Chad
730eaf9faa
* Add more GNOME helpers. * Fix typo, adjust output. * Update readme. * Add more programs and a TBD. * Add OpenJDK 8 as well. * More programs, fix mlocate, start working on GNOME settings. * Add success message. * Fixing favorites, for some reason the files are different on NixOS than systems using Ansible. * Add cron. Start working on header details. * Modify Python configuration for ansible playbooks. * More work on Python. Still not getting success with psutil. * NixOS, python, and psutil are still being dumb with ansible. * Add imagemagick for compressing file sizes. * Automatically create backups the first time this is run each day. * Create an example file. * More comments, SSHD config, a few fixes, some TBDs, and general reorganization. * Add a disclaimer. * Make the file look more like a developer wrote it. * Try adding wallets. Exodus seems broken. Monero works. * Start trying a different route for dconf settings. May require "home manager". * Add Docker. * Create a static and ansible file. Import them, and give examples of what they are for. * Add comments brainstorming how to do the different setups. * Add home-manager. Still no luck with dconf. Not in Ansible either. * Add godot. * Add zsh. * Move to Godot4. * Remove extra space. * Add balena etcher for USB sticks. * Remove etcher, seems to have broken ability to update or install anything. * Add a bittorrent client. * Remove excess ssh ports. They were probably for testing.
413 lines
12 KiB
Nix
413 lines
12 KiB
Nix
# Edit this configuration file to define what should be installed on
|
||
# your system. Help is available in the configuration.nix(5) man page
|
||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||
|
||
###############################################################################
|
||
# Helpful Documentation
|
||
#
|
||
# NixOS Manual:
|
||
# https://nixos.org/manual/nixos/stable/
|
||
#
|
||
# NixOS All Options:
|
||
# https://nixos.org/manual/nixos/stable/options.html
|
||
#
|
||
# Option Search:
|
||
# https://search.nixos.org/options
|
||
#
|
||
# Package Search:
|
||
# https://search.nixos.org/packages
|
||
###############################################################################
|
||
|
||
###############################################################################
|
||
# TBD
|
||
# Make each section is own $.nix file and include it based on Ansible checks.
|
||
###############################################################################
|
||
|
||
{ config, pkgs, nix, ... }:
|
||
|
||
{
|
||
#############################################################################
|
||
# System Configuration
|
||
#############################################################################
|
||
|
||
imports =[
|
||
# Include the results of the hardware scan.
|
||
./hardware-configuration.nix
|
||
# Include any static entries that are handled outside of this project.
|
||
./static.nix
|
||
# Include anything that Ansible has created.
|
||
./ansible.nix
|
||
# Home Manager.
|
||
<home-manager/nixos>
|
||
];
|
||
|
||
# This value determines the NixOS release from which the default
|
||
# settings for stateful data, like file locations and database versions
|
||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||
# this value at the release version of the first install of this system.
|
||
# Before changing this value read the documentation for this option
|
||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||
system.stateVersion = "23.05"; # Did you read the comment?
|
||
|
||
#############################################################################
|
||
# System Package Configuration
|
||
#############################################################################
|
||
|
||
# Bootloader.
|
||
boot.loader.grub.enable = true;
|
||
boot.loader.grub.device = "/dev/sda";
|
||
boot.loader.grub.useOSProber = true;
|
||
|
||
# Setup keyfile
|
||
boot.initrd.secrets = {
|
||
"/crypto_keyfile.bin" = null;
|
||
};
|
||
|
||
# Enable grub cryptodisk
|
||
boot.loader.grub.enableCryptodisk=true;
|
||
|
||
# TBD: Does not work. Goes in "nix.conf"?
|
||
#nix.extraOptions = "
|
||
# --extra-experimental-features
|
||
#";
|
||
|
||
#############################################################################
|
||
# General Networking Configuration
|
||
#############################################################################
|
||
|
||
# Enable networking
|
||
networking.networkmanager.enable = true;
