summaryrefslogtreecommitdiff
path: root/nixos/profiles
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/profiles')
-rw-r--r--nixos/profiles/common/basics.nix35
-rw-r--r--nixos/profiles/common/default.nix8
-rw-r--r--nixos/profiles/common/nixpkgs/config.nix4
-rw-r--r--nixos/profiles/common/nixpkgs/overlays.nix4
-rw-r--r--nixos/profiles/common/sanix.nix24
-rw-r--r--nixos/profiles/server/default.nix13
-rw-r--r--nixos/profiles/workstation/create.nix11
-rw-r--r--nixos/profiles/workstation/default.nix20
-rw-r--r--nixos/profiles/workstation/dev.nix31
-rw-r--r--nixos/profiles/workstation/graphical.nix98
-rwxr-xr-xnixos/profiles/workstation/scripts/deploy-dir16
-rw-r--r--nixos/profiles/workstation/scripts/reset-bg2
-rw-r--r--nixos/profiles/workstation/scripts/set-bg3
13 files changed, 269 insertions, 0 deletions
diff --git a/nixos/profiles/common/basics.nix b/nixos/profiles/common/basics.nix
new file mode 100644
index 0000000..aa6eff9
--- /dev/null
+++ b/nixos/profiles/common/basics.nix
@@ -0,0 +1,35 @@
+{ config, pkgs, ... }:
+
+{
+ environment.systemPackages = with pkgs; [
+ git
+ vim
+
+ file
+ htop
+ ripgrep
+ tree
+ # TODO: use a tree alternative that understands .gitignore
+ wget
+ ];
+
+ users.defaultUserShell = pkgs.zsh;
+ programs.zsh = {
+ enable = true;
+
+ # Disabling compinit in /etc/zshrc so that we can call
+ # compinit with a custom zcompdump location in .zshrc.
+ enableGlobalCompInit = false;
+ };
+
+ environment.sessionVariables =
+ let
+ config = "$HOME/config/user";
+ in
+ {
+ # Set environment variables for software that doesn't
+ # follow the XDG Base Directory specification.
+
+ ZDOTDIR = "${config}/zsh";
+ };
+}
diff --git a/nixos/profiles/common/default.nix b/nixos/profiles/common/default.nix
new file mode 100644
index 0000000..de4499a
--- /dev/null
+++ b/nixos/profiles/common/default.nix
@@ -0,0 +1,8 @@
+{ config, pkgs, ... }:
+
+{
+ imports = [
+ ./sanix.nix
+ ./basics.nix
+ ];
+}
diff --git a/nixos/profiles/common/nixpkgs/config.nix b/nixos/profiles/common/nixpkgs/config.nix
new file mode 100644
index 0000000..b53485a
--- /dev/null
+++ b/nixos/profiles/common/nixpkgs/config.nix
@@ -0,0 +1,4 @@
+# https://nixos.org/manual/nixpkgs/stable/#chap-packageconfig
+{
+
+}
diff --git a/nixos/profiles/common/nixpkgs/overlays.nix b/nixos/profiles/common/nixpkgs/overlays.nix
new file mode 100644
index 0000000..613338f
--- /dev/null
+++ b/nixos/profiles/common/nixpkgs/overlays.nix
@@ -0,0 +1,4 @@
+# https://nixos.org/manual/nixpkgs/stable/#sec-overlays-definition
+[
+
+]
diff --git a/nixos/profiles/common/sanix.nix b/nixos/profiles/common/sanix.nix
new file mode 100644
index 0000000..a20db24
--- /dev/null
+++ b/nixos/profiles/common/sanix.nix
@@ -0,0 +1,24 @@
+{ lib, pkgs, config, ... }: {
+ # Use the Nixpkgs config and overlays from the local files for this NixOS build
+ nixpkgs = {
+ config = import ./nixpkgs/config.nix;
+ overlays = import ./nixpkgs/overlays.nix;
+ };
+
+ # Makes commands default to the same Nixpkgs, config, overlays and NixOS configuration
+ nix.nixPath = [
+ "nixpkgs=${pkgs.path}"
+ "nixos-config=${toString <nixos-config>}"
