diff --git a/README.md b/README.md new file mode 100644 index 0000000..ff58ed5 --- /dev/null +++ b/README.md @@ -0,0 +1,41 @@ +# Installation + +```sh +git clone https://codeberg.org/muon/home && cd home +sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount hosts/$(hostname)/disk-config.nix +sudo btrfs subvolume snapshot -r /mnt /mnt/root-blank +sudo nixos-generate-config --root /mnt +cp /mnt/etc/nixos/hardware-configuration.nix hosts/$(hostname)/hardware-configuration.nix +sudo nixos-install --root /mnt --no-root-passwd --flake .#$(hostname) +``` + +# Impermanence + +## Erasure + +```nix + boot.initrd.postResumeCommands = lib.mkAfter '' + mkdir /btrfs_tmp + mount /dev/mapper/crypted /btrfs_tmp + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi + + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + umount /btrfs_tmp + ''; +``` diff --git a/flake.lock b/flake.lock index 55af8df..fab5027 100644 --- a/flake.lock +++ b/flake.lock @@ -37,11 +37,11 @@ "base16-helix": { "flake": false, "locked": { - "lastModified": 1748408240, - "narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=", + "lastModified": 1752979451, + "narHash": "sha256-0CQM+FkYy0fOO/sMGhOoNL80ftsAzYCg9VhIrodqusM=", "owner": "tinted-theming", "repo": "base16-helix", - "rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e", + "rev": "27cf1e66e50abc622fb76a3019012dc07c678fac", "type": "github" }, "original": { @@ -114,21 +114,6 @@ "type": "github" } }, - "flake-compat_3": { - "locked": { - "lastModified": 1747046372, - "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -137,11 +122,11 @@ ] }, "locked": { - "lastModified": 1743550720, - "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", + "lastModified": 1751413152, + "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "c621e8422220273271f52058f618c94e405bb0f5", + "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5", "type": "github" }, "original": { @@ -184,54 +169,6 @@ "type": "github" } }, - "git-hooks": { - "inputs": { - "flake-compat": [ - "stylix", - "flake-compat" - ], - "gitignore": "gitignore", - "nixpkgs": [ - "stylix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1747372754, - "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "gitignore": { - "inputs": { - "nixpkgs": [ - "stylix", - "git-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, "gnome-shell": { "flake": false, "locked": { @@ -256,11 +193,11 @@ ] }, "locked": { - "lastModified": 1751580393, - "narHash": "sha256-oRipTA4/JGeDGI31GNNVGFx0uhuR7h/R9SvkR4K8Axc=", + "lastModified": 1753595562, + "narHash": "sha256-Ci88mAdtiP5RQkYmVhRUq69iYPMM7/lS9/mw+FnC7DE=", "owner": "nix-community", "repo": "home-manager", - "rev": "402333d5ec2f9eed0f2584555936361f39d2f93e", + "rev": "710771af3d1c8c3f86a9e5d562616973ed5f3f21", "type": "github" }, "original": { @@ -269,24 +206,18 @@ "type": "github" } }, - "home-manager_2": { - "inputs": { - "nixpkgs": [ - "stylix", - "nixpkgs" - ] - }, + "impermanence": { "locked": { - "lastModified": 1751146119, - "narHash": "sha256-gvjG95TCnUVJkvQvLMlnC4NqiqFyBdJk3o8/RwuHeaU=", + "lastModified": 1737831083, + "narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=", "owner": "nix-community", - "repo": "home-manager", - "rev": "76d0c31fce2aa0c71409de953e2f9113acd5b656", + "repo": "impermanence", + "rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170", "type": "github" }, "original": { "owner": "nix-community", - "repo": "home-manager", + "repo": "impermanence", "type": "github" } }, @@ -297,11 +228,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1749976779, - "narHash": "sha256-Mjb4qsu+Fma1cXe1lGo0GqisvsiUeW0LfacziI7C7oM=", + "lastModified": 