|
||
|
||
# Open ports in the firewall.
|
||
# networking.firewall.allowedTCPPorts = [ ... ];
|
||
# networking.firewall.allowedUDPPorts = [ ... ];
|
||
# Or disable the firewall altogether.
|
||
# networking.firewall.enable = false;
|
||
|
||
# TBD: Should this be here?
|
||
boot.initrd.luks.devices."luks-39ae7203-d5af-47bf-95f6-b4f0eefebfc6".keyFile = "/crypto_keyfile.bin";
|
||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||
|
||
# Configure network proxy if necessary
|
||
# networking.proxy.default = "http://user:password@proxy:port/";
|
||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||
|
||
#############################################################################
|
||
# Locale
|
||
#############################################################################
|
||
|
||
# Set your time zone.
|
||
time.timeZone = "America/Phoenix";
|
||
|
||
# Select internationalisation properties.
|
||
i18n.defaultLocale = "en_US.UTF-8";
|
||
|
||
i18n.extraLocaleSettings = {
|
||
LC_ADDRESS = "en_US.UTF-8";
|
||
LC_IDENTIFICATION = "en_US.UTF-8";
|
||
LC_MEASUREMENT = "en_US.UTF-8";
|
||
LC_MONETARY = "en_US.UTF-8";
|
||
LC_NAME = "en_US.UTF-8";
|
||
LC_NUMERIC = "en_US.UTF-8";
|
||
LC_PAPER = "en_US.UTF-8";
|
||
LC_TELEPHONE = "en_US.UTF-8";
|
||
LC_TIME = "en_US.UTF-8";
|
||
};
|
||
|
||
#############################################################################
|
||
# User Setup
|
||
#############################################################################
|
||
|
||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||
users.users.ling = {
|
||
isNormalUser = true;
|
||
description = "Hyperling";
|
||
extraGroups = [ "networkmanager" "wheel" "sudo" "mlocate" "docker" ];
|
||
#packages = with pkgs; [
|
||
# #firefox
|
||
# #thunderbird
|
||
#];
|
||
};
|
||
|
||
#############################################################################
|
||
# Desktop Environment
|
||
#############################################################################
|
||
|
||
# Enable the X11 windowing system.
|
||
services.xserver.enable = true;
|
||
|
||
# Enable the GNOME Desktop Environment.
|
||
services.xserver.displayManager.gdm.enable = true;
|
||
services.xserver.desktopManager.gnome.enable = true;
|
||
|
||
# Remove the GNOME default packages.
|
||
#services.gnome.core-utilities.enable = false;
