pci.express / dotfiles
My NixOS dotfiles
fork atom

desktop

pci.express c6fb69a8 fabadae3

verified
options
unified split
Changed files
+306 -21
common
default.nix
flake.lock
flake.nix
hetzner
default.nix
riptide
default.nix
hardware.nix
limine.extra.conf
+1
common/default.nix
··· 28 28 man-pages 29 29 man-pages-posix 30 30 gptfdisk 31 + lz4 31 32 ]; 32 33 33 34 # Localization
+22 -7
flake.lock
··· 1 1 { 2 2 "nodes": { 3 + "flake-compat": { 4 + "flake": false, 5 + "locked": { 6 + "lastModified": 1751685974, 7 + "narHash": "sha256-NKw96t+BgHIYzHUjkTK95FqYRVKB8DHpVhefWSz/kTw=", 8 + "rev": "549f2762aebeff29a2e5ece7a7dc0f955281a1d1", 9 + "type": "tarball", 10 + "url": "https://git.lix.systems/api/v1/repos/lix-project/flake-compat/archive/549f2762aebeff29a2e5ece7a7dc0f955281a1d1.tar.gz?rev=549f2762aebeff29a2e5ece7a7dc0f955281a1d1" 11 + }, 12 + "original": { 13 + "type": "tarball", 14 + "url": "https://git.lix.systems/lix-project/flake-compat/archive/main.tar.gz" 15 + } 16 + }, 3 17 "flake-utils": { 4 18 "inputs": { 5 19 "systems": "systems" ··· 122 136 "nixpkgs": { 123 137 "locked": { 124 138 "lastModified": 315532800, 125 - "narHash": "sha256-PEuQKa11BPUDAEoMH4NDp7RsifVlhT+mPE0D7czYP7w=", 126 - "rev": "ca77296380960cd497a765102eeb1356eb80fed0", 139 + "narHash": "sha256-LzU/KC9vXI1UeKEjbz0bq0OIdv36UJpz88Sfeg991UQ=", 140 + "rev": "647e5c14cbd5067f44ac86b74f014962df460840", 127 141 "type": "tarball", 128 - "url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.11pre856744.ca7729638096/nixexprs.tar.xz?rev=ca77296380960cd497a765102eeb1356eb80fed0" 142 + "url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.11pre868532.647e5c14cbd5/nixexprs.tar.xz?rev=647e5c14cbd5067f44ac86b74f014962df460840" 129 143 }, 130 144 "original": { 131 145 "type": "tarball", ··· 168 182 }, 169 183 "tangled": { 170 184 "inputs": { 185 + "flake-compat": "flake-compat", 171 186 "gomod2nix": "gomod2nix", 172 187 "htmx-src": "htmx-src", 173 188 "htmx-ws-src": "htmx-ws-src", ··· 181 196 "sqlite-lib-src": "sqlite-lib-src" 182 197 }, 183 198 "locked": { 184 - "lastModified": 1757399789, 185 - "narHash": "sha256-Vd09Za+KlkuScaWNp0Rz9z7v40faSsozFDJJLGvdJtE=", 199 + "lastModified": 1759307677, 200 + "narHash": "sha256-J9nr84+CNL//9CvR8ELCkzby57EEgZum19WYslnSEG0=", 186 201 "ref": "refs/heads/master", 187 - "rev": "bfecda4a4033ad9d51cda9cf9336b9fbb0afb8cb", 188 - "revCount": 1337, 202 + "rev": "5df3d5df76ee20ad0ad818c3aa76d92788672873", 203 + "revCount": 1470, 189 204 "type": "git", 190 205 "url": "https://tangled.sh/@tangled.sh/core" 191 206 },
+8 -8
flake.nix
··· 30 30 hetzner = nixpkgs.lib.nixosSystem { 31 31 inherit specialArgs; 32 32 modules = [ 33 - inputs.tangled.nixosModules.knot 33 + inputs.tangled.nixosModules.knot 34 34 ./common 35 35 ./hetzner 36 36 ]; 37 37 }; 38 + riptide = nixpkgs.lib.nixosSystem { 39 + inherit specialArgs; 40 + modules = [ 41 + ./common 42 + ./riptide 43 + ]; 44 + }; 38 45 }; 39 46 packages = forAllSystems (pkgs: { 40 - # mac-home = (import ./home/mac) {inherit pkgs;}; 41 47 mac-home = dumb-manager.configuration { 42 48 inherit pkgs nixpkgs; 43 49 module = ./home/mac; 44 50 }; 45 51 }); 46 - # apps = forAllSystems (pkgs: { 47 - # update-links = { 48 - # type = "app"; 49 - # program = "${self.packages.${pkgs.system}.update-links}"; 50 - # }; 51 - # }); 52 52 formatter = forAllSystems (pkgs: pkgs.nixfmt-rfc-style); 53 53 }; 54 54 }
+11 -6
hetzner/default.nix
