titaniumtown/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: titaniumtown:437adced3637d95f985611d6dab3e51005ecb7c6
Branches Tags
titaniumtown:main
..
compare: titaniumtown:3b0d577f3b45733de1a0a7204941ff505633586f
Branches Tags
titaniumtown:main

3 Commits
437adced36 ... 3b0d577f3b

Author SHA1 Message Date
Simon Gardling
3b0d577f3b declarative-nm: remove with lib; 2025-06-24 20:38:23 -07:00
Simon Gardling
836159960c organize 2025-06-24 20:36:07 -07:00
Simon Gardling
0058f4553e cleanup 2025-06-23 23:01:59 -07:00
12 changed files with 107 additions and 324 deletions
Expand all files Collapse all files

8
README.md
View File

@@ -1,16 +1,12 @@
# My Dotfiles ✨ # My Dotfiles ✨
These are my dotfiles for my laptop and desktop (which I use [NixOS](https://nixos.org/) and [home-manager](https://github.com/nix-community/home-manager) on). These are my dotfiles for my laptop and desktop (which I use [NixOS](https://nixos.org/) and [home-manager](https://github.com/nix-community/home-manager) on).
## Structure
The `nix` folder contains two sub directories, `etcnixos` and `home-manager`. The former is the contents of `/etc/nixos` (hence the name), whereas the latter is the contents of `~/.config/home-manager`.
`justfile` is the [just](https://github.com/casey/just) script I use for updating my NixOS system and syncing the changes with this repo.
## What do I use? ## What do I use?
Browser: Firefox 🦊 (actually [Zen Browser](https://github.com/zen-browser/desktop) :p) Browser: Firefox 🦊 (actually [Zen Browser](https://github.com/zen-browser/desktop) :p)
Text Editor: [helix](https://github.com/helix-editor/helix) Text Editor: [Doom Emacs](https://github.com/doomemacs/doomemacs)
Terminal: [alacritty](https://github.com/alacritty/alacritty) Terminal: [ghostty](https://github.com/ghostty-org/ghostty)
Shell: [fish](https://fishshell.com/) with the [pure](https://github.com/pure-fish/pure) prompt Shell: [fish](https://fishshell.com/) with the [pure](https://github.com/pure-fish/pure) prompt

57
etcnixos/common.nix
View File

@@ -20,8 +20,14 @@
inputs.nixos-hardware.nixosModules.common-pc-ssd inputs.nixos-hardware.nixosModules.common-pc-ssd
inputs.chaotic.nixosModules.default inputs.chaotic.nixosModules.default
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
inputs.lanzaboote.nixosModules.lanzaboote
]; ];
hardware.enableRedistributableFirmware = true;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
swapDevices = [ ];
nix = { nix = {
# optimize the store # optimize the store
optimise.automatic = true; optimise.automatic = true;
@@ -33,30 +39,58 @@
]; ];
}; };
system.activationScripts = {
# extract all my secureboot keys
# TODO! proper secrets management
"secureboot-keys".text = ''
#!/bin/sh
rm -fr ${config.boot.lanzaboote.pkiBundle} || true
mkdir -p ${config.boot.lanzaboote.pkiBundle}
${pkgs.gnutar}/bin/tar xf ${./secrets/secureboot.tar} -C ${config.boot.lanzaboote.pkiBundle}
chown -R root:wheel ${config.boot.lanzaboote.pkiBundle}
chmod -R 500 ${config.boot.lanzaboote.pkiBundle}
'';
};
# kernel options # kernel options
boot = { boot = {
kernelPackages = pkgs.linuxPackages_cachyos-lto; kernelPackages = pkgs.linuxPackages_cachyos-lto;
# kernelPackages = pkgs.linuxPackages_latest; # kernelPackages = pkgs.linuxPackages_latest;
# kernelPackages = pkgs.linuxPackages; # kernelPackages = pkgs.linuxPackages;
kernel.sysctl = { lanzaboote = {
# dmesg shushhhhh enable = true;
"kernel.printk" = "2 4 1 7"; # TODO: proper secrets management so this is not stored in nix store
pkiBundle = "/var/lib/sbctl";
}; };
# Bootloader. # Bootloader.
loader = { loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true; efi.canTouchEfiVariables = true;
timeout = 1; timeout = 1;
/*
Lanzaboote currently replaces the systemd-boot module.
This setting is usually set to true in configuration.nix
generated at installation time. So we force it to false
for now.
*/
systemd-boot.enable = lib.mkForce false;
}; };
initrd = { initrd = {
compressor = "zstd"; compressor = "zstd";
availableKernelModules = [
"xhci_pci"
"thunderbolt"
"nvme"
"usbhid"
];
}; };
kernelModules = [ kernelModules = [
"kvm-amd"
"ip_tables" "ip_tables"
"iptable_nat" "iptable_nat"
"msr" "msr"
@@ -95,7 +129,7 @@
mullvad-vpn.enable = true; mullvad-vpn.enable = true;
}; };
# Set your time zone. # EST
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
security = { security = {
@@ -117,18 +151,6 @@
# Select internationalisation properties. # Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
# Enable Bluetooth # Enable Bluetooth
hardware.bluetooth = { hardware.bluetooth = {
enable = true; enable = true;
@@ -218,6 +240,7 @@
}; };
system.stateVersion = "24.11"; system.stateVersion = "24.11";
nixpkgs.hostPlatform = "x86_64-linux";
documentation.enable = true; documentation.enable = true;
documentation.man.enable = true; documentation.man.enable = true;

