diff --git a/home/linux/hyprland/default.nix b/home/linux/hyprland/default.nix index cc47788a..6869e1cd 100644 --- a/home/linux/hyprland/default.nix +++ b/home/linux/hyprland/default.nix @@ -1,4 +1,7 @@ { + lib, + pkgs, + hyprland, catppuccin-hyprland, ... }: { @@ -7,12 +10,35 @@ ./wayland-apps.nix ]; - # hyprland configs, based on https://github.com/notwidow/hyprland - xdg.configFile."hypr" = { - source = ./hypr-conf; - recursive = true; + # NOTE: + # (Required) NixOS Module: enables critical components needed to run Hyprland properly + # (Optional) Home-manager module: lets you declaratively configure Hyprland + wayland.windowManager.hyprland = { + enable = true; + package = hyprland.packages.${pkgs.system}.hyprland; + settings = lib.mkForce {}; + extraConfig = builtins.readFile ./hypr-conf/hyprland.conf; + # programs.grammastep need this to be enabled. + systemd.enable = true; }; + # hyprland configs, based on https://github.com/notwidow/hyprland + xdg.configFile."hypr/mako" = { + source = ./hypr-conf/mako; + recursive = true; + }; + xdg.configFile."hypr/scripts" = { + source = ./hypr-conf/scripts; + recursive = true; + }; + xdg.configFile."hypr/waybar" = { + source = ./hypr-conf/waybar; + recursive = true; + }; + xdg.configFile."hypr/wlogout" = { + source = ./hypr-conf/wlogout; + recursive = true; + }; xdg.configFile."hypr/themes" = { source = "${catppuccin-hyprland}/themes"; recursive = true; diff --git a/hosts/12kingdoms/suzu/default.nix b/hosts/12kingdoms/suzu/default.nix index 9dbb7059..01464f67 100644 --- a/hosts/12kingdoms/suzu/default.nix +++ b/hosts/12kingdoms/suzu/default.nix @@ -20,9 +20,7 @@ # import the rk3588 module, which contains the configuration for bootloader/kernel/firmware (nixos-rk3588 + "/modules/boards/orangepi5.nix") - # core-riscv64 only the core packages, it's suitable for aarch64 too. - ../../../modules/nixos/core-riscv64.nix - ../../../modules/nixos/user-group.nix + ../../../modules/nixos/server-riscv64.nix ]; users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys; diff --git a/hosts/idols/ai/default.nix b/hosts/idols/ai/default.nix index 21e91a88..debafccd 100644 --- a/hosts/idols/ai/default.nix +++ b/hosts/idols/ai/default.nix @@ -13,12 +13,6 @@ ./impermanence.nix ./secureboot.nix - # ../../../modules/nixos/fhs-fonts.nix - ../../../modules/nixos/libvirt.nix - ../../../modules/nixos/core-desktop.nix - ../../../modules/nixos/remote-building.nix - ../../../modules/nixos/user-group.nix - ../../../secrets/nixos.nix ]; @@ -60,8 +54,8 @@ # Optionally, you may need to select the appropriate driver version for your specific GPU. # package = config.boot.kernelPackages.nvidiaPackages.stable; - modesetting.enable = false; - + # required by most wayland compositors! + modesetting.enable = true; powerManagement.enable = true; }; virtualisation.docker.enableNvidia = true; # for nvidia-docker diff --git a/hosts/idols/ai/impermanence.nix b/hosts/idols/ai/impermanence.nix index 9a521c71..e69935fd 100644 --- a/hosts/idols/ai/impermanence.nix +++ b/hosts/idols/ai/impermanence.nix @@ -43,7 +43,7 @@ "/var/log" "/var/lib" - # created by modules/nixos/fhs-fonts.nix + # created by modules/nixos/misc/fhs-fonts.nix # for flatpak apps # "/usr/share/fonts" # "/usr/share/icons" diff --git a/hosts/idols/aquamarine/default.nix b/hosts/idols/aquamarine/default.nix index 7f72efbb..9a7bb7b4 100644 --- a/hosts/idols/aquamarine/default.nix +++ b/hosts/idols/aquamarine/default.nix @@ -8,8 +8,7 @@ imports = [ ../../../modules/nixos/proxmox-hardware-configuration.nix - ../../../modules/nixos/core-server.nix - ../../../modules/nixos/user-group.nix + ../../../modules/nixos/server.nix ]; nixpkgs.overlays = import ../../../overlays args; diff --git a/hosts/idols/kana/default.nix b/hosts/idols/kana/default.nix index 53e58db3..91d7745b 100644 --- a/hosts/idols/kana/default.nix +++ b/hosts/idols/kana/default.nix @@ -8,8 +8,7 @@ imports = [ ../../../modules/nixos/proxmox-hardware-configuration.nix - ../../../modules/nixos/core-server.nix - ../../../modules/nixos/user-group.nix + ../../../modules/nixos/server.nix ]; nixpkgs.overlays = import ../../../overlays args; diff --git a/hosts/idols/ruby/default.nix b/hosts/idols/ruby/default.nix