··· 13 13 motd = "Bogos binted? 👽"; 14 14 server = { 15 15 owner = "did=did:plc:nmpjck4rv6hjscoxnwdltfyj"; 16 - hostname = "knot.sydney.blue"; 16 + hostname = "knot.sydney.blue"; 17 17 }; 18 18 }; 19 19 nginx = { ··· 24 24 recommendedProxySettings = true; 25 25 virtualHosts."knot.sydney.blue" = { 26 26 forceSSL = true; 27 - enableACME = true; 28 - locations."/" = { 29 - proxyPass = "http://127.0.0.1:5555"; 30 - proxyWebsockets = true; 31 - }; 27 + enableACME = true; 28 + locations."/" = { 29 + proxyPass = "http://127.0.0.1:5555"; 30 + proxyWebsockets = true; 31 + }; 32 + }; 33 + virtualHosts."bogos.binted.sydney.blue" = { 34 + forceSSL = true; 35 + enableACME = true; 36 + root = "/var/www/bogosbinted"; 32 37 }; 33 38 }; 34 39 };
+195
riptide/default.nix
··· 1 + { config, lib, pkgs, ... }: { 2 + imports = [ ./hardware.nix ]; 3 + 4 + # Boot 5 + boot = { 6 + supportedFilesystems = [ "bcachefs" ]; 7 + loader.efi.canTouchEfiVariables = true; 8 + loader.systemd-boot.enable = lib.mkForce false; 9 + loader.limine = { 10 + enable = true; 11 + efiSupport = true; 12 + style.wallpapers = []; 13 + extraEntries = builtins.readFile ./limine.extra.conf; 14 + secureBoot.enable = true; 15 + }; 16 + initrd.systemd.enable = true; 17 + kernelPackages = pkgs.linuxPackages_latest; 18 + binfmt.emulatedSystems = [ "aarch64-linux" ]; 19 + initrd.kernelModules = [ "i915" ]; 20 + }; 21 + 22 + # Networking 23 + networking = { 24 + hostName = "riptide"; 25 + networkmanager = { 26 + enable = true; 27 + wifi.backend = "iwd"; 28 + }; 29 + firewall = { 30 + allowedUDPPorts = [ 51820 ]; 31 + }; 32 + wireguard.enable = true; 33 + wireguard.interfaces = { 34 + wg0 = { 35 + ips = [ "192.168.69.3/24" ]; 36 + privateKeyFile = "/root/wireguard-keys/private"; 37 + listenPort = 51820; 38 + peers = [ 39 + { 40 + publicKey = "gDSnymmeuX4a8az4kUHcoltMMHb8mdJCti/TYV62kwA="; 41 + allowedIPs = [ "192.168.69.0/24" ]; 42 + endpoint = "185.44.83.60:12345"; 43 + persistentKeepalive = 25; 44 + } 45 + ]; 46 + }; 47 + }; 48 + }; 49 + hardware.bluetooth.enable = false; 50 + hardware.bluetooth.powerOnBoot = false; 51 + 52 + # Services 53 + systemd.services.NetworkManager-wait-online.enable = false; 54 + services = { 55 + openssh.enable = true; 56 + openssh.openFirewall = true; 57 + openssh.settings.PasswordAuthentication = false; 58 + usbmuxd = { 59 + enable = true; 60 + package = pkgs.usbmuxd2; 61 + }; 62 + fwupd.enable = true; 63 + pipewire = { 64 + enable = true; 65 + alsa.enable = true; 66 + alsa.support32Bit = true; 67 + pulse.enable = true; 68 + jack.enable = true; 69 + }; 70 + 71 + # Graphical Settings 72 + desktopManager.plasma6.enable = true; 73 + displayManager.sddm = { 74 + enable = true; 75 + wayland.enable = true; 76 + wayland.compositor = "kwin"; 77 + }; 78 + xserver = { 79 + xkb.layout = "us"; 80 + xkb.variant = "dvorak"; 81 + }; 82 + gvfs.enable = true; 83 + }; 84 + 85 + # User Account Setup 86 + users.groups.plugdev = { }; 87 + users.users.sydney = { 88 + isNormalUser = true; 89 + extraGroups = [ 90 + "wheel" 91 + "wireshark" 92 + "plugdev" 93 + "adbusers" 94 + "libvirtd" 95 + ]; 96 + shell = pkgs.zsh; 97 + description = "Sydney"; 98 + packages = with pkgs; [ 99 + ghidra 100 + jujutsu 101 + zig_0_15 102 + zed-editor 103 + fastfetch 104 + hyfetch 105 + firefox 106 + tmux 107 + texlive.combined.scheme-small 108 + (python3.withPackages ( 109 + ppkgs: with ppkgs; [ 110 + pwntools 111 + scapy 112 + pycryptodome 113 + ] 114 + )) 115 + thunderbird-latest 116 + libreoffice-qt6-fresh 117 + fragments 118 + vlc 119 + lean4 120 + ripgrep 121 + clang-tools 122 + winetricks 123 + wineWowPackages.stable 124 + darktable 125 + zoom-us 126 + corefonts 127 + vistafonts 128 + kicad 129 + ghostty 130 + hut 131 + tor-browser 132 + ]; 133 + }; 134 + 135 + # System Packages and Fonts 136 + environment.systemPackages = with pkgs; [ 137 + kdePackages.sddm-kcm 138 + pciutils 139 + usbutils 140 + sbctl 141 + lutris 142 + ifuse 143 + libimobiledevice 144 + idevicerestore 145 + ]; 146 + fonts.packages = with pkgs; [ 147 + nerd-fonts.fira-code 148 + nerd-fonts.blex-mono 149 + noto-fonts-cjk-sans 150 + noto-fonts-emoji 151 + ibm-plex 152 + maple-mono.truetype-autohint 153 + ]; 154 + 155 + # Program Settings 156 + programs.adb.enable = true; 157 + programs.nix-ld.enable = true; 158 + programs.dconf.enable = true; 159 + programs.wireshark.enable = true; 160 + programs.wireshark.package = pkgs.wireshark; 161 + 162 + # Misc 163 + security.rtkit.enable = true; 164 + hardware.graphics = { 165 + enable = true; 166 + enable32Bit = true; 167 + extraPackages = with pkgs; [ 168 + intel-compute-runtime 169 + intel-media-driver 170 + ocl-icd 171 + rocmPackages.clr.icd 172 + ]; 173 + extraPackages32 = with pkgs.pkgsi686Linux; [ 174 + intel-media-driver 175 + ]; 176 + }; 177 + 178 + virtualisation.libvirtd = { 179 + enable = true; 180 + qemu = { 181 + package = pkgs.qemu_kvm; 182 + runAsRoot = true; 183 + swtpm.enable = true; 184 + ovmf = { 185 + enable = true; 186 + packages = [(pkgs.OVMF.override { 187 + secureBoot = true; 188 + tpmSupport = true; 189 + }).fd]; 190 + }; 191 + }; 192 + }; 193 + 194 + system.stateVersion = "24.05"; 195 + }
+57
riptide/hardware.nix
··· 1 + # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 + # and may be overwritten by future invocations. Please make changes 3 + # to /etc/nixos/configuration.nix instead. 4 + { 5 + config, 6 + lib, 7 + pkgs, 8 + modulesPath, 9 + ... 10 + }: 11 + 12 + { 13 + imports = [ 14 + (modulesPath + "/installer/scan/not-detected.nix") 15 + ]; 16 + 17 + boot.initrd.availableKernelModules = [ 18 + "nvme" 19 + "xhci_pci" 20 + "ahci" 21 + "usb_storage" 22 + "usbhid" 23 + "sd_mod" 24 + ]; 25 + boot.initrd.kernelModules = [ ]; 26 + boot.kernelModules = [ "kvm-amd" ]; 27 + boot.extraModulePackages = [ ]; 28 + 29 + fileSystems."/" = { 30 + device = "/dev/disk/by-uuid/0bf95be9-87d1-455a-9e50-af86b4d7e1d7"; 31 + fsType = "bcachefs"; 32 + }; 33 + 34 + boot.initrd.luks.devices."rootfs".device = "/dev/disk/by-uuid/3d0aeb43-1859-4748-9e94-5eb820e5e4da"; 35 + 36 + fileSystems."/boot" = { 37 + device = "/dev/disk/by-uuid/32A5-48A0"; 38 + fsType = "vfat"; 39 + options = [ 40 + "fmask=0077" 41 + "dmask=0077" 42 + ]; 43 + }; 44 + 45 + swapDevices = [ ]; 46 + 47 + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 48 + # (the default) this is the recommended approach. When using systemd-networkd it's 49 + # still possible to use this option, but it's recommended to use it in conjunction 50 + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. 51 + networking.useDHCP = lib.mkDefault true; 52 + # networking.interfaces.enp15s0.useDHCP = lib.mkDefault true; 53 + # networking.interfaces.wlp16s0.useDHCP = lib.mkDefault true; 54 + 55 + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 56 + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 57 + }
+12
riptide/limine.extra.conf
··· 1 + /+W*ndoze 2 + //Faildows 11 3 + protocol: efi 4 + path: guid(039ee875-644d-43f9-9040-a2e23b8588e6):/EFI/Microsoft/Boot/bootmgfw.efi 5 + /+Frostium 6 + //Kernel 0.0.1a 7 + protocol: limine 8 + path: boot():/frostium/kernel-amd64.elf 9 + module_path: boot():/frostium/root-69.elf 10 + module_path: boot():/frostium/root-420.elf 11 + module_path: boot():/frostium/init-amd64.elf 12 +