diff --git a/.github/workflows/flake-check.yml b/.github/workflows/flake-check.yml new file mode 100644 index 0000000..32b1de1 --- /dev/null +++ b/.github/workflows/flake-check.yml @@ -0,0 +1,23 @@ +name: "Check and build flake" + +on: + push: + pull_request: + workflow_dispatch: + +jobs: + nix-flake-check: + name: nix flake check + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: DeterminateSystems/nix-installer-action@v4 + - uses: DeterminateSystems/magic-nix-cache-action@main + - run: nix flake check --all-systems + + flake-checker: + name: flake-checker + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: DeterminateSystems/flake-checker-action@main \ No newline at end of file diff --git a/.github/workflows/flakehub-publish-tagged.yml b/.github/workflows/flakehub-publish-tagged.yml new file mode 100644 index 0000000..9a027e2 --- /dev/null +++ b/.github/workflows/flakehub-publish-tagged.yml @@ -0,0 +1,27 @@ +name: "Publish tags to FlakeHub" +on: + push: + tags: + - "v?[0-9]+.[0-9]+.[0-9]+*" + workflow_dispatch: + inputs: + tag: + description: "The existing tag to publish to FlakeHub" + type: "string" + required: true +jobs: + flakehub-publish: + runs-on: "ubuntu-latest" + permissions: + id-token: "write" + contents: "read" + steps: + - uses: "actions/checkout@v3" + with: + ref: "${{ (inputs.tag != null) && format('refs/tags/{0}', inputs.tag) || '' }}" + - uses: "DeterminateSystems/nix-installer-action@main" + - uses: "DeterminateSystems/flakehub-push@main" + with: + visibility: "public" + name: "YOUSIKI/nichijou" + tag: "${{ inputs.tag }}" diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..25ed994 --- /dev/null +++ b/.gitignore @@ -0,0 +1,169 @@ +### Nix ### +/result +/secrets/**/*.local + +### Emacs ### +# -*- mode: gitignore; -*- +*~ +\#*\# +/.emacs.desktop +/.emacs.desktop.lock +*.elc +auto-save-list +tramp +.\#* + +# Org-mode +.org-id-locations +*_archive + +# flymake-mode +*_flymake.* + +# eshell files +/eshell/history +/eshell/lastdir + +# elpa packages +/elpa/ + +# reftex files +*.rel + +# AUCTeX auto folder +/auto/ + +# cask packages +.cask/ +dist/ + +# Flycheck +flycheck_*.el + +# server auth directory +/server/ + +# projectiles files +.projectile + +# directory configuration +.dir-locals.el + +# network security +/network-security.data + + +### Linux ### + +# temporary files which can be created if a process still has a handle open of a deleted file +.fuse_hidden* + +# KDE directory preferences +.directory + +# Linux trash folder which might appear on any partition or disk +.Trash-* + +# .nfs files are created when an open file is removed but is still being accessed +.nfs* + +### macOS ### +# General +.DS_Store +.AppleDouble +.LSOverride + +# Icon must end with two \r +Icon + + +# Thumbnails +._* + +# Files that might appear in the root of a volume +.DocumentRevisions-V100 +.fseventsd +.Spotlight-V100 +.TemporaryItems +.Trashes +.VolumeIcon.icns +.com.apple.timemachine.donotpresent + +# Directories potentially created on remote AFP share +.AppleDB +.AppleDesktop +Network Trash Folder +Temporary Items +.apdisk + +### macOS Patch ### +# iCloud generated files +*.icloud + +### Vim ### +# Swap +[._]*.s[a-v][a-z] +!*.svg # comment out if you don't need vector files +[._]*.sw[a-p] +[._]s[a-rt-v][a-z] +[._]ss[a-gi-z] +[._]sw[a-p] + +# Session +Session.vim +Sessionx.vim + +# Temporary +.netrwhist +# Auto-generated tag files +tags +# Persistent undo +[._]*.un~ + +### VisualStudioCode ### +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json +!.vscode/*.code-snippets + +# Local History for Visual Studio Code +.history/ + +# Built Visual Studio Code Extensions +*.vsix + +### VisualStudioCode Patch ### +# Ignore all local history of files +.history +.ionide + +### Windows ### +# Windows thumbnail cache files +Thumbs.db +Thumbs.db:encryptable +ehthumbs.db +ehthumbs_vista.db + +# Dump file +*.stackdump + +# Folder config file +[Dd]esktop.ini + +# Recycle Bin used on file shares +$RECYCLE.BIN/ + +# Windows Installer files +*.cab +*.msi +*.msix +*.msm +*.msp + +# Windows shortcuts +*.lnk + +# End of https://www.toptal.com/developers/gitignore/api/linux,macos,windows,vim,emacs,visualstudiocode + diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..7b665b8 --- /dev/null +++ b/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2023 YouSiki + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..588b01c --- /dev/null +++ b/README.md @@ -0,0 +1,57 @@ + + +