+ "nixpkgs-overlays=${toString ./nixpkgs/overlays.nix}"
+ ];
+ environment.variables.NIXPKGS_CONFIG = lib.mkForce (toString ./nixpkgs/config.nix);
+
+ # Remove the stateful nix-channel command
+ environment.extraSetup = ''
+ rm --force $out/bin/nix-channel
+ '';
+
+ # This option is broken when set false, prevent people from setting it to false
+ # And we implement the important bit above ourselves
+ nix.channel.enable = true;
+}
diff --git a/nixos/profiles/server/default.nix b/nixos/profiles/server/default.nix
new file mode 100644
index 0000000..4ccef67
--- /dev/null
+++ b/nixos/profiles/server/default.nix
@@ -0,0 +1,13 @@
+{ config, pkgs, ... }:
+
+{
+ imports = [
+ ../common
+ ];
+
+ services = {
+ openssh = {
+ enable = true;
+ };
+ };
+}
diff --git a/nixos/profiles/workstation/create.nix b/nixos/profiles/workstation/create.nix
new file mode 100644
index 0000000..1fc7a28
--- /dev/null
+++ b/nixos/profiles/workstation/create.nix
@@ -0,0 +1,11 @@
+{ config, pkgs, ... }:
+
+{
+ environment.systemPackages = with pkgs; [
+ graphviz-nox # for dot
+
+ gimp
+ krita
+ ];
+}
+
diff --git a/nixos/profiles/workstation/default.nix b/nixos/profiles/workstation/default.nix
new file mode 100644
index 0000000..ddc9a8c
--- /dev/null
+++ b/nixos/profiles/workstation/default.nix
@@ -0,0 +1,20 @@
+{ config, pkgs, ... }:
+
+{
+ imports = [
+ ../common
+ <top/shared/basics-physical.nix>
+ ./graphical.nix
+ ./dev.nix
+ ./create.nix
+ ];
+
+ environment.systemPackages = with pkgs; [
+ npins
+ ];
+
+ environment.sessionVariables = {
+ # Tell .zshrc to source zshrc-workstation.sh.
+ MYNIX_PROFILE = "workstation";
+ };
+}
diff --git a/nixos/profiles/workstation/dev.nix b/nixos/profiles/workstation/dev.nix
new file mode 100644
index 0000000..1e04b4c
--- /dev/null
+++ b/nixos/profiles/workstation/dev.nix
@@ -0,0 +1,31 @@
+{ config, pkgs, ... }:
+
+{
+ environment.systemPackages = with pkgs; [
+ rustup
+ python313
+ nodejs_22
+
+ # CLI tools
+ docker-compose
+ gnumake
+ jq
+ just
+ sqlite-interactive
+ tokei
+
+ (writeShellScriptBin "deploy-dir" (builtins.readFile ./scripts/deploy-dir))
+
+ gcc # rustc fails if cc linker isn't found
+ chromium
+
+ vscodium
+ # I'm installing extensions via my install-imperative script.
+ ];
+
+ virtualisation.podman = {
+ enable = true;
+ dockerSocket.enable = true;
+ };
+}
+
diff --git a/nixos/profiles/workstation/graphical.nix b/nixos/profiles/workstation/graphical.nix
new file mode 100644
index 0000000..d79ed97
--- /dev/null
+++ b/nixos/profiles/workstation/graphical.nix
@@ -0,0 +1,98 @@
+{ config, pkgs, ... }:
+
+{
+ programs.sway = {
+ enable = true;
+ # Execute sway with required environment variables for GTK apps.
+ wrapperFeatures.gtk = true;
+ };
+ programs.ssh.startAgent = true;
+
+ environment.loginShellInit = ''
+ [[ "$(tty)" == /dev/tty1 ]] && exec sway
+ '';
+
+ environment.systemPackages = with pkgs; [
+ swaylock
+
+ # CLI tools
+ brightnessctl
+ wl-clipboard # for wl-copy and wl-paste
+ grim
+
+ # When I ssh into a server my terminal changes to a host-specific background color via
+ # a LocalCommand configured in ~/.ssh/config and a ZSH function to reset the color on exit.