index 64349d8b..5adb953b 100644 --- a/hosts/idols/ruby/default.nix +++ b/hosts/idols/ruby/default.nix @@ -8,8 +8,7 @@ imports = [ ../../../modules/nixos/proxmox-hardware-configuration.nix - ../../../modules/nixos/core-server.nix - ../../../modules/nixos/user-group.nix + ../../../modules/nixos/server.nix ]; nixpkgs.overlays = import ../../../overlays args; diff --git a/hosts/rolling_girls/chiaya/default.nix b/hosts/rolling_girls/chiaya/default.nix index ef9f2b81..251ea633 100644 --- a/hosts/rolling_girls/chiaya/default.nix +++ b/hosts/rolling_girls/chiaya/default.nix @@ -22,8 +22,7 @@ # TODO - ../../../modules/nixos/core-riscv64.nix - ../../../modules/nixos/user-group.nix + ../../../modules/nixos/server-riscv64.nix ]; users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys; diff --git a/hosts/rolling_girls/nozomi/default.nix b/hosts/rolling_girls/nozomi/default.nix index e9a1e801..05dc8afc 100644 --- a/hosts/rolling_girls/nozomi/default.nix +++ b/hosts/rolling_girls/nozomi/default.nix @@ -23,8 +23,7 @@ # import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card. (nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix") - ../../../modules/nixos/core-riscv64.nix - ../../../modules/nixos/user-group.nix + ../../../modules/nixos/server-riscv64.nix ]; users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys; diff --git a/hosts/rolling_girls/yukina/default.nix b/hosts/rolling_girls/yukina/default.nix index bea26624..40d8eaa7 100644 --- a/hosts/rolling_girls/yukina/default.nix +++ b/hosts/rolling_girls/yukina/default.nix @@ -23,8 +23,7 @@ # import the sd-image module, which contains the fileSystems & kernel parameters for booting from sd card. (nixos-licheepi4a + "/modules/sd-image/sd-image-lp4a.nix") - ../../../modules/nixos/core-riscv64.nix - ../../../modules/nixos/user-group.nix + ../../../modules/nixos/server-riscv64.nix ]; users.users.root.openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys; diff --git a/modules/common.nix b/modules/base.nix similarity index 100% rename from modules/common.nix rename to modules/base.nix diff --git a/modules/darwin/default.nix b/modules/darwin/default.nix index 65692d34..7579a16a 100644 --- a/modules/darwin/default.nix +++ b/modules/darwin/default.nix @@ -1,6 +1,6 @@ { imports = [ - ../common.nix + ../base.nix ./nix-core.nix ./apps.nix diff --git a/modules/nixos/base/i18n.nix b/modules/nixos/base/i18n.nix new file mode 100644 index 00000000..2fde6d61 --- /dev/null +++ b/modules/nixos/base/i18n.nix @@ -0,0 +1,19 @@ +{ + # Set your time zone. + time.timeZone = "Asia/Shanghai"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "zh_CN.UTF-8"; + LC_IDENTIFICATION = "zh_CN.UTF-8"; + LC_MEASUREMENT = "zh_CN.UTF-8"; + LC_MONETARY = "zh_CN.UTF-8"; + LC_NAME = "zh_CN.UTF-8"; + LC_NUMERIC = "zh_CN.UTF-8"; + LC_PAPER = "zh_CN.UTF-8"; + LC_TELEPHONE = "zh_CN.UTF-8"; + LC_TIME = "zh_CN.UTF-8"; + }; +} diff --git a/modules/nixos/core-server.nix b/modules/nixos/base/misc.nix similarity index 53% rename from modules/nixos/core-server.nix rename to modules/nixos/base/misc.nix index bab7a076..8b07d6ac 100644 --- a/modules/nixos/core-server.nix +++ b/modules/nixos/base/misc.nix @@ -9,9 +9,8 @@ # ################################################################################### - imports = [ - ../common.nix - ]; + # to install chrome, you need to enable unfree packages + nixpkgs.config.allowUnfree = true; # for nix server, we do not need to keep too much generations boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10; @@ -20,39 +19,6 @@ # https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store nix.settings.auto-optimise-store = true; - # Set your time zone. - time.timeZone = "Asia/Shanghai"; - - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; - - i18n.extraLocaleSettings = { - LC_ADDRESS = "zh_CN.UTF-8"; - LC_IDENTIFICATION = "zh_CN.UTF-8"; - LC_MEASUREMENT = "zh_CN.UTF-8"; - LC_MONETARY = "zh_CN.UTF-8"; - LC_NAME = "zh_CN.UTF-8"; - LC_NUMERIC = "zh_CN.UTF-8"; - LC_PAPER = "zh_CN.UTF-8"; - LC_TELEPHONE = "zh_CN.UTF-8"; - LC_TIME = "zh_CN.UTF-8"; - }; - - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - networking.firewall.enable = lib.mkDefault false; - - # Enable