diff --git a/common.nix b/common.nix index 4518a20..1ced159 100644 --- a/common.nix +++ b/common.nix @@ -6,33 +6,35 @@ ]; config = { - services.haveged.enable = true; + services.haveged.enable = lib.mkDefault true; - security.rtkit.enable = true; + security.rtkit.enable = lib.mkDefault true; - services.smartd.enable = true; + services.smartd.enable = lib.mkDefault true; - hardware.enableAllFirmware = true; - hardware.cpu.amd.updateMicrocode = true; + hardware.enableAllFirmware = lib.mkDefault true; + hardware.cpu.amd.updateMicrocode = lib.mkDefault true; - services.earlyoom.enable = true; + services.earlyoom.enable = lib.mkDefault true; # based mosh - programs.mosh.enable = true; + programs.mosh.enable = lib.mkDefault true; - systemd.services.nix-daemon.serviceConfig.IOSchedulingClass = 3; + # Make Nix things not ruin my life when using a HDD + systemd.services.nix-daemon.serviceConfig.IOSchedulingClass = lib.mkDefault 3; + systemd.services.nix-gc.serviceConfig.IOSchedulingClass = lib.mkDefault 3; nix = { package = lib.mkDefault pkgs.nixUnstable; gc = { - automatic = true; - dates = "20:00"; - options = "--delete-older-than 40d"; + automatic = lib.mkDefault true; + dates = lib.mkDefault "20:00"; + options = lib.mkDefault "--delete-older-than 40d"; }; - daemonIONiceLevel = 7; - daemonNiceLevel = 19; + daemonIONiceLevel = lib.mkDefault 7; + daemonNiceLevel = lib.mkDefault 19; trustedUsers = [ "root" "builder" "@wheel" ]; extraOptions = '' @@ -45,9 +47,9 @@ # make nginx have good logging and defaults services.nginx = { - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; + recommendedGzipSettings = lib.mkDefault true; + recommendedOptimisation = lib.mkDefault true; + recommendedProxySettings = lib.mkDefault true; appendHttpConfig = '' error_log stderr; access_log syslog:server=unix:/dev/log combined; @@ -55,50 +57,38 @@ }; # allow reverse ssh port shit to be public sometimes - services.openssh.gatewayPorts = "clientspecified"; + services.openssh.gatewayPorts = lib.mkDefault "clientspecified"; # no homo - nixpkgs.config.oraclejdk.accept_license = true; + nixpkgs.config.oraclejdk.accept_license = lib.mkDefault true; # set some basic system props - security.sudo.wheelNeedsPassword = false; + security.sudo.wheelNeedsPassword = lib.mkDefault false; networking.networkmanager.enable = lib.mkDefault true; networking.nameservers = [ "1.1.1.1" "1.0.0.1" ]; time.timeZone = lib.mkDefault "America/Phoenix"; # package list environment.systemPackages = with pkgs; [ - wget - vim - nano - curl - httpie - git - unzip - htop - (python37Full.withPackages (ps: with ps; [ pip setuptools ])) - neofetch - ripgrep - lsd - lm_sensors - rsync - bind - file - iotop psmisc usbutils pciutils + + iotop + htop + + exfat ]; # Allow ssh - services.openssh.enable = true; - services.openssh.passwordAuthentication = false; + services.openssh.enable = lib.mkDefault true; + services.openssh.passwordAuthentication = lib.mkDefault false; # Use a firewall networking.firewall.enable = lib.mkDefault true; networking.firewall.allowedTCPPorts = [ 22 443 80 ]; - programs.fish.enable = true; - users.defaultUserShell = pkgs.fish; + programs.fish.enable = lib.mkDefault true; + users.defaultUserShell = lib.mkOverride 900 pkgs.fish; }; } diff --git a/flake.nix b/flake.nix index 