11
etcnixos/declarative-nm.nix
View File

@@ -4,12 +4,11 @@
pkgs, pkgs,
... ...
}: }:
with lib;
# from: https://discourse.nixos.org/t/imperative-declarative-wifi-networks-with-wpa-supplicant/12394/6 # from: https://discourse.nixos.org/t/imperative-declarative-wifi-networks-with-wpa-supplicant/12394/6
let let
cfg = config.networking.networkmanager; cfg = config.networking.networkmanager;
getFileName = stringAsChars (x: if x == " " then "-" else x); getFileName = lib.stringAsChars (x: if x == " " then "-" else x);
createWifi = ssid: opt: { createWifi = ssid: opt: {
name = "NetworkManager/system-connections/${getFileName ssid}.nmconnection"; name = "NetworkManager/system-connections/${getFileName ssid}.nmconnection";
@@ -24,21 +23,21 @@ let
ssid=${ssid} ssid=${ssid}
[wifi-security] [wifi-security]
${optionalString (opt.psk != null) '' ${lib.optionalString (opt.psk != null) ''
key-mgmt=wpa-psk key-mgmt=wpa-psk
psk=${opt.psk}''} psk=${opt.psk}''}
''; '';
}; };
}; };
keyFiles = mapAttrs' createWifi config.networking.wireless.networks; keyFiles = lib.mapAttrs' createWifi config.networking.wireless.networks;
in in
{ {
config = mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.etc = keyFiles; environment.etc = keyFiles;
systemd.services.NetworkManager-predefined-connections = { systemd.services.NetworkManager-predefined-connections = {
restartTriggers = mapAttrsToList (name: value: value.source) keyFiles; restartTriggers = lib.mapAttrsToList (name: value: value.source) keyFiles;
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = true; RemainAfterExit = true;

30
etcnixos/hardware_desktop.nix
View File

@@ -1,6 +1,3 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ {
config, config,
lib, lib,
@@ -8,22 +5,7 @@
modulesPath, modulesPath,
... ...
}: }:
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/ff51be5a-b87b-4e6a-9c1d-796ceeaca153"; device = "/dev/disk/by-uuid/ff51be5a-b87b-4e6a-9c1d-796ceeaca153";
fsType = "ext4"; fsType = "ext4";
@@ -44,16 +26,4 @@
options = [ "nofail" ]; options = [ "nofail" ];
}; };
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

22
etcnixos/hardware_laptop.nix
View File

@@ -6,15 +6,6 @@
... ...
}: }:
{ {
boot.initrd.availableKernelModules = [
"xhci_pci"
"thunderbolt"
"nvme"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
disko.devices = { disko.devices = {
disk = { disk = {
main = { main = {
@@ -59,17 +50,4 @@
}; };
}; };
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp166s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.enableRedistributableFirmware = true;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