the OpenSSH daemon. - services.openssh = { - enable = true; - settings = { - X11Forwarding = true; - PermitRootLogin = "no"; # disable root login - PasswordAuthentication = false; # disable password login - }; - openFirewall = true; - }; # for power management services = { power-profiles-daemon = { @@ -64,6 +30,8 @@ # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ + parted + psmisc # killall/pstree/prtstat/fuser/... neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. wget curl @@ -89,17 +57,4 @@ # replace default editor with neovim environment.variables.EDITOR = "nvim"; - - virtualisation.docker = { - enable = true; - daemon.settings = { - # enables pulling using containerd, which supports restarting from a partial pull - # https://docs.docker.com/storage/containerd/ - "features" = {"containerd-snapshotter" = true; }; - }; - - # start dockerd on boot. - # This is required for containers which are created with the `--restart=always` flag to work. - enableOnBoot = true; - }; } diff --git a/modules/nixos/base/networking.nix b/modules/nixos/base/networking.nix new file mode 100644 index 00000000..361e7348 --- /dev/null +++ b/modules/nixos/base/networking.nix @@ -0,0 +1,17 @@ +{lib, ...}: { + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + networking.firewall.enable = lib.mkDefault false; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + settings = { + X11Forwarding = true; + PermitRootLogin = "no"; # disable root login + PasswordAuthentication = false; # disable password login + }; + openFirewall = true; + }; +} diff --git a/modules/nixos/remote-building.nix b/modules/nixos/base/remote-building.nix similarity index 100% rename from modules/nixos/remote-building.nix rename to modules/nixos/base/remote-building.nix diff --git a/modules/nixos/user-group.nix b/modules/nixos/base/user-group.nix similarity index 100% rename from modules/nixos/user-group.nix rename to modules/nixos/base/user-group.nix diff --git a/modules/nixos/base/visualisation.nix b/modules/nixos/base/visualisation.nix new file mode 100644 index 00000000..c8f74462 --- /dev/null +++ b/modules/nixos/base/visualisation.nix @@ -0,0 +1,25 @@ +{pkgs, ...}: { + ################################################################################### + # + # Visualisation - Libvirt(QEMU/KVM) / Docker / LXD / WayDroid + # + ################################################################################### + + virtualisation = { + docker = { + enable = true; + daemon.settings = { + # enables pulling using containerd, which supports restarting from a partial pull + # https://docs.docker.com/storage/containerd/ + "features" = {"containerd-snapshotter" = true;}; + }; + + # start dockerd on boot. + # This is required for containers which are created with the `--restart=always` flag to work. + enableOnBoot = true; + }; + + waydroid.enable = true; + lxd.enable = true; + }; +} diff --git a/modules/nixos/core-desktop.nix b/modules/nixos/core-desktop.nix deleted file mode 100644 index bf7fe184..00000000 --- a/modules/nixos/core-desktop.nix +++ /dev/null @@ -1,229 +0,0 @@ -{ - config, - lib, - pkgs, - pkgs-unstable, - ... -}: { - ################################################################################### - # - # NixOS's core configuration suitable for my desktop computer - # - ################################################################################### - - imports = [ - ./core-server.nix - ]; - - # to install chrome, you need to enable unfree packages - nixpkgs.config.allowUnfree = lib.mkForce true; - - # add user's shell into /etc/shells - environment.shells = with pkgs; [ - bash - nushell - ]; - # set user's default shell system-wide - users.defaultUserShell = pkgs.nushell; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - parted - ventoy - gnumake - - psmisc # killall/pstree/prtstat/fuser/... - colmena # nixos's remote deployment tool - pulseaudio # provides `pactl`, which is required by some apps(e.g. sonic-pi) - ]; - - programs = { - # android development tools, this will install adb/fastboot and other android tools and udev rules - # see https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/programs/adb.nix - adb.enable = true; - # The