1752566074, + "narHash": "sha256-hWPv6S5lFn6qOQdSL5Ad/m0mge2ALTC8WEAR7c6YWcE=", "owner": "thiagokokada", "repo": "nix-alien", - "rev": "f8716e36f8864e2f50663fde364ddd8dce5d937f", + "rev": "ccf263b7ac5f44f89fd990594b09aa52de3d6585", "type": "github" }, "original": { @@ -318,11 +249,11 @@ ] }, "locked": { - "lastModified": 1749960154, - "narHash": "sha256-EWlr9MZDd+GoGtZB4QsDzaLyaDQPGnRY03MFp6u2wSg=", + "lastModified": 1752441837, + "narHash": "sha256-FMH1OSSJp8Cx8MZHXz6KckxJGbCnVMotZNAH3v2WneU=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "424a40050cdc5f494ec45e46462d288f08c64475", + "rev": "839e02dece5845be3a322e507a79712b73a96ba2", "type": "github" }, "original": { @@ -353,11 +284,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1749794982, - "narHash": "sha256-Kh9K4taXbVuaLC0IL+9HcfvxsSUx8dPB5s5weJcc9pc=", + "lastModified": 1751984180, + "narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ee930f9755f58096ac6e8ca94a1887e0534e2d81", + "rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0", "type": "github" }, "original": { @@ -385,11 +316,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1751271578, - "narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=", + "lastModified": 1753429684, + "narHash": "sha256-9h7+4/53cSfQ/uA3pSvCaBepmZaz/dLlLVJnbQ+SJjk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df", + "rev": "7fd36ee82c0275fb545775cc5e4d30542899511d", "type": "github" }, "original": { @@ -401,11 +332,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1748460289, - "narHash": "sha256-7doLyJBzCllvqX4gszYtmZUToxKvMUrg45EUWaUYmBg=", + "lastModified": 1751792365, + "narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "96ec055edbe5ee227f28cdbc3f1ddf1df5965102", + "rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb", "type": "github" }, "original": { @@ -424,15 +355,14 @@ "nixpkgs": [ "stylix", "nixpkgs" - ], - "treefmt-nix": "treefmt-nix" + ] }, "locked": { - "lastModified": 1748730660, - "narHash": "sha256-5LKmRYKdPuhm8j5GFe3AfrJL8dd8o57BQ34AGjJl1R0=", + "lastModified": 1751906969, + "narHash": "sha256-BSQAOdPnzdpOuCdAGSJmefSDlqmStFNScEnrWzSqKPw=", "owner": "nix-community", "repo": "NUR", - "rev": "2c0bc52fe14681e9ef60e3553888c4f086e46ecb", + "rev": "ddb679f4131e819efe3bbc6457ba19d7ad116f25", "type": "github" }, "original": { @@ -444,6 +374,7 @@ "root": { "inputs": { "home-manager": "home-manager", + "impermanence": "impermanence", "nix-alien": "nix-alien", "nix-minecraft": "nix-minecraft", "nixpkgs": "nixpkgs_3", @@ -459,11 +390,11 @@ ] }, "locked": { - "lastModified": 1750119275, - "narHash": "sha256-Rr7Pooz9zQbhdVxux16h7URa6mA80Pb/G07T4lHvh0M=", + "lastModified": 1752544651, + "narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=", "owner": "Mic92", "repo": "sops-nix", - "rev": "77c423a03b9b2b79709ea2cb63336312e78b72e2", + "rev": "2c8def626f54708a9c38a5861866660395bb3461", "type": "github" }, "original": { @@ -500,11 +431,8 @@ "base16-helix": "base16-helix", "base16-vim": "base16-vim", "firefox-gnome-theme": "firefox-gnome-theme", - "flake-compat": "flake-compat_3", "flake-parts": "flake-parts", - "git-hooks": "git-hooks", "gnome-shell": "gnome-shell", - "home-manager": "home-manager_2", "nixpkgs": "nixpkgs_4", "nur": "nur", "systems": "systems_2", @@ -515,11 +443,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1751570224, - "narHash": "sha256-ZZ6BH0g6Th9OttOdHw7cDaTbbaGdrSoYJBswt5gfUiU=", + "lastModified": 