + ]; + }; +}