martials/nixos-configuration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added Thinkpad and pi4 configs

Browse Source
This commit is contained in:
Martin Berg Alstad
2025-04-12 19:45:01 +02:00
parent 00cf2c38f9
commit 6ca92c8537
74 changed files with 7730 additions and 973 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
hosts/thinkpad/modules/battery.nix Normal file
View File

@ -0,0 +1,6 @@
{
services = {
upower.enable = true;
power-profiles-daemon.enable = true;
};
}

14
hosts/thinkpad/modules/bluetooth.nix Normal file
View File

@ -0,0 +1,14 @@
{ pkgs, ... }:
{
environment.systemPackages = [
pkgs.bluez
];
hardware.bluetooth = {
enable = true;
powerOnBoot = true; # powers up the default Bluetooth controller on boot
};
services.blueman.enable = true;
}

19
hosts/thinkpad/modules/default.nix Normal file
View File

@ -0,0 +1,19 @@
{
imports = [
./battery.nix
./bluetooth.nix
./development.nix
./fonts.nix
./gaming
./gnome
./hardware
./locale.nix
./networking.nix
./nix-helper.nix
./hyprland
./sddm.nix
./security.nix
./shell.nix
./qt.nix
];
}

41
hosts/thinkpad/modules/development.nix Normal file
View File

@ -0,0 +1,41 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
# IDEs
jetbrains.rust-rover
jetbrains.webstorm
jetbrains.rider
vscodium # TODO set up extensions
# Tools
dotnet-sdk_9
dotnet-aspnetcore_9
git
rustup
nodejs_22
pnpm
just
gcc # Required for C, Rust and others
# Language servers
nixd
nil
# Formatters
nixfmt-rfc-style
treefmt
nodePackages.prettier
shfmt
];
virtualisation.docker = {
enable = true;
storageDriver = "btrfs";
rootless = {
enable = true;
setSocketVariable = true;
};
};
services.ollama = {
enable = true;
};
}

23
hosts/thinkpad/modules/fonts.nix Normal file
View File

@ -0,0 +1,23 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
font-awesome # Icons
];
fonts =
let
theme = import ../theme.nix;
in
{
fontconfig.enable = true;
packages = with pkgs; [
(nerdfonts.override { fonts = [ theme.nerdFont ]; })
jetbrains-mono
# The line below will replace the lines above in 25.05
# nerd-fonts.jetbrains-mono
font-awesome
];
};
}

12
hosts/thinkpad/modules/gaming/default.nix Normal file
View File

@ -0,0 +1,12 @@
{ pkgs, ... }:
{
imports = [
./steam.nix
];
environment.systemPackages = with pkgs; [
heroic
wine
];
}

8
hosts/thinkpad/modules/gaming/steam.nix Normal file
View File

@ -0,0 +1,8 @@
{
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
};
}

28
hosts/thinkpad/modules/gnome/default.nix Normal file
View File

@ -0,0 +1,28 @@
{ pkgs, ... }:
{
imports = [
./nautilus.nix
];
environment.systemPackages = with pkgs; [
# adw-gtk3
glib
adwaita-icon-theme
gnomeExtensions.appindicator
# gnome-extension-manager
loupe
gnome-calculator
gnome-disk-utility
gnome-clocks
papers # PDFReader
];
programs.dconf.enable = true; # Required for some gnome applications
services = {
gnome.gnome-keyring.enable = true;
gvfs.enable = true; # Gnome Virtual File-system. Required for various things in nautilus
udev.packages = with pkgs; [ gnome-settings-daemon ];
};
}

15
hosts/thinkpad/modules/gnome/nautilus.nix Normal file
View File

@ -0,0 +1,15 @@
{ pkgs, ... }:
let
common = import ../../common.nix;
in
{
environment.systemPackages = with pkgs; [
nautilus
ffmpegthumbnailer # Thumbnails
];
programs.nautilus-open-any-terminal = {
enable = true;
terminal = common.default.terminal;
};
}

33
hosts/thinkpad/modules/hardware/audio.nix Normal file
View File

@ -0,0 +1,33 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
gst_all_1.gstreamer
gst_all_1.gst-plugins-base
gst_all_1.gst-plugins-good
gst_all_1.gst-plugins-bad
wireplumber
playerctl # Interaction with audioplayers and browsers
pavucontrol # GUI
spotify
];
hardware.pulseaudio.enable = false; # Will be moved to services in 25.05
security.rtkit.enable = true; # Enable RealtimeKit for audio purposes
services = {
pipewire = {
enable = true;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
# Uncomment the following line if you want to use JACK applications
# jack.enable = true;
};
# pulseaudio.enable = false; # TODO uncommenct at 25.05
};
}

8
hosts/thinkpad/modules/hardware/default.nix Normal file
View File

@ -0,0 +1,8 @@
{
imports = [
./audio.nix
./graphics
./hardware-configuration.nix
./keyboard.nix
];
}

6
hosts/thinkpad/modules/hardware/graphics/default.nix Normal file
View File

@ -0,0 +1,6 @@
{
imports = [ ];
# Enable OpenGL
hardware.graphics.enable = true;
}

57
hosts/thinkpad/modules/hardware/hardware-configuration.nix Normal file
View File

@ -0,0 +1,57 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"usb_storage"
"sd_mod"
"sdhci_pci"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/5ac9c425-35ae-47d5-a683-68ee0dbfc2bc";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-99b73f22-3fa1-42b5-ad48-54b0ccff72cc".device =
"/dev/disk/by-uuid/99b73f22-3fa1-42b5-ad48-54b0ccff72cc";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/3CFB-D12A";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