OpenSSH agent remembers private keys for you - # so that you don’t have to type in passphrases every time you make an SSH connection. - # Use `ssh-add` to add a key to the agent. - ssh.startAgent = true; - # dconf is a low-level configuration system. - dconf.enable = true; - }; - - # A key remapping daemon for linux. - # https://github.com/rvaiya/keyd - services.keyd = { - enable = true; - keyboards = { - default = { - settings = { - main = { - # overloads the capslock key to function as both escape (when tapped) and control (when held) - capslock = "overload(control, esc)"; - }; - }; - }; - }; - }; - - # PipeWire is a new low-level multimedia framework. - # It aims to offer capture and playback for both audio and video with minimal latency. - # It support for PulseAudio-, JACK-, ALSA- and GStreamer-based applications. - # PipeWire has a great bluetooth support, it can be a good alternative to PulseAudio. - # https://nixos.wiki/wiki/PipeWire - services.pipewire = { - enable = true; - # package = pkgs-unstable.pipewire; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - jack.enable = true; - wireplumber.enable = true; - }; - # rtkit is optional but recommended - security.rtkit.enable = true; - # Remove sound.enable or turn it off if you had it set previously, it seems to cause conflicts with pipewire - sound.enable = false; - # Disable pulseaudio, it conflicts with pipewire too. - hardware.pulseaudio.enable = false; - - # enable bluetooth & gui paring tools - blueman - # or you can use cli: - # $ bluetoothctl - # [bluetooth] # power on - # [bluetooth] # agent on - # [bluetooth] # default-agent - # [bluetooth] # scan on - # ...put device in pairing mode and wait [hex-address] to appear here... - # [bluetooth] # pair [hex-address] - # [bluetooth] # connect [hex-address] - # Bluetooth devices automatically connect with bluetoothctl as well: - # [bluetooth] # trust [hex-address] - hardware.bluetooth.enable = true; - services.blueman.enable = true; - - # security with polkit - services.power-profiles-daemon = { - enable = true; - }; - security.polkit.enable = true; - # security with gnome-kering - services.gnome.gnome-keyring.enable = true; - security.pam.services.greetd.enableGnomeKeyring = true; - - services = { - # Enable CUPS to print documents. - printing.enable = true; - - # https://flatpak.org/setup/NixOS - flatpak.enable = false; - - dbus.packages = [pkgs.gcr]; - geoclue2.enable = true; - - udev.packages = with pkgs; [ - gnome.gnome-settings-daemon - platformio # udev rules for platformio - openocd # required by paltformio, see https://github.com/NixOS/nixpkgs/issues/224895 - android-udev-rules - openfpgaloader - ]; - }; - - - xdg.portal = { - enable = true; - - config = { - common = { - # Use xdg-desktop-portal-gtk for every portal interface... - default = [ - "gtk" - ]; - # except for the secret portal, which is handled by gnome-keyring - "org.freedesktop.impl.portal.Secret" = [ - "gnome-keyring" - ]; - }; - }; - - # Sets environment variable NIXOS_XDG_OPEN_USE_PORTAL to 1 - # This will make xdg-open use the portal to open programs, - # which resolves bugs involving programs opening inside FHS envs or with unexpected env vars set from wrappers. - # xdg-open is used by almost all programs to open a unknown file/uri - # alacritty as an example, it use xdg-open as default, but you can also custom this behavior - # and vscode has open like `External Uri Openers` - xdgOpenUsePortal = false; - extraPortals = with pkgs; [ - xdg-desktop-portal-gtk # for gtk - # xdg-desktop-portal-kde # for kde - ]; - }; - - # all fonts are linked to /nix/var/nix/profiles/system/sw/share/X11/fonts - fonts = { - # use fonts specified by user rather than default ones - enableDefaultPackages = false; - fontDir.enable = true; - - packages = with pkgs; [ - # icon fonts - material-design-icons - font-awesome - - # Noto 系列字体是 Google 主导的,名字的含义是「没有豆腐」(no tofu),因为缺字时显示的方框或者方框被叫作 tofu - # Noto 系列字族名只支持英文,命名规则是 Noto + Sans 或 Serif + 文字名称。 - # 其中汉字部分叫 Noto Sans/Serif CJK SC/TC/HK/JP/KR,最后一个词是地区变种。 - noto-fonts # 大部分文字的常见样式,不包含汉字 - noto-fonts-cjk # 汉字部分 - noto-fonts-emoji # 彩色的表情符号字体 - noto-fonts-extra # 提供额外的字重和宽度变种 - - # 思源系列字体是 Adobe 主导的。