Add initial legacy configuration

2025-02-22 20:27:25 +02:00 · 2025-02-22 20:27:25 +02:00 · db07652d99
commit db07652d99
parent febfe1d970
64 changed files with 3287 additions and 13 deletions
--- a/nixos-modules/base/applications.nix
+++ b/nixos-modules/base/applications.nix
@ -0,0 +1,87 @@
+{
+  pkgs,
+  ...
+}:
+
+{
+  environment.systemPackages =
+    with pkgs;
+    [
+      tmux
+      pciutils
+      dmidecode
+      smartmontools
+      borgbackup
+      iw
+      killall
+      bc
+      efibootmgr
+      efitools
+      efivar
+      mkpasswd
+      rename
+      wipe
+      gnupg
+      pass-wayland
+      pwgen
+      powertop
+      lm_sensors
+      sbctl
+    ]
+    ++ [
+      nixfmt-rfc-style
+      nix-index
+      nix-diff
+      nixpkgs-review
+      nixos-option
+    ]
+    ++ [
+      autojump
+      powerline-go
+    ]
+    ++ [
+      # File Utilities
+      ripgrep
+      unzip
+      p7zip
+      unrar
+      iotop
+      cabextract
+      tree
+      vim
+      vimPlugins.pathogen
+      vimPlugins.airline
+      git
+      git-lfs
+    ]
+    ++ [
+      # Filesystem & Disk Utilities
+      exfat
+      samba
+      cifs-utils
+      keyutils # required for cifs kerberos auth
+      sshfs-fuse
+      hdparm
+      mtpfs
+      ntfs3g
+      smartmontools
+      parted
+      usbutils
+    ]
+    ++ [
+      # Networking Utilities
+      nmap
+      bind
+      curl
+      wget
+      tor
+      whois
+      wol
+      rsync
+      sshuttle
+      iftop
+      mailutils
+      imapsync
+      bluez-tools
+    ];
+}
--- a/nixos-modules/base/default.nix
+++ b/nixos-modules/base/default.nix
@ -0,0 +1,112 @@
+{
+  lib,
+  pkgs,
+  inputs,
+  ...
+}:
+
+let
+  users = {
+    fhauser = {
+      uid = 1000;
+      isNormalUser = true;
+      description = "Fabian Hauser";
+      group = "fhauser";
+      extraGroups = [
+        "wheel"
+        "video"
+        "docker"
+        "networkmanager"
+        "libvirtd"
+        "adbusers"
+      ];
+      openssh.authorizedKeys.keys = [
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIPF8ZV7vhpbVvLxiKq8ANVusNUHMbtii5MuvjxCbVz7vSNVPo9OOLvYyDqhbRAWMTdQeGZVAaALBufKKmprDTRFMpnA7Ut4TFrdz/5DTaR2KEjJ7P75moH+0xooR/GsbzFGsNBSQSXK3u1igndPYEC/PqCHN++32kDo2wLqTB4VLrEovU3iq8BMckn329Bu1fGbXKTgDpEvUEEwFO2brQZLMmzILGF/v4B9ImEGtinAUNgDSfEpgPN23sdWQH9rwEClGv95JmWNf05tuVomhZzOBtCFoAno3XB1nj16avjsqJ3aGFY2CCcfsNrwKzhIotmm82bcI4BJuJIVRIKbZ1 cardno:000603507108"
+      ];
+    };
+  };
+in
+{
+  imports = [
+    inputs.private.nixosModules.users # Contains hashedPasswords for users.