1753553562, + "narHash": "sha256-CpTwdsrPU3UFy95Btg56RcVMgNpnw3C0DYTznE5aRq4=", "owner": "danth", "repo": "stylix", - "rev": "9b4ecf4aca38f329fc53d35bef32479c30ea74d6", + "rev": "af85565aba0f4749cb18b118a7333a0745920950", "type": "github" }, "original": { @@ -594,11 +522,11 @@ "tinted-schemes": { "flake": false, "locked": { - "lastModified": 1748180480, - "narHash": "sha256-7n0XiZiEHl2zRhDwZd/g+p38xwEoWtT0/aESwTMXWG4=", + "lastModified": 1750770351, + "narHash": "sha256-LI+BnRoFNRa2ffbe3dcuIRYAUcGklBx0+EcFxlHj0SY=", "owner": "tinted-theming", "repo": "schemes", - "rev": "87d652edd26f5c0c99deda5ae13dfb8ece2ffe31", + "rev": "5a775c6ffd6e6125947b393872cde95867d85a2a", "type": "github" }, "original": { @@ -610,11 +538,11 @@ "tinted-tmux": { "flake": false, "locked": { - "lastModified": 1748740859, - "narHash": "sha256-OEM12bg7F4N5WjZOcV7FHJbqRI6jtCqL6u8FtPrlZz4=", + "lastModified": 1751159871, + "narHash": "sha256-UOHBN1fgHIEzvPmdNMHaDvdRMgLmEJh2hNmDrp3d3LE=", "owner": "tinted-theming", "repo": "tinted-tmux", - "rev": "57d5f9683ff9a3b590643beeaf0364da819aedda", + "rev": "bded5e24407cec9d01bd47a317d15b9223a1546c", "type": "github" }, "original": { @@ -626,11 +554,11 @@ "tinted-zed": { "flake": false, "locked": { - "lastModified": 1725758778, - "narHash": "sha256-8P1b6mJWyYcu36WRlSVbuj575QWIFZALZMTg5ID/sM4=", + "lastModified": 1751158968, + "narHash": "sha256-ksOyv7D3SRRtebpXxgpG4TK8gZSKFc4TIZpR+C98jX8=", "owner": "tinted-theming", "repo": "base16-zed", - "rev": "122c9e5c0e6f27211361a04fae92df97940eccf9", + "rev": "86a470d94204f7652b906ab0d378e4231a5b3384", "type": "github" }, "original": { @@ -639,28 +567,6 @@ "type": "github" } }, - "treefmt-nix": { - "inputs": { - "nixpkgs": [ - "stylix", - "nur", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733222881, - "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "49717b5af6f80172275d47a418c9719a31a78b53", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } - }, "valheim-server": { "inputs": { "nixpkgs": [ diff --git a/flake.nix b/flake.nix index 777defa..44f293d 100644 --- a/flake.nix +++ b/flake.nix @@ -8,6 +8,8 @@ sops-nix.url = "github:Mic92/sops-nix"; sops-nix.inputs.nixpkgs.follows = "nixpkgs"; + impermanence.url = "github:nix-community/impermanence"; + stylix.url = "github:danth/stylix"; nix-minecraft.url = "git+https://codeberg.org/nix-astral/nix-minecraft.git"; # nix-minecraft.url = "github:Infinidoge/nix-minecraft"; @@ -44,6 +46,9 @@ # vm muvm = utils.mkHost ./hosts/muvm/configuration.nix; + + # work + murk = utils.mkHost ./hosts/murk/configuration.nix; }; homeManagerModules.default = ./modules/home; diff --git a/hosts/muon/configuration.nix b/hosts/muon/configuration.nix index 81aa245..fc1f8f0 100644 --- a/hosts/muon/configuration.nix +++ b/hosts/muon/configuration.nix @@ -9,6 +9,7 @@ in { nix-alien pkgs.r2modman pkgs.lutris + pkgs.godot ]; # System diff --git a/hosts/murk/configuration.nix b/hosts/murk/configuration.nix new file mode 100644 index 0000000..a500b4a --- /dev/null +++ b/hosts/murk/configuration.nix @@ -0,0 +1,47 @@ +{ config, lib, pkgs, inputs, system, sources, modulesPath, ... }: +let cfg = config.mods; + +in { + # Hardware + imports = [ + ./hardware-configuration.nix + ./disk-config.nix + inputs.impermanence.nixosModules.impermanence + (inputs.nixpkgs + + "/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix") + ]; + + environment.systemPackages = with inputs.nix-alien.packages.