其中汉字部分被称为「思源黑体」和「思源宋体」,是由 Adobe + Google 共同开发的 - source-sans # 无衬线字体,不含汉字。字族名叫 Source Sans 3 和 Source Sans Pro,以及带字重的变体,加上 Source Sans 3 VF - source-serif # 衬线字体,不含汉字。字族名叫 Source Code Pro,以及带字重的变体 - source-han-sans # 思源黑体 - source-han-serif # 思源宋体 - - # nerdfonts - (nerdfonts.override { - fonts = [ - "FiraCode" - "JetBrainsMono" - "Iosevka" - ]; - }) - - (pkgs.callPackage ../../fonts/icomoon-feather-icon-font.nix {}) - ]; - - # user defined fonts - # the reason there's Noto Color Emoji everywhere is to override DejaVu's - # B&W emojis that would sometimes show instead of some Color emojis - fontconfig.defaultFonts = { - serif = ["Noto Serif CJK SC" "Noto Serif CJK TC" "Noto Serif CJK JP" "Noto Color Emoji"]; - sansSerif = ["Noto Sans CJK SC" "Noto Sans CJK TC" "Noto Sans CJK JP" "Noto Color Emoji"]; - monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"]; - emoji = ["Noto Color Emoji"]; - }; - }; - - services.kmscon = { - # Use kmscon as the virtual console instead of gettys. - # kmscon is a kms/dri-based userspace virtual terminal implementation. - # It supports a richer feature set than the standard linux console VT, - # including full unicode support, and when the video card supports drm should be much faster. - enable = true; - fonts = [ { name = "Source Code Pro"; package = pkgs.source-code-pro; } ]; - extraOptions = "--term xterm-256color"; - extraConfig = "font-size=12"; - # Whether to use 3D hardware acceleration to render the console. - hwRender = true; - }; - - environment.variables = { - # fix https://github.com/NixOS/nixpkgs/issues/238025 - TZ = "${config.time.timeZone}"; - }; -} diff --git a/modules/nixos/desktop/default.nix b/modules/nixos/desktop/default.nix new file mode 100644 index 00000000..181ce28c --- /dev/null +++ b/modules/nixos/desktop/default.nix @@ -0,0 +1,10 @@ +{ + imports = [ + ./fonts.nix + ./graphic.nix + ./misc.nix + ./peripherals.nix + ./security.nix + ./visualisation.nix + ]; +} diff --git a/modules/nixos/desktop/fonts.nix b/modules/nixos/desktop/fonts.nix new file mode 100644 index 00000000..cbf2cbfe --- /dev/null +++ b/modules/nixos/desktop/fonts.nix @@ -0,0 +1,69 @@ +{pkgs, ...}: { + # all fonts are linked to /nix/var/nix/profiles/system/sw/share/X11/fonts + fonts = { + # use fonts specified by user rather than default ones + enableDefaultPackages = false; + fontDir.enable = true; + + packages = with pkgs; [ + # icon fonts + material-design-icons + font-awesome + + # Noto 系列字体是 Google 主导的,名字的含义是「没有豆腐」(no tofu),因为缺字时显示的方框或者方框被叫作 tofu + # Noto 系列字族名只支持英文,命名规则是 Noto + Sans 或 Serif + 文字名称。 + # 其中汉字部分叫 Noto Sans/Serif CJK SC/TC/HK/JP/KR,最后一个词是地区变种。 + noto-fonts # 大部分文字的常见样式,不包含汉字 + noto-fonts-cjk # 汉字部分 + noto-fonts-emoji # 彩色的表情符号字体 + noto-fonts-extra # 提供额外的字重和宽度变种 + + # 思源系列字体是 Adobe 主导的。其中汉字部分被称为「思源黑体」和「思源宋体」,是由 Adobe + Google 共同开发的 + source-sans # 无衬线字体,不含汉字。字族名叫 Source Sans 3 和 Source Sans Pro,以及带字重的变体,加上 Source Sans 3 VF + source-serif # 衬线字体,不含汉字。字族名叫 Source Code Pro,以及带字重的变体 + source-han-sans # 思源黑体 + source-han-serif # 思源宋体 + + # nerdfonts + (nerdfonts.override { + fonts = [ + "FiraCode" + "JetBrainsMono" + "Iosevka" + ]; + }) + + # added by my custom overlays, custom icon font for hyprland/i3's tray/bar + icomoon-feather-icon-font + ]; + + # user defined fonts + # the reason there's Noto Color Emoji everywhere is to override DejaVu's + # B&W emojis that would sometimes show instead of some Color emojis + fontconfig.defaultFonts = { + serif = ["Noto Serif CJK SC" "Noto Serif CJK TC" "Noto Serif CJK JP" "Noto Color Emoji"]; + sansSerif = ["Noto Sans CJK SC" "Noto Sans CJK TC" "Noto Sans CJK JP" "Noto Color Emoji"]; + monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"]; + emoji = ["Noto Color Emoji"]; + }; + }; + + # https://wiki.archlinux.org/title/KMSCON + services.kmscon = { + # Use kmscon as the virtual console instead of gettys. + # kmscon is a kms/dri-based userspace virtual terminal implementation. + # It supports a richer feature set than the standard linux console VT, + # including full unicode support, and when the video card supports drm should be much faster. + enable = true; + fonts = [ + { + name = "Source Code Pro"; + package = pkgs.source-code-pro; + } + ]; + extraOptions = "--term xterm-256color"; + extraConfig = "font-size=12"; + # Whether to use 3D hardware acceleration to render the console. + hwRender = true; + }; +} diff --git a/modules/nixos/desktop/graphic.nix b/modules/nixos/desktop/graphic.nix new file mode 100644 index 00000000..ef107c8a --- /dev/null +++ b/modules/nixos/desktop/graphic.nix @@ -0,0 +1,30 @@ +{pkgs, ...