nichijou  |  日常  |  にちじょう

+

nix configurations for daily life

+ +

+🚧 STILL UNDER CONSTRUCTION 🚧 +

+ +

+ + + + + +

+ +

+ Sakamoto +

+ +## 🧭 Usage + +Add nichijou to your `flake.nix`: + +```nix +{ + inputs = { + nichijou.url = "github:yousiki/nichijou"; + nichijou.inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = { self, nichijou }: { + # Use in your outputs + }; +} +``` + +## ⛰️ Giants + +This repository stands on the shoulders of giants: + +- Awesome dotfiles + - [truelecter/hive](https://github.com/truelecter/hive) + - [GTrunSec/hive](https://github.com/GTrunSec/hive) + - [Ruixi-rebirth/flakes](https://github.com/Ruixi-rebirth/flakes) + - [rxyhn/yuki](https://github.com/rxyhn/yuki) + - [Misterio77/nix-config](https://github.com/Misterio77/nix-config) + - [linuxmobile/hyprland-dots](https://github.com/linuxmobile/hyprland-dots) + - and more ... +- Awesome flake tools + - [divnix/hive](https://github.com/divnix/hive) + - [divnix/std](https://github.com/divnix/std) + - [nix-community/haumea](https://github.com/nix-community/haumea) + - [numtide/treefmt-nix](https://github.com/numtide/treefmt-nix) + - [hercules-ci/flake-parts](https://github.com/hercules-ci/flake-parts) + - and more ... diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..3019b41 --- /dev/null +++ b/flake.lock @@ -0,0 +1,193 @@ +{ + "nodes": { + "default-systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "flake-parts": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1706830856, + "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-root": { + "locked": { + "lastModified": 1692742795, + "narHash": "sha256-f+Y0YhVCIJ06LemO+3Xx00lIcqQxSKJHXT/yk1RTKxw=", + "owner": "srid", + "repo": "flake-root", + "rev": "d9a70d9c7a5fd7f3258ccf48da9335e9b47c3937", + "type": "github" + }, + "original": { + "owner": "srid", + "repo": "flake-root", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "haumea": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1704257549, + "narHash": "sha256-45yD4A7J5yWqTZ823qmKDi4Ap9g8b7Y+AYr2QbQ/nXI=", + "owner": "nix-community", + "repo": "haumea", + "rev": "89459a9563be101e6e52705cb4d60fca4011c05a", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "haumea", + "type": "github" + } + }, + "nixos-vscode-server": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1684517665, + "narHash": "sha256-SaAr66uCQ8CF75jIr23FZjk1+9Kfwm5sQnwV25206Gs=", + "owner": "nix-community", + "repo": "nixos-vscode-server", + "rev": "1e1358493df6529d4c7bc4cc3066f76fd16d4ae6", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-vscode-server", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1707268954, + "narHash": "sha256-2en1kvde3cJVc3ZnTy8QeD2oKcseLFjYPLKhIGDanQ0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "f8e2ebd66d097614d51a56a755450d4ae1632df1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-lib": { + "locked": { + "dir": "lib", + "lastModified": 1706550542, + "narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "97b17f32362e475016f942bbdfda4a4a72a8a652", + "type": "github" + }, + "original": { + "dir": "lib", + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "default-systems": "default-systems", + "flake-parts": "flake-parts", + "flake-root": "flake-root", + "haumea": "haumea", + "nixos-vscode-server": "nixos-vscode-server", + "nixpkgs": "nixpkgs", + "treefmt-nix": "treefmt-nix" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1707300477, + "narHash": "sha256-qQF0fEkHlnxHcrKIMRzOETnRBksUK048MXkX0SOmxvA=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "ac599dab59a66304eb511af07b3883114f061b9d", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..dc66737 --- /dev/null +++ b/flake.nix @@ -0,0 +1,109 @@ +{ + description = "Daily configuration based on Nix and Flake"; + + outputs = {self, ...