+ (writeShellScriptBin "set-bg" (builtins.readFile ./scripts/set-bg))
+ (writeShellScriptBin "reset-bg" (builtins.readFile ./scripts/reset-bg))
+
+ # graphical tools
+ imv
+ mpv
+
+ # set and forget
+ i3status-rust
+ ];
+
+ # This generates /etc/xdg/mimeapps.list. The XDG spec and xdg-open don't support wildcards in MIME types.
+ # TODO: use an xdg-open alternative that supports wildcards in MIME types and doesn't use mimeapps.list
+ xdg.mime.defaultApplications =
+ let
+ defaultBrowser = "firefox.desktop";
+ in
+ {
+ "text/html" = defaultBrowser;
+
+ "x-scheme-handler/http" = defaultBrowser;
+ "x-scheme-handler/https" = defaultBrowser;
+ "x-scheme-handler/mailto" = "thunderbird.desktop";
+ };
+
+ services.pipewire = {
+ enable = true;
+ alsa.enable = true;
+ alsa.support32Bit = true;
+ pulse.enable = true;
+ };
+ security.rtkit.enable = true; # recommended for PipeWire
+
+ programs.thunderbird = {
+ enable = true;
+ };
+
+ programs.firefox = {
+ enable = true;
+
+ policies = {
+ DontCheckDefaultBrowser = true;
+ DisablePocket = true;
+ FirefoxHome = {
+ SponsoredTopSites = false;
+ };
+
+ SearchSuggestEnabled = false;
+ # cannot use SearchEngines because it's only available on ESR :(
+ # (https://mozilla.github.io/policy-templates/#searchengines-this-policy-is-only-available-on-the-esr)
+
+ Preferences = {
+ "layout.css.devPixelsPerPx" = "1.2"; # with this the default Firefox font size matches my terminal font size of 14px
+ "browser.uidensity" = 1;
+ "browser.aboutConfig.showWarning" = false;
+ "extensions.activeThemeID" = "firefox-compact-dark@mozilla.org"; # can be changed via UI despite this about:config setting being locked
+ };
+
+ ExtensionSettings = {
+ "uBlock0@raymondhill.net" = {
+ install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
+ installation_mode = "force_installed";
+ };
+ };
+
+ PasswordManagerEnabled = false;
+ AutofillCreditCardEnabled = false;
+ ExtensionSettings."{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
+ install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
+ installation_mode = "force_installed";
+ };
+ };
+ };
+}
diff --git a/nixos/profiles/workstation/scripts/deploy-dir b/nixos/profiles/workstation/scripts/deploy-dir
new file mode 100755
index 0000000..bb7dfdf
--- /dev/null
+++ b/nixos/profiles/workstation/scripts/deploy-dir
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+
+if [ "$#" -ne 3 ]; then
+ echo "usage: $0 <local_dir> <ssh_dest> <remote_dir>"
+ exit 1
+fi
+printf -v remote_dir %q $3
+
+cd $1
+tar cf - . | ssh $2 "set -xe
+TEMP_DIR=\$(mktemp -d)
+cd \$TEMP_DIR
+tar xvf -
+rm -rf $remote_dir
+mv \$TEMP_DIR $remote_dir
+"
diff --git a/nixos/profiles/workstation/scripts/reset-bg b/nixos/profiles/workstation/scripts/reset-bg
new file mode 100644
index 0000000..5aa20f6
--- /dev/null
+++ b/nixos/profiles/workstation/scripts/reset-bg
@@ -0,0 +1,2 @@
+#!/usr/bin/env bash
+echo -en "\033]111\007"
diff --git a/nixos/profiles/workstation/scripts/set-bg b/nixos/profiles/workstation/scripts/set-bg
new file mode 100644
index 0000000..e78afdc
--- /dev/null
+++ b/nixos/profiles/workstation/scripts/set-bg
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+rgb_with_slashes=$(echo "$1" | sed -r 's,(..)(..),\1/\2/,')
+echo -en "\033]11;rgb:$rgb_with_slashes\007"