}: { + xdg.portal = { + enable = true; + + config = { + common = { + # Use xdg-desktop-portal-gtk for every portal interface... + default = [ + "gtk" + ]; + # except for the secret portal, which is handled by gnome-keyring + "org.freedesktop.impl.portal.Secret" = [ + "gnome-keyring" + ]; + }; + }; + + # Sets environment variable NIXOS_XDG_OPEN_USE_PORTAL to 1 + # This will make xdg-open use the portal to open programs, + # which resolves bugs involving programs opening inside FHS envs or with unexpected env vars set from wrappers. + # xdg-open is used by almost all programs to open a unknown file/uri + # alacritty as an example, it use xdg-open as default, but you can also custom this behavior + # and vscode has open like `External Uri Openers` + xdgOpenUsePortal = false; + extraPortals = with pkgs; [ + xdg-desktop-portal-gtk # for gtk + # xdg-desktop-portal-kde # for kde + ]; + }; +} diff --git a/modules/nixos/desktop/misc.nix b/modules/nixos/desktop/misc.nix new file mode 100644 index 00000000..3f7acda3 --- /dev/null +++ b/modules/nixos/desktop/misc.nix @@ -0,0 +1,51 @@ +{ + config, + lib, + pkgs, + ... +}: { + # add user's shell into /etc/shells + environment.shells = with pkgs; [ + bash + nushell + ]; + # set user's default shell system-wide + users.defaultUserShell = pkgs.nushell; + + environment.variables = { + # fix https://github.com/NixOS/nixpkgs/issues/238025 + TZ = "${config.time.timeZone}"; + }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + ventoy + gnumake + + colmena # nixos's remote deployment tool + ]; + + services = { + gvfs.enable = true; # Mount, trash, and other functionalities + tumbler.enable = true; # Thumbnail support for images + }; + + programs = { + # The OpenSSH agent remembers private keys for you + # so that you don’t have to type in passphrases every time you make an SSH connection. + # Use `ssh-add` to add a key to the agent. + ssh.startAgent = true; + # dconf is a low-level configuration system. + dconf.enable = true; + + # thunar file manager(part of xfce) related options + thunar = { + enable = true; + plugins = with pkgs.xfce; [ + thunar-archive-plugin + thunar-volman + ]; + }; + }; +} diff --git a/modules/nixos/desktop/peripherals.nix b/modules/nixos/desktop/peripherals.nix new file mode 100644 index 00000000..55326325 --- /dev/null +++ b/modules/nixos/desktop/peripherals.nix @@ -0,0 +1,75 @@ +{pkgs, ...}: { + #============================= Audio(PipeWire) ======================= + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + pulseaudio # provides `pactl`, which is required by some apps(e.g. sonic-pi) + ]; + + # PipeWire is a new low-level multimedia framework. + # It aims to offer capture and playback for both audio and video with minimal latency. + # It support for PulseAudio-, JACK-, ALSA- and GStreamer-based applications. + # PipeWire has a great bluetooth support, it can be a good alternative to PulseAudio. + # https://nixos.wiki/wiki/PipeWire + services.pipewire = { + enable = true; + # package = pkgs-unstable.pipewire; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + jack.enable = true; + wireplumber.enable = true; + }; + # rtkit is optional but recommended + security.rtkit.enable = true; + # Remove sound.enable or turn it off if you had it set previously, it seems to cause conflicts with pipewire + sound.enable = false; + # Disable pulseaudio, it conflicts with pipewire too. + hardware.pulseaudio.enable = false; + + #============================= Bluetooth ============================= + + # enable bluetooth & gui paring tools - blueman + # or you can use cli: + # $ bluetoothctl + # [bluetooth] # power on + # [bluetooth] # agent on + # [bluetooth] # default-agent + # [bluetooth] # scan on + # ...put device in pairing mode and wait [hex-address] to appear here... + # [bluetooth] # pair [hex-address] + # [bluetooth] # connect [hex-address] + # Bluetooth devices automatically connect with bluetoothctl as well: + # [bluetooth] # trust [hex-address] + hardware.bluetooth.enable = true; + services.blueman.enable = true; + + #================================= Misc ================================= + + services = { + printing.enable = true; # Enable CUPS to print documents. + geoclue2.enable = true; # Enable geolocation services. + + udev.packages = with pkgs; [ + gnome.gnome-settings-daemon + platformio # udev rules for platformio + openocd # required by paltformio, see https://github.com/NixOS/nixpkgs/issues/224895 + android-udev-rules # required by adb + openfpgaloader + ]; + + # A key remapping daemon for linux. + # https://github.com/rvaiya/keyd + keyd = { + enable = true; + keyboards.default.settings = { + main = { + # overloads the capslock key to function as both escape (when tapped) and control (when held) + capslock = "overload(control, esc)"; + }; + }; + }; + }; +} diff --git a/modules/nixos/desktop/security.nix b/modules/nixos/desktop/security.nix new file mode 100644 index 00000000..53e39104 --- /dev/null +++ b/modules/nixos/desktop/security.nix @@ -0,0 +1,10 @@ +{ + # security with polkit + services.power-profiles-daemon = { + enable = true; + }; + security.polkit.enable = true; + # security with gnome-kering + services.gnome.gnome-keyring.enable = true; + security.pam.services.greetd.enableGnomeKeyring = true; +} diff --git a/modules/nixos/libvirt.nix b/modules/nixos/desktop/visualisation.nix similarity index 90% rename from modules/nixos/libvirt.nix rename to modules/nixos/desktop/visualisation.nix index b2f9293d..33571394 100644 --- a/modules/nixos/libvirt.nix +++ b/modules/nixos/desktop/visualisation.nix @@ -1,14 +1,15 @@ -{ - lib, - pkgs, - ... -}: { +{pkgs, ...}: { ################################################################################### # - # Enable Libvirt(QEMU/KVM), install qemu-system-riscv64/qemu-system-loongarch64/...) + # Visualisation - Libvirt(QEMU/KVM) / Docker / LXD / WayDroid # ################################################################################### + boot.kernelModules = ["kvm-amd" "kvm-intel" "vfio-pci"]; + # Enable nested virsualization, required by security containers and nested vm. + boot.extraModprobeConfig = "options kvm_intel nested=1"; # for intel cpu + # boot.extraModprobeConfig = "options kvm_amd nested=1"; # for amd cpu + virtualisation = { libvirtd = { enable = true; @@ -16,8 +17,10 @@ # To fix these, manually change ownership of affected files in /var/lib/libvirt/qemu to qemu-libvirtd. qemu.runAsRoot = true; }; + waydroid.enable = true; + lxd.enable = true; }; - programs.dconf.enable = true; + environment.systemPackages = with pkgs; [ # Need to add [File (in the menu bar) -> Add connection] when start for the first time virt-manager @@ -37,14 +40,4 @@ # ...... qemu_full ]; - - boot.kernelModules = ["kvm-amd" "kvm-intel" "vfio-pci"]; - # Enable nested virsualization, required by security containers and nested vm. - boot.extraModprobeConfig = "options kvm_intel nested=1"; # for intel cpu - # boot.extraModprobeConfig = "options kvm_amd nested=1"; # for amd cpu - - virtualisation = { - waydroid.enable = true; - lxd.enable = true; - }; } diff --git a/modules/nixos/hyprland.nix b/modules/nixos/hyprland.nix index 69e33acc..6e34a777 100644 --- a/modules/nixos/hyprland.nix +++ b/modules/nixos/hyprland.nix @@ -1,4 +1,4 @@ -{pkgs, hyprland, ...}: { +{pkgs, ...}: { ########################################################################################################## # # NixOS's Configuration for Wayland based Window Manager @@ -7,6 +7,18 @@ # ########################################################################################################## + imports = [ + ./base/i18n.nix + ./base/misc.nix + ./base/networking.nix + ./base/remote-building.nix + ./base/user-group.nix + ./base/visualisation.nix + + ./desktop + ../base.nix + ]; + xdg.portal = { enable = true; wlr.enable = true; @@ -15,48 +27,21 @@ ]; }; - environment.pathsToLink = ["/libexec"]; # links /libexec from derivations to /run/current-system/sw services = { - gvfs.enable = true; # Mount, trash, and other