} @ inputs: let + # The global variables that can be accessed from every module. + globals = { + root = ./.; + nixpkgs.overlays = [ + ]; + nixpkgs.config = { + allowUnfree = true; + allowBroken = false; + allowUnsupported = false; + }; + inherit self inputs; + inherit (self) outputs; + }; + in + inputs.flake-parts.lib.mkFlake {inherit inputs;} { + imports = with inputs; [ + flake-root.flakeModule + treefmt-nix.flakeModule + ]; + + systems = import (inputs.default-systems); + + perSystem = { + config, + self', + inputs', + pkgs, + system, + ... + }: rec { + # Overwrite nixpkgs configurations. + _module.args.pkgs = import inputs.nixpkgs { + inherit system; + inherit (globals.nixpkgs) config; + inherit (globals.nixpkgs) overlays; + }; + + # Format files with treefmt. + treefmt.config = { + inherit (config.flake-root) projectRootFile; + package = pkgs.treefmt; + programs.alejandra.enable = true; # *.nix + programs.prettier.enable = true; # *.json, *.yaml, *.yml + programs.stylua.enable = true; # *.lua + }; + }; + + flake = let + src = inputs.haumea.lib.load { + src = globals.root + /src; + inputs = {inherit globals;}; + loader = inputs.haumea.lib.loaders.scoped; + transformer = [inputs.haumea.lib.transformers.liftDefault]; + }; + in { + inherit + (src) + commonProfiles + nixosConfigurations + nixosProfiles + ; + }; + }; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; + + haumea.url = "github:nix-community/haumea"; + haumea.inputs.nixpkgs.follows = "nixpkgs"; + + default-systems.url = "github:nix-systems/default"; + + flake-root.url = "github:srid/flake-root"; + + flake-parts.url = "github:hercules-ci/flake-parts"; + + treefmt-nix.url = "github:numtide/treefmt-nix"; + treefmt-nix.inputs.nixpkgs.follows = "nixpkgs"; + + nixos-vscode-server.url = "github:nix-community/nixos-vscode-server"; + nixos-vscode-server.inputs.nixpkgs.follows = "nixpkgs"; + }; + + nixConfig = { + extra-trusted-substituters = [ + "https://cache.garnix.io" + "https://cache.nixos.org" + "https://hyprland.cachix.org" + "https://mirrors.tuna.tsinghua.edu.cn/nix-channels/store" + "https://mirrors.ustc.edu.cn/nix-channels/store" + "https://nichijou.cachix.org" + "https://nix-community.cachix.org" + "https://nixpkgs-wayland.cachix.org" + "https://numtide.cachix.org" + ]; + extra-trusted-public-keys = [ + "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" + "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" + "nichijou.cachix.org-1:rbaTU9nLgVW9BK/HSV41vsag6A7/A/caBpcX+cR/6Ps=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA=" + "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE=" + ]; + }; +} diff --git a/garnix.yaml b/garnix.yaml new file mode 100644 index 0000000..5afbb7c --- /dev/null +++ b/garnix.yaml @@ -0,0 +1,5 @@ +builds: + exclude: [] + include: + - "*.x86_64-darwin.*" + - "*.x86_64-linux.*" diff --git a/src/commonProfiles/README.md b/src/commonProfiles/README.md new file mode 100644 index 0000000..121ec58 --- /dev/null +++ b/src/commonProfiles/README.md @@ -0,0 +1,3 @@ +# commonProfiles + +Profiles for both NixOS and Nix-darwin. diff --git a/src/commonProfiles/nix.nix b/src/commonProfiles/nix.nix new file mode 100644 index 0000000..5c38d5f --- /dev/null +++ b/src/commonProfiles/nix.nix @@ -0,0 +1,56 @@ +# Basic nix and nixpkgs configuration for NixOS and Nix-darwin. +{globals, ...}: { + config, + lib, + pkgs, + ... +}: +with builtins // lib; let + flake = import (globals.root + "/flake.nix"); +in { + # Nixpkgs configuration + inherit (globals) nixpkgs; + + # Basic nix configuration for both NixOS and Darwin. + nix = { + settings = { + # Nix automatically detects files in the store that have identical contents, and replaces them with hard links to a single copy. + auto-optimise-store = true; + # Nix will instruct remote build machines to use their own binary substitutes if available. + builders-use-substitutes = true; + # Experimental nix features. + experimental-features = ["flakes" "nix-command"]; + # Nix will fall back to building from source if a binary substitute fails. + fallback = true; + # The garbage collector will keep the derivations from which non-garbage store paths were built. + keep-derivations = true; + # The garbage collector will keep the outputs of non-garbage derivations. + keep-outputs = true; + # Builds will be performed in a sandboxed environment. + sandbox = false; + # These users will have additional rights when connecting to the Nix daemon. + trusted-users = ["root" "@wheel" "@admin"]; + # Never warn about dirty Git/Mercurial trees. + warn-dirty = false; + # Trusted substituters + trusted-substituters = flake.nixConfig.extra-trusted-substituters; + # Trusted public keys + trusted-public-keys = flake.nixConfig.extra-trusted-public-keys; + }; + + # Garbage collector + gc.automatic = true; + + # List of directories to be searched for <...