joeri/nixos-public
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

init

Browse source
This commit is contained in:
Joeri Exelmans 2025-03-04 10:55:48 +01:00
commit 6822350a3b
11 changed files with 1055 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

209
t14/configuration.nix Normal file
View file

@ -0,0 +1,209 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, ... }: {
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixpkgs.config.allowUnfree = true;
nixpkgs.config.permittedInsecurePackages = [
"openssl-1.1.1w" # needed for Sublime Text 4
];
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.kernelPackages = pkgs.linuxPackages_latest; # use latest kernel - my fancy hardware wasnt supported on default kernel.
# Example of applying a kernel patch:
# boot.kernelPatches = [{
# name = "myPatch"; # name doesn't matter
# patch = pkgs.writeTextFile { # file will be written to /nix/store
# name = "myPatch.patch"; # filename doesn't matter
# text = ''
# <insert contents of patch here, inline!>
# '';
# };
# }];
boot.resumeDevice = "/dev/disk/by-uuid/a9a63c82-df16-4fde-a794-78ef231c59f6";
swapDevices = [
{
device = "/var/lib/swapfile";
size = 32*1024;
}
];
# Set your time zone.
time.timeZone = "Europe/Brussels";
#time.timeZone = "Europe/London";
#time.timeZone = "America/Montreal";
#time.timeZone = "America/Barbados";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.utf8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "nl_BE.utf8";
LC_IDENTIFICATION = "nl_BE.utf8";
LC_MEASUREMENT = "nl_BE.utf8";
LC_MONETARY = "nl_BE.utf8";
LC_NAME = "nl_BE.utf8";
LC_NUMERIC = "nl_BE.utf8";
LC_PAPER = "nl_BE.utf8";
LC_TELEPHONE = "nl_BE.utf8";
LC_TIME = "nl_BE.utf8";
};
networking.hostName = "t14";
networking.extraHosts = ''
143.129.75.8 msdl-testing
'';
networking.networkmanager.enable = true;
networking.networkmanager.wifi.backend = "iwd";
networking.firewall.enable = false;
# Enable the X11 windowing system.
services.xserver = {
enable = true;
autoRepeatDelay = 150;
xkb.layout = "us"; # keymap
xkb.variant = ""; # ?
};
services.libinput.enable = true;
# T14 Gen3 trackpoint is way too sensitive by default:
hardware.trackpoint = {
enable = true;
device = "TPPS/2 Elan TrackPoint";
# sensitivity = 90; # default: 128
speed = 110; # default: 97
};
# Huion tablet:
hardware.opentabletdriver.enable = true;
# Sound...
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
extraConfig = import ./pipewire-extra-config.nix;
};
# Graphics...
hardware.graphics.enable = true; # enable OpenGL
hardware.graphics.enable32Bit = true; # also install 32 bit drivers (in order to run 32 bit apps under Wine)
hardware.graphics.extraPackages = with pkgs; [
intel-media-driver # hardware accelerated video decoding on Intel
vaapiIntel
];
hardware.bluetooth.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.maestro = {
isNormalUser = true;
description = "Joeri Exelmans";
extraGroups = [ "networkmanager" "wheel" "vboxusers" "docker" "video" ];
packages = with pkgs; [];
};
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryPackage = lib.mkForce pkgs.pinentry-qt;
};
# Extra fonts to install
fonts.packages = with pkgs; [
aileron
liberation_ttf
roboto
roboto-mono
vistafonts
dejavu_fonts
freefont_ttf
gyre-fonts # TrueType substitutes for standard PostScript fonts
unifont
noto-fonts-color-emoji
];
# This seems to fix my buggy PC-LM1E webcam
environment.etc."modprobe.d/uvcvideo.conf".text = pkgs.lib.mkForce ''
options uvcvideo quirks=0x106
'';
# Enable experimental Wayland support in Chromium
# Disabled, because this breaks Chromium on X11
# nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland";
services.pcscd.enable = true; # Belgian eID
services.locate.enable = true;
services.flatpak.enable = true;
# Thinkpad power management
services.power-profiles-daemon.enable = false; # conflicts with tlp
services.tlp.enable = true;
services.tlp.settings = {
# Auto-disable wireless networks when Ethernet is connected.
# Not to save power, but to get best performance.
# Seem broken with iwd:
# DEVICES_TO_DISABLE_ON_LAN_CONNECT = "wifi wwan";
# DEVICES_TO_ENABLE_ON_LAN_DISCONNECT = "wifi wwan";
START_CHARGE_THRESH_BAT0 = 99; # Battery percentage to start charging
STOP_CHARGE_THRESH_BAT0 = 100; # Battery percentage to stop charging
};
services.printing.enable = true;
services.printing.drivers = [
pkgs.hplip # HP LaserJet 4250
pkgs.gutenprint
pkgs.gutenprintBin
];
#virtualisation.virtualbox.host.enable = true;
# Causes slow-as-fuck re-compilation of kernel module on every software update:
#virtualisation.virtualbox.host.enableExtensionPack = true;
virtualisation.docker.enable = true;
# KDE config
services.desktopManager.plasma6.enable = true;
services.xserver.desktopManager.xfce.enable = true;
# firmware updates
services.fwupd.enable = true;
environment.systemPackages = import ./system-packages.nix { pkgs=pkgs; };
environment.sessionVariables = let
# schema = pkgs.gsettings-desktop-schemas;
# datadir = "${schema}/share/gsettings-schemas/${schema.name}";
in {
# XDG_DATA_DIRS = [ "${datadir}" ]; #:$XDG_DATA_HOME";
MOZ_ENABLE_WAYLAND = "1";
MOZ_USE_XINPUT2 = "1";
GTK_OVERLAY_SCROLLING = 0;
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment?
}

