diff --git a/flake.lock b/flake.lock index e9313c6..93b9a5a 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1706955260, - "narHash": "sha256-W3y0j77IDVbmbajudHoUr46RpswujUCl+D5Vru53UsI=", + "lastModified": 1707175763, + "narHash": "sha256-0MKHC6tQ4KEuM5rui6DjKZ/VNiSANB4E+DJ/+wPS1PU=", "owner": "nix-community", "repo": "home-manager", - "rev": "880d9bc2110f7cae59698f715b8ca42cdc53670c", + "rev": "f99eace7c167b8a6a0871849493b1c613d0f1b80", "type": "github" }, "original": { @@ -22,11 +22,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1706834982, - "narHash": "sha256-3CfxA7gZ+DVv/N9Pvw61bV5Oe/mWfxYPyVQGqp9TMJA=", + "lastModified": 1707211557, + "narHash": "sha256-LTKTzZ6fM5j8XWXf51IMBzDaOaJg9kYWLUZxoIhzRN8=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "83e571bb291161682b9c3ccd48318f115143a550", + "rev": "6e5cc385fc8cf5ca6495d70243074ccdea9f64c7", "type": "github" }, "original": { @@ -38,11 +38,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1706732774, - "narHash": "sha256-hqJlyJk4MRpcItGYMF+3uHe8HvxNETWvlGtLuVpqLU0=", + "lastModified": 1707092692, + "narHash": "sha256-ZbHsm+mGk/izkWtT4xwwqz38fdlwu7nUUKXTOmm4SyE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b8b232ae7b8b144397fdb12d20f592e5e7c1a64d", + "rev": "faf912b086576fd1a15fca610166c98d47bc667e", "type": "github" }, "original": { diff --git a/modules/default.nix b/modules/default.nix index 4e96881..bb7b978 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -55,6 +55,7 @@ ./dbus.nix ./fonts.nix ./greetd.nix + ./gstreamer.nix ./i18n.nix ./kdeconnect.nix ./keyd.nix @@ -70,6 +71,7 @@ ./packages.nix ./printing.nix ./security.nix + ./services.nix ./shell.nix ./steam.nix ./udisks2.nix diff --git a/modules/gstreamer.nix b/modules/gstreamer.nix new file mode 100644 index 0000000..3878547 --- /dev/null +++ b/modules/gstreamer.nix @@ -0,0 +1,8 @@ +{ lib, pkgs, ... }: { + environment.sessionVariables.GST_PLUGIN_SYSTEM_PATH_1_0 = lib.makeSearchPathOutput "lib" "lib/gstreamer-1.0" (with pkgs.gst_all_1; [ + gst-plugins-base + gst-plugins-good + gst-plugins-bad + gst-plugins-ugly + ]); +} diff --git a/modules/packages.nix b/modules/packages.nix index 948c03a..c147b85 100644 --- a/modules/packages.nix +++ b/modules/packages.nix @@ -1,21 +1,21 @@ { lib, pkgs, config, ... }: { environment.systemPackages = with pkgs; with config.bchmnn; [ - pciutils - usbutils - git - gnumake - mercurial # contains 'hg' - wget - neofetch - lsd - ripgrep - expect # contains 'unbuffer' - jq # parse json - unzip - libsecret - xidel # xml parser - nvd # nix diff package versions between two store paths - inotify-tools # set of command-line programs providing a simple interface to inotify + pciutils # A collection of programs for inspecting and manipulating configuration of PCI devices + usbutils # Tools for working with USB devices, such as lsusb + git # Distributed version control system + gnumake # A tool to control the generation of non-source files from sources + mercurial # A fast, lightweight SCM system for very large distributed projects + wget # Tool for retrieving files using HTTP, HTTPS, and FTP + neofetch # A fast, highly customizable system info script + lsd # The next gen ls command + ripgrep # A utility that combines the usability of The Silver Searcher with the raw speed of grep + expect # A tool for automating interactive applications + jq # A lightweight and flexible command-line JSON processor + unzip # An extraction utility for archives compressed in .zip format + libsecret # A library for storing and retrieving passwords and other secrets + xidel # Command line tool to download and extract data from HTML/XML pages as well as JSON APIs + nvd # Nix/NixOS package version diff tool + inotify-tools # a C library and a set of command-line programs providing a simple interface to inotify ] ++ lib.optionals (devenv.enable) [ # languages gcc13 @@ -32,10 +32,11 @@ bun-baseline nodejs_21 nodenv + nodePackages.yarn + nodePackages.pnpm ] ++ lib.optionals (gui.enable) [ - libnotify - glib # gsettings - xdg-utils # for opening default programs + libnotify # A library that sends desktop notifications to a notification daemon + xdg-utils # A set of command line tools that assist applications with a variety of desktop integration tasks ] ++ lib.optionals (gui.enable && lib.elem "sway" gui.flavour) [ qt5.qtwayland qt6.qtwayland diff --git a/modules/security.nix b/modules/security.nix index 2b01384..6d092be 100644 --- a/modules/security.nix +++ b/modules/security.nix @@ -1,8 +1,9 @@ { config, lib, ... }: { - security.polkit.enable = true; + security.polkit.enable = true; # rtkit is optional but recommended security.rtkit.enable = true; + networking.firewall.enable = true; } // (lib.mkIf (lib.elem "sway" config.bchmnn.gui.flavour) { @@ -10,4 +11,10 @@ # https://github.com/NixOS/nixpkgs/issues/158025 security.pam.services.swaylock = { }; +}) // (lib.mkIf (config.bchmnn.devenv.enable) { + + networking.firewall = { + allowedTCPPorts = [ 3000 ]; + }; + }) diff --git a/modules/services.nix b/modules/services.nix new file mode 100644 index 0000000..d725144 --- /dev/null +++ b/modules/services.nix @@ -0,0 +1,8 @@ +{ ... }: { + + services.plex = { + enable = false; + openFirewall = false; + }; + +} diff --git a/modules/virtualisation.nix b/modules/virtualisation.nix index c61b5d1..4ad6c80 100644 --- a/modules/virtualisation.nix +++ b/modules/virtualisation.nix @@ -1,7 +1,13 @@ { config, lib, pkgs, ... }: lib.mkIf config.bchmnn.virtualisation.enable { # virt-manager - virtualisation.libvirtd.enable = true; + virtualisation = { + docker = { + enable = true; + storageDriver = "btrfs"; + }; + libvirtd.enable = true; + }; programs = { dconf.enable = true; virt-manager.enable = true; diff --git a/users/gandalf/default.nix b/users/gandalf/default.nix index a48c0de..f67ab96 100644 --- a/users/gandalf/default.nix +++ b/users/gandalf/default.nix @@ -5,7 +5,7 @@ in { users.users.gandalf = { isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "libvirtd" ]; + extraGroups = [ "wheel" "networkmanager" "libvirtd" "docker" ]; }; home-manager.useGlobalPkgs = true; diff --git a/users/gandalf/modules/gui/i3/default.nix b/users/gandalf/modules/gui/i3/default.nix index 445ca52..34216cf 100644 --- a/users/gandalf/modules/gui/i3/default.nix +++ b/users/gandalf/modules/gui/i3/default.nix @@ -24,7 +24,7 @@ in udiskie # automount usb blueman # control bluetooth nextcloud-client # nextcloud client to connect to any instance - plasma5Packages.kdeconnect-kde # sync phone and pc + libsForQt5.kdeconnect-kde # sync phone and pc system-config-printer # printer manager ]; diff --git a/users/gandalf/modules/gui/programs/default.nix b/users/gandalf/modules/gui/programs/default.nix index cc4dd91..f674606 100644 --- a/users/gandalf/modules/gui/programs/default.nix +++ b/users/gandalf/modules/gui/programs/default.nix @@ -7,33 +7,40 @@ ./keyring.nix ./obs.nix ./vscode.nix + ./zathura.nix ]; home.packages = with pkgs; [ - tor-browser - firefox - thunderbird - speechd # https://support.mozilla.org/en-US/kb/speechd-setup - gnome.nautilus - gimp - vlc - calibre - qbittorrent - gnome.simple-scan - telegram-desktop - signal-desktop - zoom-us - zathura - obsidian - libreoffice + + firefox # a web browser built from firefox source tree + thunderbird # a full-featured e-mail client + speechd # common interface to speech synthesis - https://support.mozilla.org/en-us/kb/speechd-setup + tor-browser # privacy-focused browser routing traffic through the tor network + qbittorrent # featureful free software bittorrent client + + telegram-desktop # telegram desktop messaging app + signal-desktop # private, simple, and secure messenger + zoom-us # zoom.us video conferencing application + + gnome.nautilus # the file manager for gnome + gnome.simple-scan # simple scanning utility + feh # a light-weight image viewer + vlc # cross-platform media player and streaming server + zathura # a highly customizable and functional pdf viewer + neovide # a simple graphical user interface for neovim + + obsidian # a powerful knowledge base that works on top of a local folder of plain text markdown files + gimp # the gnu image manipulation program + calibre # comprehensive e-book software + libreoffice # comprehensive, professional-quality productivity suite, a variant of openoffice.org carla # audio plugin host - aether-lv2 # an algorithmic reverb lv2 based on cloudseed picard # musicbrainz picard audio file tagger + ] ++ lib.optionals nixosConfig.bchmnn.printing.enable [ - system-config-printer + system-config-printer # graphical user interface for cups administration ] ++ lib.optionals nixosConfig.bchmnn.games.enable [ - prismlauncher - openjdk17 + openjdk17 # the open-source java development kit + prismlauncher # a free, open source launcher for minecraft ]; } diff --git a/users/gandalf/modules/gui/programs/zathura.nix b/users/gandalf/modules/gui/programs/zathura.nix new file mode 100644 index 0000000..0d88c40 --- /dev/null +++ b/users/gandalf/modules/gui/programs/zathura.nix @@ -0,0 +1,9 @@ +{ ... }: { + # a highly customizable and functional pdf viewer + programs.zathura = { + enable = true; + options = { + selection-clipboard = "clipboard"; + }; + }; +} diff --git a/users/gandalf/modules/gui/sway/default.nix b/users/gandalf/modules/gui/sway/default.nix index 867279c..749c887 100644 --- a/users/gandalf/modules/gui/sway/default.nix +++ b/users/gandalf/modules/gui/sway/default.