> file references.W + nixPath = [ + "nixpkgs=flake:nixpkgs" + "darwin=/etc/nix/inputs/darwin" + "home-manager=flake:home-manager" + ]; + + registry = + mapAttrs + (n: v: {flake = v;}) + (removeAttrs globals.inputs ["nixpkgs"]); + }; +} diff --git a/src/commonProfiles/packages.nix b/src/commonProfiles/packages.nix new file mode 100644 index 0000000..fada51f --- /dev/null +++ b/src/commonProfiles/packages.nix @@ -0,0 +1,34 @@ +# Basic packages for NixOS and Nix-darwin. +{globals, ...}: { + config, + lib, + pkgs, + ... +}: +with builtins // lib; { + environment.systemPackages = with pkgs; [ + bat + bottom + btop + curl + duf + eza + fzf + gdu + gh + helix + jq + man + neofetch + ripgrep + vim + wget + zellij + ]; + + programs.fish.enable = true; + programs.git.enable = true; + programs.git.lfs.enable = true; + programs.tmux.enable = true; + programs.zsh.enable = true; +} diff --git a/src/nixosConfigurations/yui/README.md b/src/nixosConfigurations/yui/README.md new file mode 100644 index 0000000..95d2e96 --- /dev/null +++ b/src/nixosConfigurations/yui/README.md @@ -0,0 +1,3 @@ +# nixosConfigurations.yui + +`yui` is the NixOS virutal machine in orbstack. diff --git a/src/nixosConfigurations/yui/_configuration.nix b/src/nixosConfigurations/yui/_configuration.nix new file mode 100644 index 0000000..4e0fe32 --- /dev/null +++ b/src/nixosConfigurations/yui/_configuration.nix @@ -0,0 +1,105 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). +{ + modulesPath, + config, + pkgs, + lib, + ... +}: +with lib; { + imports = [ + # Include the default lxd configuration. + "${modulesPath}/virtualisation/lxc-container.nix" + # Include the container-specific autogenerated configuration. + # ./lxd.nix + # ./orbstack.nix + ]; + + # networking.hostName = mkForce "nixos"; # Overwrite the hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # The global useDHCP flag is deprecated, therefore explicitly set to false here. + # Per-interface useDHCP will be mandatory in the future, so this generated config + # replicates the default behaviour. + networking.useDHCP = false; + networking.interfaces.eth0.useDHCP = true; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + # i18n.defaultLocale = "en_US.UTF-8"; + # console = { + # font = "Lat2-Terminus16"; + # keyMap = "us"; + # }; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + # users.users.alice = { + # isNormalUser = true; + # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + # }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # firefox + # ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.05"; # Did you read the comment? + + # As this is intended as a stadalone image, undo some of the minimal profile stuff + documentation.enable = true; + documentation.nixos.enable = true; + environment.noXlibs = false; +} diff --git a/src/nixosConfigurations/yui/_lxd.nix b/src/nixosConfigurations/yui/_lxd.nix new file mode 100644 index 0000000..e4ef530 --- /dev/null +++ b/src/nixosConfigurations/yui/_lxd.nix @@ -0,0 +1,10 @@ +{ + lib, + config, + pkgs, + ... +}: +# WARNING: THIS CONFIGURATION IS AUTOGENERATED AND WILL BE OVERWRITTEN AUTOMATICALLY +{ + networking.hostName = "yui"; +} diff --git a/src/nixosConfigurations/yui/_orbstack.nix b/src/nixosConfigurations/yui/_orbstack.nix new file mode 100644 index 0000000..87694d0 --- /dev/null +++ b/src/nixosConfigurations/yui/_orbstack.nix @@ -0,0 +1,80 @@ +# Generated by OrbStack. +# This MAY be overwritten in the future. Make a copy and update the include +# in configuration.nix if you want to keep your changes. +{ + lib, + config, + pkgs, + ... +}: +with lib; { + # sudoers + security.sudo.extraRules = [ + { + users = ["yousiki"]; + commands = [ + { + command = "ALL"; + options = ["NOPASSWD"]; + } + ]; + } + ]; + + # add OrbStack CLI tools to PATH + environment.shellInit = '' + . /opt/orbstack-guest/etc/profile-early + + # add your customizations here + + . /opt/orbstack-guest/etc/profile-late + ''; + + # timezone + time.timeZone = "Asia/Shanghai"; + + # resolv.conf: NixOS doesn't use systemd-resolved + + # faster DHCP - OrbStack uses SLAAC exclusively + networking.dhcpcd.extraConfig = '' + noarp + noipv6 + ''; + + # disable sshd + services.openssh.enable = false; + + # systemd + systemd.services."systemd-oomd".