functionalities - tumbler.enable = true; # Thumbnail support for images - xserver = { + xserver.enable = false; + # https://wiki.archlinux.org/title/Greetd + greetd = { enable = true; - - desktopManager = { - xterm.enable = false; - }; - - displayManager = { - defaultSession = "hyprland"; - lightdm.enable = false; - gdm = { - enable = true; - wayland = true; + settings = { + default_session = { + user = "ryan"; # Hyprland is installed only for user ryan via home-manager! + command = "Hyprland"; # start Hyprland directly without a login manager + # command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd Hyprland"; # start Hyprland with a TUI login manager }; }; }; }; - programs = { - hyprland = { - enable = true; - package = hyprland.packages.${pkgs.system}.hyprland.override { - enableXWayland = true; # whether to enable XWayland - legacyRenderer = false; # whether to use the legacy renderer (for old GPUs) - withSystemd = true; # whether to build with systemd support - }; - }; - - # thunar file manager(part of xfce) related options - thunar = { - enable = true; - plugins = with pkgs.xfce; [ - thunar-archive-plugin - thunar-volman - ]; - }; - }; - # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ diff --git a/modules/nixos/i3.nix b/modules/nixos/i3.nix index c019e6cc..865f7c9b 100644 --- a/modules/nixos/i3.nix +++ b/modules/nixos/i3.nix @@ -5,31 +5,25 @@ # #################################################################### - programs = { - # thunar file manager(part of xfce) related options - thunar = { - enable = true; - plugins = with pkgs.xfce; [ - thunar-archive-plugin - thunar-volman - ]; - }; - }; + imports = [ + ./base/i18n.nix + ./base/misc.nix + ./base/networking.nix + ./base/remote-building.nix + ./base/user-group.nix + ./base/visualisation.nix + + ./desktop + ../base.nix + ]; # i3 related options services = { gvfs.enable = true; # Mount, trash, and other functionalities tumbler.enable = true; # Thumbnail support for images + xserver = { enable = true; - - # Configure keymap in X11 - xkb.layout = "us"; - - desktopManager = { - xterm.enable = false; - }; - displayManager = { lightdm.enable = true; autoLogin = { @@ -38,6 +32,8 @@ }; defaultSession = "none+i3"; }; + # Configure keymap in X11 + xkb.layout = "us"; windowManager.i3 = { enable = true; diff --git a/modules/nixos/fhs-fonts.nix b/modules/nixos/misc/fhs-fonts.nix similarity index 100% rename from modules/nixos/fhs-fonts.nix rename to modules/nixos/misc/fhs-fonts.nix diff --git a/modules/nixos/core-riscv64.nix b/modules/nixos/server-riscv64.nix similarity index 98% rename from modules/nixos/core-riscv64.nix rename to modules/nixos/server-riscv64.nix index 73323156..4614218d 100644 --- a/modules/nixos/core-riscv64.nix +++ b/modules/nixos/server-riscv64.nix @@ -1,4 +1,4 @@ -{config, pkgs, nixpkgs, ...}: { +{pkgs, ...}: { # ========================================================================= # Base NixOS Configuration diff --git a/modules/nixos/server.nix b/modules/nixos/server.nix new file mode 100644 index 00000000..66a295c9 --- /dev/null +++ b/modules/nixos/server.nix @@ -0,0 +1,13 @@ +{ + imports = [ + ./base/i18n.nix + ./base/misc.nix + ./base/networking.nix + ./base/peripherals.nix + ./base/remote-building.nix + ./base/user-group.nix + ./base/visualisation.nix + + ../base.nix + ]; +} diff --git a/overlays/fonts/default.nix b/overlays/fonts/default.nix new file mode 100644 index 00000000..99770062 --- /dev/null +++ b/overlays/fonts/default.nix @@ -0,0 +1,3 @@ +{...}: (self: super: { + icomoon-feather-icon-font = super.callPackage ./icomoon-feather-icon-font.nix {}; +}) diff --git a/fonts/icomoon-feather-icon-font.nix b/overlays/fonts/icomoon-feather-icon-font.nix similarity index 97% rename from fonts/icomoon-feather-icon-font.nix rename to overlays/fonts/icomoon-feather-icon-font.nix index 9ea202ac..5d6b8be5 100644 --- a/fonts/icomoon-feather-icon-font.nix +++ b/overlays/fonts/icomoon-feather-icon-font.nix @@ -4,7 +4,7 @@ fetchgit, }: stdenvNoCC.mkDerivation rec { - pname = "icomoon-feather-font"; + pname = "icomoon-feather-icon-font"; version = "2023-05-06"; # 参考 https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=ttf-icomoon-feather