40
t14/hardware-configuration.nix Normal file
View file

@ -0,0 +1,40 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usbhid" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/a9a63c82-df16-4fde-a794-78ef231c59f6";
fsType = "ext4";
};
fileSystems."/boot/efi" =
{ device = "/dev/disk/by-uuid/AC96-E749";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.docker0.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

41
t14/pipewire-extra-config.nix Normal file
View file

@ -0,0 +1,41 @@
{
pipewire = {
"equalizer" = {
"context.modules" = [
{
name = "libpipewire-module-filter-chain";
args = {
"node.description" = "equalizer";
"media.name" = "equalizer";
"filter.graph" = {
nodes = [
{ name = "eqFL"; type="builtin"; label="bq_peaking"; control = { Freq=24; Q=0.5; Gain=15; }; }
{ name = "eqFR"; type="builtin"; label="bq_peaking"; control = { Freq=24; Q=0.5; Gain=15; }; }
{ name = "eqFL2"; type="builtin"; label="bq_peaking"; control = { Freq=4000; Q=0.7; Gain=-6; }; }
{ name = "eqFR2"; type="builtin"; label="bq_peaking"; control = { Freq=4000; Q=0.7; Gain=-6; }; }
];
links = [
{ output="eqFL:Out"; input="eqFL2:In"; }
{ output="eqFR:Out"; input="eqFR2:In"; }
];
inputs = [ "eqFL:In" "eqFR:In" ];
outputs = [ "eqFL2:Out" "eqFR2:Out" ];
};
"capture.props" = {
"node.name" = "effect_input.equalizer";
"media.class" = "Audio/Sink";
"audio.channels" = 2;
"audio.position" = [ "FL" "FR" ];
};
"playback.props" = {
"node.name" = "effect_output.equalizer";
"node.passive" = true;
"audio.channels" = 2;
"audio.position" = [ "FL" "FR" ];
};
};
}
];
};
};
}

111
t14/system-packages.nix Normal file
View file

@ -0,0 +1,111 @@
{ pkgs }: with pkgs;
let
firefoxWithBelgianEid = firefox-wayland.override { pkcs11Modules = [ eid-mw ]; };
sublime4Cracked = sublime4.overrideAttrs (finalAttrs: previousAttrs: {
sublime_text = previousAttrs.sublime_text.overrideAttrs (finalAttrs: previousAttrs:
let
pattern = "807905000f94c2"; # hex pattern to look for
replacement = "c6410501b20090"; # replacement
in {
postFixup = ''
# Based on: https://gist.github.com/opastorello/4d494d627ec9012367028c89cb7a1945
# Assert that binary contains pattern:
${xxd}/bin/xxd -p -c 0 $out/sublime_text | sed '/${pattern}/!{q100}' > /dev/null # exit code '100' if pattern not found
# Patch binary in-place:
${xxd}/bin/xxd -p -c 0 $out/sublime_text | sed 's/${pattern}/${replacement}/' | ${xxd}/bin/xxd -p -c 0 -r > $out/tmp
mv $out/tmp $out/sublime_text
chmod +x $out/sublime_text
'' + previousAttrs.postFixup;
});
});
in [
# Utility
tree
unzip
killall
nix-index
nix-tree # really useful package for searching, figuring out why something's a dependency, etc.
steam-run
zip
unrar
apg # secure password generator
fuse3 # User space filesystems - need this to run AppImages with steam-run
gnupg
bottles # Wrapper around wine
filelight # Disk space analysis
dconf-editor
gnome-calculator
gnome-disk-utility
file-roller
# Programming
git
kate
vim
vimPlugins.vim-nix
graphviz
sublime4Cracked
sublime-merge
# Network thingy
chromium
firefoxWithBelgianEid
thunderbird
signal-desktop
whatsapp-for-linux
tor-browser-bundle-bin
zoom-us
joplin-desktop
transmission-remote-gtk
transmission_3-gtk
dig # DNS debugging
sshfs
teams-for-linux # Unofficial teams client
# Graphics thingy
gimp
inkscape
xournalpp
drawio
eog
# Documents thingy
libreoffice
evince
koreader # epub reader
hunspell
hunspellDicts.en-us
hunspellDicts.en-us-large
pdfarranger # useful tool to rearrange / split / merge PDF documents
(texlive.combine {
inherit (texlive) scheme-small
awesomebox fontawesome5;
})
# Media thingy
vlc
(wrapOBS {
plugins = with obs-studio-plugins; [
obs-backgroundremoval
];
})
helvum
pavucontrol
pamixer # command line volume control
audacity
cheese
playerctl # command line media control (play/pause)
# Belgian eID software and hardware drivers
eid-mw
pcsctools
pcsclite
ccid
acsccid
libacr38u
scmccid
qdigidoc
]