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-resolved".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-userdbd".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-udevd".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-timesyncd".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-timedated".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-portabled".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-nspawn@".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-networkd".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-machined".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-localed".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-logind".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-journald@".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-journald".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-journal-remote".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-journal-upload".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-importd".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-hostnamed".serviceConfig.WatchdogSec = 0; + systemd.services."systemd-homed".serviceConfig.WatchdogSec = 0; + + # ssh config + programs.ssh.extraConfig = '' + Include /opt/orbstack-guest/etc/ssh_config + ''; + + # extra certificates + security.pki.certificateFiles = [ + "/opt/orbstack-guest/run/extra-certs.crt" + ]; + + # indicate builder support for emulated architectures + nix.extraOptions = "extra-platforms = x86_64-linux i686-linux"; +} diff --git a/src/nixosConfigurations/yui/default.nix b/src/nixosConfigurations/yui/default.nix new file mode 100644 index 0000000..355b6d6 --- /dev/null +++ b/src/nixosConfigurations/yui/default.nix @@ -0,0 +1,20 @@ +# Configuration for yui, which is a NixOS VM in Orbstack. +# Note that _lxd.nix and _orbstack.nix are generated by Orbstack. +{globals, ...}: let + nixosModules = with globals.outputs; [ + # Host-specific modules + ./_configuration.nix + ./_lxd.nix + ./_orbstack.nix + + # Host-specific profiles + commonProfiles.nix + commonProfiles.packages + nixosProfiles.vscode-server + ]; +in + globals.inputs.nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = {inherit globals;}; + modules = nixosModules; + } diff --git a/src/nixosProfiles/README.md b/src/nixosProfiles/README.md new file mode 100644 index 0000000..6f007b3 --- /dev/null +++ b/src/nixosProfiles/README.md @@ -0,0 +1,3 @@ +# nixosProfiles + +Profiles for NixOS. diff --git a/src/nixosProfiles/nvidia-gpu.nix b/src/nixosProfiles/nvidia-gpu.nix new file mode 100644 index 0000000..c197151 --- /dev/null +++ b/src/nixosProfiles/nvidia-gpu.nix @@ -0,0 +1,25 @@ +# Install NVIDIA GPU driver and configurations. +{globals, ...}: { + config, + lib, + pkgs, + ... +}: +with builtins // lib; { + nixpkgs.config.cudaSupport = true; + services.xserver.videoDrivers = ["nvidia"]; + hardware.nvidia.nvidiaSettings = true; + hardware.nvidia.modesetting.enable = true; + hardware.opengl.enable = true; + hardware.opengl.driSupport32Bit = true; + virtualisation.docker.enableNvidia = true; + virtualisation.docker.daemon.settings.default-runtime = "nvidia"; + virtualisation.podman.enableNvidia = true; + environment.systemPackages = with pkgs; + with python311Packages; [ + bottom + gpustat + nvitop + nvtop + ]; +} diff --git a/src/nixosProfiles/vscode-server.nix b/src/nixosProfiles/vscode-server.nix new file mode 100644 index 0000000..cd2bcf9 --- /dev/null +++ b/src/nixosProfiles/vscode-server.nix @@ -0,0 +1,13 @@ +# Setup server for vscode remote-SSH connection. +{globals, ...}: { + config, + lib, + pkgs, + ... +}: { + imports = [ + globals.inputs.nixos-vscode-server.nixosModules.default + ]; + + services.vscode-server.enable = true; +} diff --git a/static/images/sakamoto.gif b/static/images/sakamoto.gif new file mode 100644 index 0000000..7f7451d Binary files /dev/null and b/static/images/sakamoto.gif differ