2690b73..06f8fc5 100644 --- a/flake.nix +++ b/flake.nix @@ -22,6 +22,14 @@ url = "github:glacambre/firenvim"; flake = false; }; + bobthefish = { + url = "github:oh-my-fish/theme-bobthefish"; + flake = false; + }; + done = { + url = "github:franciscolourenco/done"; + flake = false; + }; }; outputs = { self, nixpkgs, ... }@inputs: { diff --git a/home-manager/common.nix b/home-manager/common.nix index 3a986e0..8648667 100644 --- a/home-manager/common.nix +++ b/home-manager/common.nix @@ -4,6 +4,26 @@ inputs: { imports = [ (import ./modules inputs) ]; + home.packages = with pkgs; [ + wget + curl + httpie + + nano + + git + + ripgrep + lsd + file + + lm_sensors + + # for fish-done + libnotify + notify-desktop + ]; + programs.vim = { enable = true; extraConfig = '' @@ -15,16 +35,7 @@ inputs: home.sessionVariables = { TERM = "xterm-256color"; }; - programs.bat.enable = true; - - programs.fish = - let - bobthefish = builtins.fetchGit { - url = "https://github.com/oh-my-fish/theme-bobthefish.git"; - rev = "a2ad38aa051aaed25ae3bd6129986e7f27d42d7b"; - }; - in - { + programs.fish = { enable = true; shellAliases = { cat = "bat"; @@ -32,14 +43,11 @@ inputs: plugins = [ { name = "done"; - src = builtins.fetchGit { - url = "https://github.com/franciscolourenco/done.git"; - rev = "9351f5a9f4ae6c73dd6f18e41364e63a77be5d90"; - }; + src = inputs.done; } { name = "bobthefish"; - src = bobthefish; + src = inputs.bobthefish; } ]; interactiveShellInit = '' @@ -51,9 +59,8 @@ inputs: end set -U __done_min_cmd_duration 2000 - set -U __done_notification_command '${pkgs.espeak}/bin/espeak yyyyyi' - source ${bobthefish}/fish_prompt.fish + source ${inputs.bobthefish}/fish_prompt.fish set -Ua fish_user_paths ~/.bin set -Ua fish_user_paths ~/.local/bin @@ -63,13 +70,7 @@ inputs: set -U fish_key_bindings fish_default_key_bindings set -g theme_nerd_fonts yes - function fish_greeting - begin ${pkgs.figlet}/bin/figlet -f mini heh; echo ""; uptime; uname -a; end | ${pkgs.lolcat}/bin/lolcat - end - eval (${pkgs.direnv}/bin/direnv hook fish) - - ${pkgs.thefuck}/bin/thefuck --alias | source ''; }; } diff --git a/home-manager/modules/ezpcusr.nix b/home-manager/modules/ezpcusr.nix index 42e577f..96a9d24 100644 --- a/home-manager/modules/ezpcusr.nix +++ b/home-manager/modules/ezpcusr.nix @@ -671,7 +671,6 @@ in ark notify-osd - libnotify ffmpeg id3v2 imagemagick diff --git a/modules/workstation.nix b/modules/workstation.nix index 759abd0..3c7b39d 100644 --- a/modules/workstation.nix +++ b/modules/workstation.nix @@ -151,14 +151,22 @@ in networking.networkmanager.wifi.macAddress = lib.mkDefault "random"; networking.networkmanager.wifi.scanRandMacAddress = lib.mkDefault true; - # Used for chromecast bullshit networking.firewall.allowedUDPPortRanges = [ + # Used for chromecast bullshit { from = 32768; to = 60999; } + # Steam remote play + { + from = 27031; + to = 27036; + } ]; + # Steam remote play + networking.firewall.allowedTCPPorts = [ 27036 ]; + # Used for upnp or something? networking.firewall.allowedUDPPorts = [ 1900 ]; @@ -168,11 +176,6 @@ in # better default swap boot.kernel.sysctl = { "vm.swappiness" = lib.mkDefault 45; }; - # you probably want this system wide? - environment.systemPackages = with pkgs; [ - exfat - ]; - # self explanatory fuckingprint.enable = lib.mkDefault true;