From 805232da0a1b8a502d05a5f70ab5e7f0e67e5e9e Mon Sep 17 00:00:00 2001 From: caleb Date: Mon, 29 Jan 2024 23:07:13 -0500 Subject: [PATCH] initial commit --- application-configuration.nix | 46 +++++++ bootloader-configuration.nix | 30 +++++ configuration.nix | 169 +++++++++++++++++++++++++ hardware-configuration.nix | 37 ++++++ school-configuration.nix | 13 ++ software-development-configuration.nix | 14 ++ surfacebook-configuration.nix | 55 ++++++++ 7 files changed, 364 insertions(+) create mode 100644 application-configuration.nix create mode 100644 bootloader-configuration.nix create mode 100644 configuration.nix create mode 100644 hardware-configuration.nix create mode 100644 school-configuration.nix create mode 100644 software-development-configuration.nix create mode 100644 surfacebook-configuration.nix diff --git a/application-configuration.nix b/application-configuration.nix new file mode 100644 index 0000000..fc7fc07 --- /dev/null +++ b/application-configuration.nix @@ -0,0 +1,46 @@ +{ lib, pkgs, ... }: +{ + users.users.caleb = { + packages = with pkgs; + [ + ## apps + firefox + kate + qalculate-qt + keepassxc + libsForQt5.krdc + libreoffice-qt + isoimagewriter + qdirstat + signal-desktop + monero-gui + tor-browser-bundle-bin + yubikey-manager-qt + + # FAF + jq + cabextract + ]; + }; + + environment.systemPackages = with pkgs; [ + openjdk8 + ]; + + # Enable mullvad vpn + services.mullvad-vpn.package = pkgs.mullvad-vpn; + services.mullvad-vpn.enable = true; + + # Enable tailscale + services.tailscale.enable = true; + + # install Steam + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + }; + + # yubikey + services.pcscd.enable = true; +} diff --git a/bootloader-configuration.nix b/bootloader-configuration.nix new file mode 100644 index 0000000..3f7fa93 --- /dev/null +++ b/bootloader-configuration.nix @@ -0,0 +1,30 @@ +{ ... }: +{ + # Grub bootloader + boot.loader = { + timeout = 0; + efi.canTouchEfiVariables = true; + grub = { + enable = true; + efiSupport = true; + default = "saved"; + device = "nodev"; + splashImage = null; + extraConfig = ''set timeout_style=hidden''; + + # other menu entries + extraEntries = + ''menuentry "System shutdown" { + halt + } + + menuentry "System restart" { + reboot + } + + menuentry 'UEFI Firmware Settings' --id 'uefi-firmware' { + fwsetup + }''; + }; + }; +} diff --git a/configuration.nix b/configuration.nix new file mode 100644 index 0000000..13d53ba --- /dev/null +++ b/configuration.nix @@ -0,0 +1,169 @@ +{ config, lib, pkgs, ... }: +{ + imports = + [ + ./hardware-configuration.nix + ./bootloader-configuration.nix + ./surfacebook-configuration.nix + ./application-configuration.nix + ./software-development-configuration.nix + ./school-configuration.nix + ]; + + # Enable networking and bluetooth + networking.networkmanager.enable = true; + systemd.services.NetworkManager-wait-online.enable = false; #disable wait online since it is broken + networking.hostName = "surface"; + hardware.bluetooth.enable = true; + + # Set time zone. + time.timeZone = "America/New_York"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; + + # Enable opengl + hardware.opengl = { + enable = true; + driSupport = true; + driSupport32Bit = true; + }; + + # Allow unfree and insecure packages + nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ + "vista-fonts" + "corefonts" + + "steam" + "steam-original" + "steam-run" + "vscode-extension-ms-vscode-cpptools" + "vscode-extension-ms-vscode-remote-remote-ssh" + + "nvidia-x11" + "nvidia-settings" + "vscode" + "code" + ]; + + # Enable the X11 windowing system. + services.xserver.enable = true; + services.xserver.videoDrivers = [ "nvidia" ]; + + # Enable the KDE Plasma Desktop Environment. + services.xserver.displayManager.sddm.enable = true; + services.xserver.desktopManager.plasma5.enable = true; + + # Configure keymap in X11 + services.xserver = { + layout = "us"; + xkbVariant = ""; + }; + + # fonts + fonts.packages = with pkgs; [ + vistafonts + corefonts + nerdfonts # nvcahd dependency + ]; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.caleb = { + isNormalUser = true; + description = "caleb"; + extraGroups = [ "networkmanager" "wheel" ]; + hashedPassword = "$y$j9T$v6EDyPW8C/K.Th4xg8MHL/$tA67k6U0kLtafTNNW2DM7j.xObjPSaZFQ4e/beBX7g2"; + packages = with pkgs; + [ + # spellcheck + hunspell + hunspellDicts.en-us + hunspellDicts.en-us-large + ]; + }; + + # disable sudo password for wheel + security.sudo.wheelNeedsPassword = false; + + # List packages installed in system profile: + environment.systemPackages = with pkgs; [ + appimage-run + git + protontricks + steam-run + wget + winetricks + wineWowPackages.stable + ripgrep # nvchad dependency + ]; + + #neovim + programs.neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + configure = { + packages.nvchad-complete = with pkgs.vimPlugins; { + start = [ + nvchad + nvchad-ui + ]; + }; + }; + }; + + # enable mac address randomization + networking.networkmanager.wifi.macAddress = "random"; + + # Enable CUPS to print documents. + services.printing.enable = true; + services.printing.drivers = [ pkgs.brlaser ]; + + # remote build + nix.buildMachines = [{ + hostName = "january"; + system = "x86_64-linux"; + protocol = "ssh-ng"; + maxJobs = 1; + speedFactor = 2; + supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; + mandatoryFeatures = [ ]; + }]; + nix.distributedBuilds = true; + # optional, useful when the builder has a faster internet connection than yours + nix.extraOptions = '' + builders-use-substitutes = true + ''; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.11"; +} diff --git a/hardware-configuration.nix b/hardware-configuration.nix new file mode 100644 index 0000000..48e29fd --- /dev/null +++ b/hardware-configuration.nix @@ -0,0 +1,37 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/83947a1f-1322-4bd8-8a90-6e729d7d01dd"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/AC62-4777"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/school-configuration.nix b/school-configuration.nix new file mode 100644 index 0000000..067608e --- /dev/null +++ b/school-configuration.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: +{ + environment.systemPackages = with pkgs; [ + nmap + wireshark + arduino-cli + + # senior design + gnuradio + conda + uhd + ]; +} diff --git a/software-development-configuration.nix b/software-development-configuration.nix new file mode 100644 index 0000000..0cb1e94 --- /dev/null +++ b/software-development-configuration.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: +{ + environment.systemPackages = with pkgs; [ + # languages + rustup + cmake + gcc + python3Full + + # vscode + nixpkgs-fmt + vscode + ]; +} diff --git a/surfacebook-configuration.nix b/surfacebook-configuration.nix new file mode 100644 index 0000000..ae21dff --- /dev/null +++ b/surfacebook-configuration.nix @@ -0,0 +1,55 @@ +{ config, lib, pkgs, ... }: + +# nvidia-offload script +let + nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' + export __NV_PRIME_RENDER_OFFLOAD=1 + export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 + export __GLX_VENDOR_LIBRARY_NAME=nvidia + export __VK_LAYER_NV_optimus=NVIDIA_only + exec "$@" + ''; +in +{ + imports = + [ + + ]; + + ##### SB3 Hardware ##### + # surface kernel config + users.users.caleb.extraGroups = [ "surface-control" ]; + microsoft-surface.surface-control.enable = true; + hardware.cpu.intel.updateMicrocode = true; + + # Nvidia driver setup + hardware.nvidia = { + modesetting.enable = true; + package = config.boot.kernelPackages.nvidiaPackages.latest; + nvidiaSettings = true; + powerManagement = { + enable = true; + finegrained = true; + }; + prime = { + offload = { + enable = true; + enableOffloadCmd = true; + }; + + intelBusId = "PCI:0:2:0"; + nvidiaBusId = "PCI:2:0:0"; + }; + }; + + # disable systemd services + systemd.services = { + nvidia-resume = { + enable = false; + restartIfChanged = false; + }; + }; + + # power tuning + powerManagement.powertop.enable = true; +}