tux/nix-config
1
0
Fork 0
mirror of https://github.com/tuxdotrs/nix-config.git synced 2026-06-20 19:26:32 +05:30
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: tux:7c2869f47bd8f45acfafc4da55034958ae39659c
Branches Tags
tux:main tux:dev tux:old
tux:25.11.2025
...
compare: tux:841f2ca4fb26b6e32afe3b19a2218dea9fdcf13a
Branches Tags
tux:dev tux:main tux:old
tux:25.11.2025

5 Commits
7c2869f47b ... 841f2ca4fb

Author SHA1 Message Date
tux
841f2ca4fb feat(virtualisation): setup modules 2026-05-07 18:25:59 +05:30
tux
351d3b44f6 feat: setup zed editor 2026-05-07 17:58:48 +05:30
tux
1824de4b0a feat: setup nixcord 2026-05-07 17:55:49 +05:30
tux
594c1d07e7 feat: setup sops-nix 2026-05-07 17:16:30 +05:30
tux
3115bd6d0e feat(mango): disable variable refresh rate 2026-05-07 06:36:22 +05:30
13 changed files with 362 additions and 17 deletions
Expand all files Collapse all files

13
.sops.yaml Normal file
View File

@@ -0,0 +1,13 @@
keys:
- &users
- &tux age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
- &hosts
- &sirius age18hepvvp3nw9ram6usxc8rvpxed2pye0knqx0zutqgxeu35k745vqyxfphz
creation_rules:
- path_regex: hosts/sirius/secrets.yaml$
key_groups:
- age:
- *tux
- *sirius

113
flake.lock generated
View File

@@ -186,6 +186,20 @@
}
},
"flake-compat_4": {
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"revCount": 69,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.1.0/01948eb7-9cba-704f-bbf3-3fa956735b52/source.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
}
},
"flake-compat_5": {
"flake": false,
"locked": {
"lastModified": 1767039857,
@@ -239,6 +253,24 @@
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_2"
},
"locked": {
"lastModified": 1777678872,
"narHash": "sha256-EPIFsulyon7Z1vLQq5Fk64GR8L7cQsT+IPhcsukVbgk=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "5250617bffd85403b14dbf43c3870e7f255d2c16",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_4"
@@ -765,6 +797,27 @@
"type": "github"
}
},
"nixcord": {
"inputs": {
"flake-compat": "flake-compat_4",
"flake-parts": "flake-parts_3",
"nixpkgs": "nixpkgs_6",
"nixpkgs-nixcord": "nixpkgs-nixcord"
},
"locked": {
"lastModified": 1778145028,
"narHash": "sha256-tJHyzazrh9cnL72lPiDCnLDOOP95vDb37PprmgiqHtw=",
"owner": "kaylorben",
"repo": "nixcord",
"rev": "b53c871a9c3d4d450ffbcac71d54f3e0ca1bbafc",
"type": "github"
},
"original": {
"owner": "kaylorben",
"repo": "nixcord",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1777796046,
@@ -812,6 +865,37 @@
"type": "github"
}
},
"nixpkgs-lib_2": {
"locked": {
"lastModified": 1777168982,
"narHash": "sha256-GOkGPcboWE9BmGCRMLX3worL4EMnsnG8MyKmXNeYuhQ=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "f5901329dade4a6ea039af1433fb087bd9c1fe14",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-nixcord": {
"locked": {
"lastModified": 1777428379,
"narHash": "sha256-ypxFOeDz+CqADEQNL72haqGjvZQdBR5Vc7pyx2JDttI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "755f5aa91337890c432639c60b6064bb7fe67769",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1777805331,
@@ -893,6 +977,22 @@
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1777428379,
"narHash": "sha256-ypxFOeDz+CqADEQNL72haqGjvZQdBR5Vc7pyx2JDttI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "755f5aa91337890c432639c60b6064bb7fe67769",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1777578337,
"narHash": "sha256-Ad49moKWeXtKBJNy2ebiTQUEgdLyvGmTeykAQ9xM+Z4=",
@@ -908,7 +1008,7 @@
"type": "github"
}
},
"nixpkgs_7": {
"nixpkgs_8": {
"locked": {
"lastModified": 1777918403,
"narHash": "sha256-7QiZv0LcW1yIOLo2LNuCQjWon1Z1r99FwK24hbtBOF4=",
@@ -924,7 +1024,7 @@
"type": "github"
}
},
"nixpkgs_8": {
"nixpkgs_9": {
"locked": {
"lastModified": 1770107345,
"narHash": "sha256-tbS0Ebx2PiA1FRW8mt8oejR0qMXmziJmPaU1d4kYY9g=",
@@ -975,8 +1075,9 @@
"import-tree": "import-tree",
"lan-mouse": "lan-mouse",
"mango": "mango",
"nixcord": "nixcord",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_6",
"nixpkgs": "nixpkgs_7",
"nixpkgs-stable": "nixpkgs-stable",
"sops-nix": "sops-nix",
"tnvim": "tnvim",
@@ -1072,7 +1173,7 @@
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_7"
"nixpkgs": "nixpkgs_8"
},
"locked": {
"lastModified": 1777944972,
@@ -1191,7 +1292,7 @@
},
"treefmt-nix": {
"inputs": {
"nixpkgs": "nixpkgs_8"
"nixpkgs": "nixpkgs_9"
},
"locked": {
"lastModified": 1775636079,
@@ -1252,7 +1353,7 @@
},
"vicinae-extensions": {
"inputs": {
"flake-compat": "flake-compat_4",
"flake-compat": "flake-compat_5",
"nixpkgs": [
"nixpkgs"
],