${system}; + [ nix-alien ]; + + # System + mods.user.name = "muon"; + networking.hostName = "murk"; + networking.hostId = "a2309090"; + mods.home.file = ./home.nix; + + # Modules + mods.desktop.enable = true; + mods.boot.enable = false; + + mods.theme.enable = true; + mods.theme.scheme = "woodland"; + mods.theme.wallpaper = ./wallpaper.png; + + mods.impermanence.enable = false; + + services.xserver.windowManager.i3.enable = true; + + # Hardware preferences + + environment.variables = { + WINIT_HIDPI_FACTOR = "1"; + WINIT_X11_SCALE_FACTOR = "1"; + }; + + ## Mouse + services.libinput.mouse.accelProfile = "flat"; + + # Version of first install + system.stateVersion = "23.05"; +} diff --git a/hosts/murk/disk-config.nix b/hosts/murk/disk-config.nix new file mode 100644 index 0000000..1154668 --- /dev/null +++ b/hosts/murk/disk-config.nix @@ -0,0 +1,69 @@ +{ inputs }: { + inputs.disko.devices = { + disk = { + main = { + type = "disk"; + device = "/dev/disk/by-diskseq/1"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + luks = { + size = "100%"; + content = { + type = "luks"; + name = "crypted"; + # disable settings.keyFile if you want to use interactive password entry + #passwordFile = "/tmp/secret.key"; # Interactive + # settings = { + # allowDiscards = true; + # keyFile = "/tmp/secret.key"; + # }; + # additionalKeyFiles = [ "/tmp/additionalSecret.key" ]; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; + subvolumes = { + "/root" = { + mountpoint = "/"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/home" = { + mountpoint = "/home"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/nix" = { + mountpoint = "/nix"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/persist" = { + mountpoint = "/persist"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/log" = { + mountpoint = "/var/log"; + mountOptions = [ "compress=zstd" "noatime" ]; + }; + "/swap" = { + mountpoint = "/swap"; + swap.swapfile.size = "4G"; + }; + }; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/murk/hardware-configuration.nix b/hosts/murk/hardware-configuration.nix new file mode 100644 index 0000000..d986145 --- /dev/null +++ b/hosts/murk/hardware-configuration.nix @@ -0,0 +1,19 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + boot.supportedFilesystems = [ "zfs" "ntfs" "btrfs" ]; + + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/hosts/murk/home.nix b/hosts/murk/home.nix new file mode 100644 index 0000000..edd2dee --- /dev/null +++ b/hosts/murk/home.nix @@ -0,0 +1,32 @@ +{ pkgs, lib, osConfig, inputs, ... }: +let cfg = osConfig.mods; +in { + imports = [ inputs.impermanence.homeManagerModules.impermanence ]; + + # Modules + mods.xdg.enable = true; + mods.i3.enable = true; + mods.terminal.zsh.enable = true; + mods.terminal.emulator.enable = true; + mods.terminal.development.enable = true; + mods.terminal.tools.enable = true; + mods.desktop.development.enable = true; + mods.desktop.productivity.enable = false; + + # Hardware preferences + + ## Monitors + services.autorandr.enable = true; + programs.autorandr = { + enable = true; + hooks.postswitch = { + "notify-i3" = "${pkgs.i3}/bin/i3-msg restart"; + "set-wallpaper" = '' + ${lib.getExe pkgs.feh} --bg-fill --nofehbg ${./wallpaper.png} + ''; + }; + }; + + # Version of first install + home.stateVersion = "23.05"; +} diff --git a/hosts/murk/wallpaper.png b/hosts/murk/wallpaper.png new file mode 100644 index 0000000..9832948 Binary files /dev/null and b/hosts/murk/wallpaper.png differ diff --git a/modules/home/default.nix b/modules/home/default.nix index 3d311d6..e587fc2 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -8,6 +8,7 @@ in { ./sops ./xdg.nix + ./impermanence.nix ]; # Let Home Manager install and manage itself diff --git a/modules/home/desktop/development.nix b/modules/home/desktop/development.nix index a6b15c5..4e2bea7 