|
||
|
||
###
|
||
# GSettings, DConf type stuff.
|
||
##
|
||
# https://nixos.wiki/wiki/GNOME
|
||
#services.xserver.desktopManager.gnome = {
|
||
# extraGSettingsOverrides = ''
|
||
# # Favorite apps in gnome-shell
|
||
# [org.gnome.shell]
|
||
# favorite-apps= \
|
||
# [ 'org.gnome.Terminal.desktop', 'gnome-system-monitor.desktop' \
|
||
# , 'org.gnome.Nautilus.desktop' \
|
||
# , 'librewolf.desktop', 'firefox.desktop' \
|
||
# , 'org.gnome.Evolution.desktop', 'deltachat.desktop' \
|
||
# , 'codium.desktop' \
|
||
# , 'org.shotcut.Shotcut.desktop', 'lbry.desktop' \
|
||
# , 'android-studio.desktop' \
|
||
# , 'signal-desktop.desktop' \
|
||
# ]
|
||
#
|
||
# # TBD Need to finish figuring out how to load these.
|
||
# [org.gnome.shell.extensions.dash-to-dock]
|
||
# dock-position='LEFT'
|
||
# dock-fixed=true
|
||
# dash-max-icon-size=28
|
||
# '';
|
||
#
|
||
# extraGSettingsOverridePackages = [
|
||
# pkgs.gnome.gnome-shell # for org.gnome.shell, not sure if it works TBD.
|
||
# #pkgs.gnomeExtensions.dash-to-dock # TBD Not sure what to do here yet.
|
||
# ];
|
||
#};
|
||
|
||
# Maybe try this?
|
||
# https://hoverbear.org/blog/declarative-gnome-configuration-in-nixos/
|
||
#programs.dconf.enable = true;
|
||
#dconf.settings = {
|
||
# "org/gnome/shell/" = {
|
||
# favorite-apps = [
|
||
# "org.gnome.Terminal.desktop"
|
||
# "gnome-system-monitor.desktop"
|
||
# "org.gnome.Nautilus.desktop"
|
||
# "librewolf.desktop"
|
||
# "firefox.desktop"
|
||
# "org.gnome.Evolution.desktop"
|
||
# "deltachat.desktop"
|
||
# "codium.desktop"
|
||
# "org.shotcut.Shotcut.desktop"
|
||
# "lbry.desktop"
|
||
# "android-studio.desktop"
|
||
# "signal-desktop.desktop"
|
||
# ];
|
||
# };
|
||
#};
|
||
|
||
# Or this?
|
||
# https://rycee.gitlab.io/home-manager/index.html#sec-install-nixos-module
|
||
# https://rycee.gitlab.io/home-manager/options.html#opt-dconf.settings
|
||
#programs.dconf.enable = true;
|
||
#home-manager.users.ling = { pkgs, ... }: {
|
||
#
|
||
# home.packages = [ pkgs.atool pkgs.httpie ];
|
||
#
|
||
# dconf.settings = {
|
||
# "/org/gnome/shell/extensions/dash-to-dock" = {
|
||
# dock-position = "'LEFT'";
|
||
# dock-fixed = true;
|
||
# dash-max-icon-size = 24;
|
||
# };
|
||
# };
|
||
#
|
||
#};
|
||
|
||
##
|
||
|
||
# Configure keymap in X11
|
||
services.xserver = {
|
||
layout = "us";
|
||
xkbVariant = "altgr-intl";
|
||
};
|
||
|
||
# Enable CUPS to print documents.
|
||
services.printing.enable = true;
|
||
|
||
# Enable sound with pipewire.
|
||
sound.enable = true;
|
||
hardware.pulseaudio.enable = false;
|
||
security.rtkit.enable = true;
|
||
services.pipewire = {
|
||
enable = true;
|
||
alsa.enable = true;
|
||
alsa.support32Bit = true;
|
||
pulse.enable = true;
|
||
# If you want to use JACK applications, uncomment this
|
||
#jack.enable = true;
|
||
|
||
# use the example session manager (no others are packaged yet so this is enabled by default,
|
||
# no need to redefine it in your config for now)
|
||
#media-session.enable = true;
|
||
};
|
||
|
||
# Enable touchpad support (enabled default in most desktopManager).
|
||
# services.xserver.libinput.enable = true;
|
||
|
||
#############################################################################
|
||
# Package Management
|
||
#############################################################################
|
||
|
||
# Allow unfree packages
|
||
nixpkgs.config.allowUnfree = true;
|
||
|
||
###
|
||
# List packages installed in system profile.
|
||
##
|
||
# To search for names, run `nix search wget` or use the website in the header.
|
||
environment.systemPackages = with pkgs; [
|
||
###
|
||
# General
|
||
##
|
||
#ansible # try installing under Python then maybe it can use psutil?
|
||
vim
|
||
mlocate
|
||
git
|
||
curl
|
||
sudo
|
||
doas
|
||
wget
|
||
nmap
|
||
lynis
|
||
htop
|
||
neofetch
|
||
cowsay
|
||
cron
|
||
zsh
|
||
|
||
# Python Setup
|
||
# Main documentation
|
||
# https://nixos.org/manual/nixpkgs/stable/#python
|
||
# See what modules are available, and which Python they are attached to:
|
||
# ls -l $(find "$(dirname $(which python))/.." -name site-packages)
|
||
# Looks like 3.10, not 3.11 like was being installed. So annoying!
|
||
# https://discourse.nixos.org/t/python3-not-importing-modules/22061/2
|
||
#python3
|
||
(python3.withPackages(ps: with ps; [
|
||
pip # Works fine! Can access via `pip` or `python -m pip`.