1
flake.nix
View File

@@ -55,5 +55,6 @@
lan-mouse.url = "github:feschber/lan-mouse";
hyprland.url = "github:hyprwm/Hyprland";
awww.url = "git+https://codeberg.org/LGFae/awww";
nixcord.url = "github:kaylorben/nixcord";
};
}

45
modules/hm/desktop/discord.nix Normal file
View File

@@ -0,0 +1,45 @@
{
flake.modules.homeManager.desktop =
{ inputs, userName, ... }:
{
imports = [
inputs.nixcord.homeModules.nixcord
];
programs.nixcord = {
enable = true;
user = userName;
discord.enable = false;
vesktop.enable = true;
config = {
themeLinks = [
"https://raw.githubusercontent.com/refact0r/system24/refs/heads/main/archive/flavors/spotify-text.theme.css"
];
frameless = true;
plugins = {
hideMedia.enable = true;
ignoreActivities = {
enable = true;
ignorePlaying = true;
ignoreWatching = true;
};
};
};
dorion = {
theme = "dark";
zoom = "1.1";
blur = "acrylic";
sysTray = true;
openOnStartup = true;
autoClearCache = true;
disableHardwareAccel = false;
rpcServer = true;
rpcProcessScanner = true;
pushToTalk = true;
pushToTalkKeys = [ "RControl" ];
desktopNotifications = true;
unreadBadge = true;
};
};
};
}

6
modules/hm/desktop/mango.nix
View File

@@ -12,9 +12,9 @@
settings = {
# Monitors
monitorrule = [
"name:DP-2, width:1440, height:2560, refresh:144, x:0, y:0, vrr:1, rr:1"
"name:DP-3, width:2560, height:1440, refresh:144, x:1440, y:0, vrr:1"
"name:DP-1, width:1080, height:1920, refresh:144, x:4000, y:0, vrr:1, rr:3"
"name:DP-2, width:1440, height:2560, refresh:144, x:0, y:0, vrr:0, rr:1"
"name:DP-3, width:2560, height:1440, refresh:144, x:1440, y:0, vrr:0"
"name:DP-1, width:1080, height:1920, refresh:144, x:4000, y:0, vrr:0, rr:3"
];
# Keyboard

35
modules/hm/desktop/zed.nix Normal file
View File

@@ -0,0 +1,35 @@
{
flake.modules.homeManager.desktop = {
programs.zed-editor = {
enable = true;
extensions = [
"lua"
"nix"
"C#"
"solidity"
];
userKeymaps = [
{
context = "Workspace";
bindings = {
F7 = "workspace::NewTerminal";
};
}
];
userSettings = {
ui_font_size = 18;
buffer_font_size = 18;
theme = {
mode = "dark";
light = "Ayu Light";
dark = "Ayu Dark";
};
vim_mode = true;
telemetry = {
diagnostics = false;
metrics = false;
};
};
};
};
}

23
modules/hosts/sirius/config.nix
View File

@@ -11,9 +11,24 @@
imports = with config.flake.modules.nixos; [
networking
desktop
virtualisation
];
tnix.services.openssh.enable = true;
tnix = {
services.openssh.enable = true;
virtualisation = {
docker.enable = true;
docker.nvidia.enable = true;
qemu.enable = true;
waydroid.enable = true;
};
};
sops.secrets.tux-password = {
sopsFile = ./secrets.yaml;
neededForUsers = true;
};
# --- Boot ---
boot = {
@@ -67,12 +82,6 @@
# --- Programs ---
programs.firefox.enable = true;
# --- Packages ---
environment.systemPackages = with pkgs; [
discord
zed-editor
];
# !!! DO NOT CHANGE THIS !!!
# This should match the version used at initial install.
system.stateVersion = "26.05";