11
hosts/thinkpad/modules/hardware/keyboard.nix Normal file
View File

@ -0,0 +1,11 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
via
];
hardware.keyboard.qmk.enable = true;
services.udev.packages = with pkgs; [ via ];
}

25
hosts/thinkpad/modules/hyprland/default.nix Normal file
View File

@ -0,0 +1,25 @@
# System configurations for Hyprland. For home configs, see ./home-manager/hyprland
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
xdg-desktop-portal-hyprland
hyprpolkitagent # Auth deamon providing modals for password auth
hyprshot # Screenshots
hyprsunset # Blue light filter
unstable.hyprsysteminfo
unstable.hyprland-qtutils
unstable.hyprland-qt-support
];
programs = {
hyprland = {
enable = true;
xwayland.enable = true;
withUWSM = true;
};
hyprlock.enable = true; # Lock screen
};
services.hypridle.enable = true; # Lock when unused
}

37
hosts/thinkpad/modules/locale.nix Normal file
View File

@ -0,0 +1,37 @@
# TODO move locale config for hyprland here
let
utf-8 = "UTF-8";
en = "en_GB.${utf-8}";
nb = "nb_NO.${utf-8}";
common = import ../common.nix;
in
{
# Configure console keymap
console.keyMap = "uk";
# Select internationalisation properties.
i18n = {
defaultLocale = en;
supportedLocales = [
"${en}/${utf-8}"
"${nb}/${utf-8}"
];
extraLocaleSettings = {
LC_ADDRESS = nb;
LC_IDENTIFICATION = nb;
LC_MEASUREMENT = nb;
LC_MONETARY = nb;
LC_NAME = nb;
LC_NUMERIC = nb;
LC_PAPER = nb;
LC_TELEPHONE = nb;
LC_TIME = nb;
};
};
# Configure keymaps
services.xserver.xkb = common.keymaps;
# Set your time zone.
time.timeZone = "Europe/Oslo";
}

23
hosts/thinkpad/modules/networking.nix Normal file
View File

@ -0,0 +1,23 @@
let
common = import ../common.nix;
in
{
networking = {
networkmanager.enable = true;
hostName = common.hostname;
# wireless.enable = true; # Enables wireless support via wpa_supplicant.
};
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
programs.ssh.enableAskPassword = false;
services.tailscale.enable = true;
}

12
hosts/thinkpad/modules/nix-helper.nix Normal file
View File

@ -0,0 +1,12 @@
# Nix-Helper: github.com/viperML/nh
{
programs.nh = {
enable = true;
flake = ../.;
clean = {
enable = true;
dates = "weekly";
extraArgs = "--keep-since 30d";
};
};
}

17
hosts/thinkpad/modules/qt.nix Normal file
View File

@ -0,0 +1,17 @@
{ pkgs, ... }:
{
environment = {
sessionVariables = {
QT_QPA_PLATFORMTHEME = "qt6ct";
QT_QPA_PLATFORM = "wayland"; # Enable Wayland for QT
};
systemPackages = with pkgs.kdePackages; [
qtwayland
qtsvg
qt6ct
];
};
qt.enable = true;
}

23
hosts/thinkpad/modules/sddm.nix Normal file
View File

@ -0,0 +1,23 @@
{ pkgs, ... }:
let
theme = import ../theme.nix;
flavor = theme.flavor;
in
{
environment.systemPackages = with pkgs; [
(catppuccin-sddm.override {
flavor = flavor;
font = theme.nerdFont;
fontSize = "9";
background = "${../wallpapers/catppuccin_high.png}";
loginBackground = true;
})
];
services.displayManager.sddm = {
enable = true;
theme = "catppuccin-${flavor}";
wayland.enable = true;
package = pkgs.kdePackages.sddm;
};
}

68
hosts/thinkpad/modules/security.nix Normal file
View File

@ -0,0 +1,68 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
gnupg
yubioath-flutter
];
programs.gnupg.agent.enable = true;
security = {
pam = {
services = {
gdm-fingerprint.text = ''
auth required pam_shells.so
auth requisite pam_nologin.so
auth requisite pam_faillock.so preauth
auth required ${pkgs.fprintd}/lib/security/pam_fprintd.so
auth optional pam_permit.so
auth required pam_env.so
auth [success=ok default=1] ${pkgs.gdm}/lib/security/pam_gdm.so
auth optional ${pkgs.gnome-keyring}/lib/security/pam_gnome_keyring.so
account include login
password required pam_deny.so
session include login
session optional ${pkgs.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start
'';
login = {
fprintAuth = false;
u2fAuth = false; # U2F and password
};
sudo.u2fAuth = true; # U2F or password
};
u2f = {
enable = true;
settings = {
cue = true; # Prompt: Please touch the device
interactive = false; # Prompt: Insert your U2F device, then press ENTER.
};
};
};
};
# Start the driver at boot
systemd.services.fprintd = {
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "simple";
};
# Install the driver
services.fprintd = {
enable = true;
tod.driver = pkgs.libfprint-2-tod1-goodix-550a; # Goodix 550a driver (from Lenovo)
};
# however for focaltech 2808:a658, use fprintd with overidden package (without tod)
# services.fprintd.package = pkgs.fprintd.override {
# libfprint = pkgs.libfprint-focaltech-2808-a658;
# };
services = {
pcscd.enable = true; # Required for Yubikey
udev.packages = with pkgs; [ yubikey-personalization ];
};
}

19
hosts/thinkpad/modules/shell.nix Normal file
View File

@ -0,0 +1,19 @@
# For Fish dotfiles, see: /home-manager/fish.nix
{ pkgs, ... }:
{
programs = {
bash = {
# Starts the OS using Bash, then starts fish if it's not running
interactiveShellInit = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
fish.enable = true;
};
}