|
||
psutil # Not working. Not in path nor `-m`. Maybe not supposed to be, but ansible dconf module still saying "ModuleNotFoundError: No module named 'psutil'" Maybe add to ansible's python somehow?
|
||
ansible # Nope, not accessible!!! WHAT!!!
|
||
ansible-core # It's here! Thanks https://pypi.org/project/ansible/, psutil still not available though!!!!!!!!!!!!!
|
||
]))
|
||
#python3Packages.pip
|
||
#python3Packages.psutil # This does not work either, nor any 310 type versions.
|
||
#python3Packages.ansible # This does not work either, nor any 310 type versions.
|
||
###
|
||
|
||
###
|
||
# Coding
|
||
##
|
||
vscodium
|
||
android-studio
|
||
dbeaver
|
||
bash
|
||
kotlin
|
||
nodejs
|
||
ksh
|
||
zsh
|
||
zulu # OpenJDK
|
||
#zulu8 # OpenJDK 8
|
||
#python2
|
||
#python
|
||
#godot # If using C#
|
||
godot_4 # If using Godot Script
|
||
###
|
||
|
||
###
|
||
# Editing
|
||
##
|
||
gimp
|
||
shotcut
|
||
openshot-qt
|
||
obs-studio
|
||
ffmpeg
|
||
###
|
||
|
||
###
|
||
# Workstation
|
||
##
|
||
gnomeExtensions.dash-to-dock
|
||
gnome.nautilus
|
||
gnome.gnome-tweaks
|
||
gnome.dconf-editor
|
||
#gnome.gnome-terminal # This does not theme well and is different from Console.
|
||
gnome.gnome-system-monitor
|
||
gnome.gedit
|
||
gnome.geary
|
||
gnome.evince
|
||
librewolf
|
||
firefox
|
||
evolution
|
||
deltachat-desktop
|
||
signal-desktop
|
||
lbry
|
||
libreoffice
|
||
vlc
|
||
remmina
|
||
imagemagick
|
||
#etcher # Broken as of 20231013, uses too old a version of Electron.
|
||
transmission
|
||
|
||
# Wallets
|
||
#exodus # Not being found, 403 error.
|
||
monero-gui
|
||
###
|
||
|
||
###
|
||
# Server
|
||
##
|
||
# Not needed, prefer setting 'virtualisation.docker.enable'.
|
||
#docker
|
||
#docker-buildx
|
||
#docker-compose
|
||
###
|
||
];
|
||
|
||
# Some programs need SUID wrappers, can be configured further or are
|
||
# started in user sessions.
|
||
# programs.mtr.enable = true;
|
||
# programs.gnupg.agent = {
|
||
# enable = true;
|
||
# enableSSHSupport = true;
|
||
# };
|
||
|
||
## List services that you want to enable ##
|
||
|
||
# Configure the OpenSSH daemon.
|
||
services.openssh = {
|
||
enable = true;
|
||
ports = [
|
||
22
|
||
];
|
||
settings = {
|
||
PermitRootLogin = "no";
|
||
AllowTcpForwarding = "no";
|
||
ClientAliveInterval = 60;
|
||
ClientAliveCountMax = 2;
|
||
Compression = "no";
|
||
LogLevel = "VERBOSE";
|
||
MaxAuthTries = 3;
|
||
MaxSessions = 2;
|
||
TCPKeepAlive = "no";
|
||
X11Forwarding = false;
|
||
AllowAgentForwarding = "no";
|
||
PermitEmptyPasswords = "no";
|
||
};
|
||
};
|
||
|
||
#############################################################################
|
||
# Non-System Package Configuration
|
||
#############################################################################
|
||
|
||
# Be able to use the locate command.
|
||
services.locate.locate = pkgs.mlocate;
|
||
services.locate.localuser = null;
|
||
services.locate.enable = true;
|
||
|
||
# Docker
|
||
virtualisation.docker.enable = true;
|
||
|
||
}
|