100644 --- a/modules/home/desktop/development.nix +++ b/modules/home/desktop/development.nix @@ -3,7 +3,6 @@ lib.mkEnableOption "enables gui development tools"; config = lib.mkIf config.mods.desktop.development.enable { - home.packages = with pkgs; [ godot ]; programs.qutebrowser = { enable = true; diff --git a/modules/home/impermanence.nix b/modules/home/impermanence.nix new file mode 100644 index 0000000..db544ce --- /dev/null +++ b/modules/home/impermanence.nix @@ -0,0 +1,50 @@ +{ pkgs, lib, config, osConfig, ... }: +let + fs-diff = with pkgs; + writeShellApplication { + name = "fs-diff"; + runtimeInputs = [ flameshot curl xsel ]; + text = '' + #!/usr/bin/env bash + # fs-diff.sh + set -euo pipefail + + OLD_TRANSID=$(sudo btrfs subvolume find-new /mnt/root-blank 9999999) + OLD_TRANSID=${OLD_TRANSID} + + sudo mkdir /mnt + sudo mount -o subvol=/ /dev/mapper/crypted /mnt + sudo btrfs subvolume find-new "/mnt/root" "$OLD_TRANSID" | + sed \'$d\' | + cut -f17- -d' ' | + sort | + uniq | + while read path; do + path="/$path" + if [ -L "$path" ]; then + : # The path is a symbolic link, so is probably handled by NixOS already + elif [ -d "$path" ]; then + : # The path is a directory, ignore + else + echo "$path" + fi + done + sudo umount /mnt + ''; + }; +in with lib; { + config = mkIf osConfig.mods.impermanence.enable { + home.packages = [ fs-diff ]; + home.persistence."/persistent/home/muon" = { + directories = [ + "documents" + "downloads" + "src" + ".gnupg" + ".ssh" + ".config/sops" + ".local/share/direnv" + ]; + }; + }; +} diff --git a/modules/home/terminal/shell.nix b/modules/home/terminal/shell.nix index c279d04..6ad7b28 100644 --- a/modules/home/terminal/shell.nix +++ b/modules/home/terminal/shell.nix @@ -2,7 +2,10 @@ let cfg = config.mods.terminal; - aliases = { la = "ls -lah"; }; + aliases = with lib; { + la = "ls -lah"; + xc = "${getExe pkgs.xclip} -selection clipboard"; + }; in { options.mods.terminal = { zsh.enable = lib.mkEnableOption "enables zsh"; }; diff --git a/modules/home/terminal/tools.nix b/modules/home/terminal/tools.nix index 87c0fd2..9760b1e 100644 --- a/modules/home/terminal/tools.nix +++ b/modules/home/terminal/tools.nix @@ -28,6 +28,7 @@ in with lib; { "bottom" "htop" "vifm" + "rbw" ]); home.packages = with pkgs; [ @@ -40,10 +41,14 @@ in with lib; { dua fdupes vifm - - # programs - fend unzip + + # security + pinentry-tty + + # utilities + fend + xclip ]; }; } diff --git a/modules/nixos/core/boot.nix b/modules/nixos/core/boot.nix index 051e0d0..2c2e49d 100644 --- a/modules/nixos/core/boot.nix +++ b/modules/nixos/core/boot.nix @@ -11,10 +11,11 @@ timeout = 2; efi.canTouchEfiVariables = true; grub = { - enable = true; + enable = lib.mkDefault true; zfsSupport = true; efiSupport = true; device = "nodev"; + } // lib.optionalAttrs (config.mods.monitors != { }) { gfxmodeEfi = config.mods.monitors.primary.config.mode; }; }; diff --git a/modules/nixos/core/network.nix b/modules/nixos/core/network.nix index b1c7d76..daa6477 100644 --- a/modules/nixos/core/network.nix +++ b/modules/nixos/core/network.nix @@ -27,7 +27,8 @@ in with lib; { config = { networking.networkmanager.enable = true; - services.resolved.enable = true; + networking.nameservers = [ "45.90.28.97" "45.90.30.97" ]; + # services.resolved.enable = true; # udev 250 doesn't reliably reinitialize devices after restart systemd.services.systemd-udevd.restartIfChanged = false; diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index bd18466..6e13f3a 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -7,6 +7,8 @@ ./server ./sops + ./impermanence.nix + #