48
etcnixos/system-mreow.nix
View File

@@ -12,7 +12,6 @@
./hardware_laptop.nix ./hardware_laptop.nix
inputs.nixos-hardware.nixosModules.framework-amd-ai-300-series inputs.nixos-hardware.nixosModules.framework-amd-ai-300-series
inputs.lanzaboote.nixosModules.lanzaboote
]; ];
# completely and utterly broken # completely and utterly broken
@@ -38,38 +37,6 @@
}; };
}; };
boot = {
lanzaboote = {
enable = true;
# TODO: proper secrets management so this is not stored in nix store
pkiBundle = "/var/lib/sbctl";
};
# Bootloader.
loader = {
/*
Lanzaboote currently replaces the systemd-boot module.
This setting is usually set to true in configuration.nix
generated at installation time. So we force it to false
for now.
*/
systemd-boot.enable = lib.mkForce false;
};
};
system.activationScripts = {
# extract all my secureboot keys
# TODO! proper secrets management
"secureboot-keys".text = ''
#!/bin/sh
rm -fr ${config.boot.lanzaboote.pkiBundle} || true
mkdir -p ${config.boot.lanzaboote.pkiBundle}
${pkgs.gnutar}/bin/tar xf ${./secrets/secureboot.tar} -C ${config.boot.lanzaboote.pkiBundle}
chown -R root:wheel ${config.boot.lanzaboote.pkiBundle}
chmod -R 500 ${config.boot.lanzaboote.pkiBundle}
'';
};
programs.gamescope = { programs.gamescope = {
enable = true; enable = true;
capSysNice = true; capSysNice = true;
@@ -79,21 +46,6 @@
gamescopeSession.enable = true; gamescopeSession.enable = true;
}; };
# this is a life saver.
# literally no documentation about this anywhere.
# might be good to write about this...
# https://www.reddit.com/r/NixOS/comments/u0cdpi/tuigreet_with_xmonad_how/
systemd.services.greetd.serviceConfig = {
Type = "idle";
StandardInput = "tty";
StandardOutput = "tty";
StandardError = "journal"; # Without this errors will spam on screen
# Without these bootlogs will spam on screen
TTYReset = true;
TTYVHangup = true;
TTYVTDisallocate = true;
};
system.activationScripts = { system.activationScripts = {
# FIX: https://github.com/NixOS/nix/issues/2982 # FIX: https://github.com/NixOS/nix/issues/2982
"profile-channel-dummy".text = '' "profile-channel-dummy".text = ''

3
etcnixos/system-yarn.nix
View File

@@ -20,9 +20,6 @@
networking.hostId = "abf570f9"; networking.hostId = "abf570f9";
boot = { boot = {
# fixes zenpower driver issue
kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
kernelParams = [ kernelParams = [
# allow overclocking (I actually underclock but lol) # allow overclocking (I actually underclock but lol)
"amdgpu.ppfeaturemask=0xFFF7FFFF" "amdgpu.ppfeaturemask=0xFFF7FFFF"

1
home-manager/gui.nix
View File

@@ -7,7 +7,6 @@
{ {
imports = [ imports = [
./no-gui.nix ./no-gui.nix
# ./progs/alacritty.nix
./progs/ghostty.nix ./progs/ghostty.nix
./progs/emacs.nix ./progs/emacs.nix
# ./progs/trezor.nix # - broken # ./progs/trezor.nix # - broken

9
home-manager/home-yarn.nix
View File

@@ -6,7 +6,9 @@
... ...
}: }:
{ {
imports = [ ./gui.nix ]; imports = [
./gui.nix
];
home.packages = with pkgs; [ home.packages = with pkgs; [
protontricks protontricks
@@ -15,11 +17,6 @@
bs-manager bs-manager
]; ];
programs.alacritty.settings = {
window.decorations = lib.mkForce "full";
window.opacity = lib.mkForce 1.0;
};
programs.obs-studio = { programs.obs-studio = {
enable = true; enable = true;
plugins = with pkgs.obs-studio-plugins; [ plugins = with pkgs.obs-studio-plugins; [