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, config, nixosConfig, ... }: +{ pkgs, lib, config, ... }: let cfg = config.wayland.windowManager.sway.config; @@ -15,22 +15,22 @@ in ]; home.packages = with pkgs; [ - brightnessctl # control screen brightness - pavucontrol # control audio - playerctl # control player - networkmanagerapplet # control network - udiskie # automount usb - dracula-theme # gtk theme - gnome3.adwaita-icon-theme # default gnome cursors - wl-clipboard # cli tool to manage wayland clipboard - sway-contrib.grimshot - wdisplays - wlr-randr - kanshi # display manager - nextcloud-client # self hosted cloud client - plasma5Packages.kdeconnect-kde # sync phone and pc - system-config-printer # printer manager - emote # emoji picker + brightnessctl # this program allows you read and control device brightness + pavucontrol # pulseaudio volume control + playerctl # command-line utility and library for controlling media players that implement mpris + networkmanagerapplet # networkmanager control applet for gnome + udiskie # removable disk automounter for udisks + dracula-theme # dracula variant of the ant theme + gnome3.adwaita-icon-theme + wl-clipboard # command-line copy/paste utilities for wayland + sway-contrib.grimshot # a helper for screenshots within sway + wdisplays # a graphical application for configuring displays in wayland compositors + wlr-randr # an xrandr clone for wlroots compositors + kanshi # dynamic display configuration tool + nextcloud-client # nextcloud themed desktop client + libsForQt5.kdeconnect-kde # kde connect provides several features to integrate your phone and your computer + system-config-printer # graphical user interface for cups administration + emote # modern emoji picker for linux ]; programs.swaylock = { @@ -81,12 +81,12 @@ in menu = "${pkgs.wofi}/bin/wofi"; startup = with pkgs; [ # TODO activate with systemd prbly requires a graphical.target? - { command = "${nixosConfig.systemd.package}/bin/systemctl --user import-environment XDG_SESSION_TYPE XDG_CURRENT_DESKTOP"; } - { command = "${dbus}/bin/dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway"; } - { command = "${nixosConfig.systemd.package}/bin/systemctl --user stop xdg-desktop-portal xdg-desktop-portal-wlr"; } - { command = "${nixosConfig.systemd.package}/bin/systemctl --user start xdg-desktop-portal xdg-desktop-portal-wlr"; } + # { command = "${nixosConfig.systemd.package}/bin/systemctl --user import-environment XDG_SESSION_TYPE XDG_CURRENT_DESKTOP"; } + # { command = "${dbus}/bin/dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway"; } + # { command = "${nixosConfig.systemd.package}/bin/systemctl --user stop xdg-desktop-portal xdg-desktop-portal-wlr"; } + # { command = "${nixosConfig.systemd.package}/bin/systemctl --user start xdg-desktop-portal xdg-desktop-portal-wlr"; } # { command = "${dbus}/bin/dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK"; } - # { command = "${dbus}/bin/dbus-update-activation-environment --all"; } + { command = "${dbus}/bin/dbus-update-activation-environment --all"; } { command = "${kanshi}/bin/kanshi"; } { command = "${networkmanagerapplet}/bin/nm-applet"; } { command = "${blueman}/bin/blueman-applet"; } diff --git a/users/gandalf/modules/packages.nix b/users/gandalf/modules/packages.nix index 5dbe94f..60aa545 100644 --- a/users/gandalf/modules/packages.nix +++ b/users/gandalf/modules/packages.nix @@ -1,15 +1,16 @@ { pkgs, ... }: { home.packages = with pkgs; [ - gopass - gopass-jsonapi - yt-dlp + gopass # slightly more awesome standard unix password manager for teams. written in go + gopass-jsonapi # enables communication with gopass via json messages + yt-dlp # command-line tool to download videos from youtube.com and other sites (youtube-dl fork) ranger # a vim-inspired filemanager for the console gdu # fast disk usage analyzer with console interface written in go duf # disk usage/free utility - a better 'df' alternative phoronix-test-suite # the phoronix test suite open-source, cross-platform automated testing/benchmarking software - ffmpeg - texliveFull + ffmpeg # complete, cross-platform solution to record, convert and stream audio and video + texliveFull # tex live environment + imagemagick # software suite to create, edit, compose, or convert bitmap images ]; }