+    ./unfree.nix
+    ./applications.nix
+  ];
+
+  boot.loader.timeout = 2;
+  boot.tmp.useTmpfs = true;
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+  boot.bootspec.enable = true;
+
+  catppuccin = {
+    flavor = "mocha";
+    tty.enable = true;
+  };
+
+  console.keyMap = "de_CH-latin1";
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  users.mutableUsers = false;
+  users.groups = {
+    fhauser.gid = 1000;
+  };
+  users.users = users // {
+    root.openssh.authorizedKeys.keys =
+      with lib;
+      concatLists (
+        mapAttrsToList (
+          _name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else [ ]
+        ) users
+      );
+  };
+
+  # Package management
+  nix = {
+    settings.trusted-users = [
+      "root"
+      "@wheel"
+    ];
+    optimise.automatic = true;
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 60d";
+    };
+    package = pkgs.nixVersions.stable;
+    extraOptions = ''
+      experimental-features = nix-command flakes
+    '';
+  };
+
+  # System Services
+  services.btrfs.autoScrub.enable = true;
+  services.fwupd.enable = true;
+
+  # Network services
+  networking.networkmanager.enable = true;
+  networking.firewall = {
+    allowPing = true;
+    allowedTCPPorts = [ 22 ];
+  };
+  systemd.services.NetworkManager-wait-online.enable = false;
+
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+  };
+
+  # Default Settings
+  environment.etc = {
+    gitconfig.source = ./etc/gitconfig;
+    vimrc.source = ./etc/vimrc;
+  };
+
+  programs.autojump.enable = true;
+  programs.vim = {
+    enable = true;
+    defaultEditor = true;
+  };
+  environment.systemPackages = [ pkgs.comma ];
+
+  services.dbus.implementation = "broker";
+}
--- a/nixos-modules/base/etc/gitconfig
+++ b/nixos-modules/base/etc/gitconfig
@ -0,0 +1,31 @@
+[core]
+        packedGitWindowSize = 16m
+        packedGitLimit = 64m
+[pack]
+        windowMemory = 64m
+        packSizeLimit = 64m
+        thread = 1
+        deltaCacheSize = 1m
+[color]
+    branch = auto
+    diff = auto
+    status = auto
+[push]
+    default = simple
+[pull]
+    rebase = true
+[branch]
+    autosetuprebase = always
+[commit]
+#   gpgsign = true
+[tag]
+#   gpgsign = true
+
+[alias]
+    s = status --short --branch
+    a = add --patch
+    c = commit --message
+    l = log --color --graph --pretty=format:'%Cred%h%Creset - %C(bold)%s%Creset%C(yellow)%d%Creset %C(green)%an%Creset %C(cyan)%cr%Creset' --abbrev-commit
+    d = diff
+[diff]
+#   noprefix = true
--- a/nixos-modules/base/etc/vimrc
+++ b/nixos-modules/base/etc/vimrc
@ -0,0 +1,54 @@
+
+" Use Vim settings, rather than Vi settings (much better!).
+" This must be first, because it changes other options as a side effect.
+" Avoid side effects when it was already reset.
+if &compatible
+  set nocompatible
+endif
+
+" Convenient command to see the difference between the current buffer and the
+" file it was loaded from, thus the changes you made.
+" Only define it when not defined already.
+" Revert with: ":delcommand DiffOrig".
+if !exists(":DiffOrig")
+  command DiffOrig vert new | set bt=nofile | r ++edit # | 0d_ | diffthis
+          \ | wincmd p | diffthis
+endif
+
+" Don't wake up system with blinking cursor:
+" http://www.linuxpowertop.org/known.php
+let &guicursor = &guicursor . ",a:blinkon0"
+
+
+
+
+""""""""""""""""""""""""""
+"  Design Settings
+""""""""""""""""""""""""""
+set background=dark
+colorscheme elflord
+
+""""""""""""""""""""""""""
+" Other Settings
+""""""""""""""""""""""""""
+set ignorecase                  " Ignore search case
+set autoindent                  " Newline with automatic text indent
+set ruler                       " Show current position
+set pastetoggle=<F2>
+set ignorecase
+set hidden
+
+set splitbelow
+set splitright
+
+set tabstop=2
+set shiftwidth=2
+set softtabstop=2
+set expandtab
+
+set listchars="eol:¬,tab:>·,trail:~,extends:>,precedes:<,space:␣"
+set grepprg=ack\ -k
+
+filetype plugin indent on
+syntax on
+
--- a/nixos-modules/base/unfree.nix
+++ b/nixos-modules/base/unfree.nix
@ -0,0 +1,56 @@
+{
+  config,
+  lib,
+  ...
+}:
+
+{
+  nixpkgs.config.allowUnfreePredicate =
+    pkg:
+    builtins.elem (lib.getName pkg) [
+      "unrar"
+
+      "steam"
+      "steam-run"
+      "steam-original"
+      "steam-unwrapped"
+
+      "hplip"
+
+      "google-chrome"
+      "spotify"
+      "spotify-unwrapped"
+      "discord"
+      "teamviewer"
+      "todoist-electron"
+      "todoist-electron-8.10.1"
+      "obsidian"
+
+      "davinci-resolve"
+      "davinci-resolve-18.6.3"
+
+      "lightworks"
+      "lightworks-2023.1"
+      "nvidia-cg-toolkit-3.1"
+      "nvidia-cg-toolkit"
+
+      "corefonts"
+      "camingo-code"
+      "helvetica-neue-lt-std"
+      #"kochi-substitute-naga10"
+      "ttf-envy-code-r"
+      "vista-fonts"
+      "vista-fonts-chs"
+      "xkcd-font-unstable"
+      "xkcd-font"
+      "xkcd-font-unstable-2017-08-24"
+      "ricty"
+
+      "pycharm-professional"
+      "idea-ultimate"
+      "android-studio-stable"
+      "android-studio-beta"
+
+      "vmware-view"
+    ];
+}