108
home-manager/no-gui.nix
View File

@@ -44,6 +44,57 @@ let
cmake-language-server # cmake lsp cmake-language-server # cmake lsp
]; ];
java_tools = with pkgs; [
# java development
google-java-format # formatter
jdk # java
# java assembler
jasmin
];
common_tools = with pkgs; [
# hex viewer
hexyl
# find typos in code
typos
# replacements for common posix tools
eza # ls replacement
bat # pretty `cat` clone
delta # viewer for `git` and `diff` output
dust # pretty `du` version
duf # better `df` clone
gping # `ping`... but with a graph!!
tldr # `man` but more straight-forward and simpler
ripgrep # grep, but written in rust, respects .gitignore, and very very fast, command is `rg`
fd # alternative to `find`
# status tools
htop
bottom
# other tools
unzip
wget
killall
file
b3sum
# "A hexadecimal, binary, and ASCII dump utility with color support"
tinyxxd
# networking tool
lsof
# view SMART status of drives
smartmontools
# adds `sensors` command
lm_sensors
];
in in
{ {
imports = [ imports = [
@@ -66,12 +117,6 @@ in
home.packages = home.packages =
with pkgs; with pkgs;
[ [
# hex viewer
hexyl
# find typos in code
typos
# python formatter # python formatter
ruff ruff
@@ -79,40 +124,13 @@ in
hugo hugo
go go
# java development
google-java-format # formatter
jdk # java
# for benchmaking stuff # for benchmaking stuff
hyperfine hyperfine
# replacements for common posix tools
eza # ls replacement
bat # pretty `cat` clone
delta # viewer for `git` and `diff` output
dust # pretty `du` version
duf # better `df` clone
gping # `ping`... but with a graph!!
tldr # `man` but more straight-forward and simpler
ripgrep # grep, but written in rust, respects .gitignore, and very very fast, command is `rg`
lurk # better strace
# alternative to `find`
fd
# adds `sensors` command
lm_sensors
just just
pfetch-rs pfetch-rs
waypipe waypipe
htop
bottom
wget
unzip
compsize
killall
sshfs sshfs
@@ -125,10 +143,6 @@ in
# "~~matt's~~ my trace route" # "~~matt's~~ my trace route"
mtr mtr
file
b3sum
ffmpeg-full ffmpeg-full
# microcontroller tooling # microcontroller tooling
@@ -152,15 +166,11 @@ in
binwalk binwalk
smartmontools
# clang-format and clang-tidy # clang-format and clang-tidy
clang-tools clang-tools
clang clang
gdb gdb
fio
age age
git-crypt git-crypt
@@ -178,13 +188,6 @@ in
borgbackup borgbackup
tinyxxd
bfc
# java assembler
jasmin
# used to deploy nix system to server # used to deploy nix system to server
# (and in the future, desktop) # (and in the future, desktop)
deploy-rs deploy-rs
@@ -193,7 +196,9 @@ in
powerstat powerstat
] ]
++ rust_pkgs ++ rust_pkgs
++ lsps; ++ lsps
++ java_tools
++ common_tools;
# https://github.com/flamegraph-rs/flamegraph # https://github.com/flamegraph-rs/flamegraph
home.file.".cargo/config.toml".text = '' home.file.".cargo/config.toml".text = ''
@@ -202,11 +207,6 @@ in
rustflags = ["-Clink-arg=-Wl,--no-rosegment"] rustflags = ["-Clink-arg=-Wl,--no-rosegment"]
''; '';
# default applications
home.sessionVariables = {
EDITOR = "hx";
};
# git (self explanatory) # git (self explanatory)
programs.git = { programs.git = {
enable = true; enable = true;

131
home-manager/progs/alacritty.nix
View File

@@ -1,131 +0,0 @@
{ pkgs, ... }:
{
home.sessionVariables = {
TERMINAL = "alacritty";
};
programs.alacritty = {
enable = true;
package = pkgs.alacritty;
settings = {
# some programs can't handle alacritty
env.TERM = "xterm-256color";
window = {
# using a window manager, no decorations needed
decorations = "none";
# semi-transparent
opacity = 0.90;
# padding between the content of the terminal and the edge
padding = {
x = 10;
y = 10;
};
dimensions = {
columns = 80;
lines = 40;
};
};
scrolling = {
history = 1000;
multiplier = 3;
};
font =
let
baseFont = {
family = "JetBrains Mono Nerd Font";
style = "Regular";
};
in
{
size = 12;
normal = baseFont;
bold = baseFont // {
style = "Bold";
};
italic = baseFont // {
style = "Italic";
};
offset.y = 0;
glyph_offset.y = 0;
};
# color scheme
colors =
let
normal = {
black = "0x1b1e28";
red = "0xd0679d";
green = "0x5de4c7";
yellow = "0xfffac2";
blue = "#435c89";
magenta = "0xfcc5e9";
cyan = "0xadd7ff";
white = "0xffffff";
};
bright = {
black = "0xa6accd";
red = normal.red;
green = normal.green;
yellow = normal.yellow;
blue = normal.cyan;
magenta = "0xfae4fc";
cyan = "0x89ddff";
white = normal.white;
};
in
{
inherit normal bright;
primary = {
background = "0x131621";
foreground = bright.black;
};
cursor = {
text = "CellBackground";
cursor = "CellForeground";
};
search =
let
foreground = normal.black;
background = normal.cyan;
in
{
matches = {
inherit foreground background;
};
focused_match = {
inherit foreground background;
};
};
selection = {
text = "CellForeground";
background = "0x303340";
};
vi_mode_cursor = {
text = "CellBackground";
cursor = "CellForeground";
};
};
cursor = {
style = "Underline";
vi_mode_style = "Underline";
};
};
};
}

3
home-manager/progs/helix.nix
View File

@@ -1,5 +1,8 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
# set helix as default editor
home.sessionVariables.EDITOR = "hx";
programs.helix = { programs.helix = {
enable = true; enable = true;
package = pkgs.helix; package = pkgs.helix;