25
modules/hosts/sirius/secrets.yaml Normal file
View File

@@ -0,0 +1,25 @@
tux-password: ENC[AES256_GCM,data:EJFFMc0W1YvCLINg4kETlUbqMYSfRTsiRuoB5MybaVwl7bbBXyPFo/MspFFMXpAqSPrzRAPaM8Lxk9ndbjt7gZpSu1dPThq36Q==,iv:zn3UUMOcW09u6KTz87tDr1wfmsLMKIRBDpLfQhg0p14=,tag:AOs7NASXeo98mNKqsYP3Ww==,type:str]
sops:
age:
- recipient: age14vktfes95f33vuefwnmuvryas7az04u76dsgyhfvsx73czkvmp2q7njkl4
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyblpIWjNqeVBXWnFlSGxw
WXhPYlFDNVV2QktKQ2dKdEgxY0dnR2JuRUdRCk5ZNTc0RGpZOG5SRCtRQ0JsdkZt
ZEZQSWswa1FTRU04Ky9vWDdOTWdZRncKLS0tIFg2SkJFK1JDVk5Uc2VJTzYyWk1h
cFpmZ0h5SGJtd2JJR05CMkJISnBtbmcKLGKreXlu3YU6KsV8lTVnPYyn33BL2D0z
tMpXdTw0hVilpmpZXjwnvV/3OvN6WybXydxaPOjKODBWIKpVxRthBQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age18hepvvp3nw9ram6usxc8rvpxed2pye0knqx0zutqgxeu35k745vqyxfphz
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWTWQ0OHhnN1p3dTBLeGxp
N05yOUVicnYxU3NETlRQUVgrcWJlMEl3blhZCkl0OGhCN25KTEJaWGNpOVRJUDRX
bENKSDN3Z1Fab3lLLzVNMXlrSm5ZVTgKLS0tIHlycjZJUllsb0xvczFKMVFKaldD
UGpKTHZTT2JZU0xaTHhhRjk2bEhaU1EKutUEk+TMTATHEoM9+MOdkUnIoBMeeDfu
+GGKvInVKkAOtujBtSMj+xM8AEcfaHAFtwTgP/HEk3Hu6v7gp14oew==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-05-07T02:30:17Z"
mac: ENC[AES256_GCM,data:tF/Nr1iTuV52xQNxgil6I0TMwCiJ1oyz2OLgb2DVWVjTMfKT0wlOMK/Rm62bTjRvXFZnGtmS0YoVLkIjFzJ3hjt+626P69e7rdRkwpSz0rbZX9Tb+jxvGKfSwqiGocPA/rlMXTy/vPIM9/gg4b8rhjMnTiNH9bkODcKwF5LIjc0=,iv:uWiQrav4scz2iz3ZmuXfgMdg+228wNNmZ/LDtU11D/o=,tag:rhHrbu1a3Ph7pnqLsfm6nQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.12.2

25
modules/nixos/core/sops.nix Normal file
View File

@@ -0,0 +1,25 @@
{ inputs, ... }:
{
flake.modules.nixos.core =
{
config,
pkgs,
...
}:
let
isEd25519 = k: k.type == "ed25519";
getKeyPath = k: k.path;
keys = builtins.filter isEd25519 config.services.openssh.hostKeys;
in
{
imports = [ inputs.sops-nix.nixosModules.sops ];
sops.age = {
sshKeyPaths = map getKeyPath keys;
keyFile = "/var/lib/sops-nix/key.txt";
generateKey = true;
};
environment.systemPackages = with pkgs; [ sops ];
};
}

3
modules/nixos/core/users.nix
View File

@@ -3,6 +3,7 @@
{
pkgs,
lib,
config,
userName,
userEmail,
...
@@ -30,7 +31,7 @@
mutableUsers = false;
defaultUserShell = pkgs.zsh;
users.${userName} = {
initialPassword = userName;
hashedPasswordFile = config.sops.secrets.tux-password.path;
isNormalUser = true;
extraGroups = [
"networkmanager"

32
modules/nixos/virtualisation/docker.nix Normal file
View File

@@ -0,0 +1,32 @@
{
flake.modules.nixos.virtualisation =
{
config,
lib,
pkgs,
userName,
...
}:
let
cfg = config.tnix.virtualisation;
in
{
options.tnix.virtualisation.docker = {
enable = lib.mkEnableOption "Docker container runtime";
nvidia = {
enable = lib.mkEnableOption "NVIDIA Container Toolkit for Docker";
};
};
config = lib.mkIf cfg.docker.enable {
virtualisation = {
oci-containers.backend = "docker";
docker.enable = true;
};
hardware.nvidia-container-toolkit.enable = lib.mkIf cfg.docker.nvidia.enable true;
environment.systemPackages = with pkgs; [ lazydocker ];
users.users.${userName}.extraGroups = [ "docker" ];
};
};
}

38
modules/nixos/virtualisation/qemu.nix Normal file
View File

@@ -0,0 +1,38 @@
{
flake.modules.nixos.virtualisation =
{
config,
lib,
pkgs,
userName,
...
}:
let
cfg = config.tnix.virtualisation;
in
{
options.tnix.virtualisation.qemu = {
enable = lib.mkEnableOption "QEMU/KVM virtualization with libvirtd";
};
config = lib.mkIf cfg.qemu.enable {
virtualisation = {
libvirtd = {
enable = true;
qemu = {
swtpm.enable = true;
};
};
spiceUSBRedirection.enable = true;
};
users.users.${userName}.extraGroups = [ "libvirtd" ];
environment.systemPackages = with pkgs; [
virt-manager
virt-viewer
];
};
};
}

20
modules/nixos/virtualisation/waydroid.nix Normal file
View File

@@ -0,0 +1,20 @@
{
flake.modules.nixos.virtualisation =
{
config,
lib,
...
}:
let
cfg = config.tnix.virtualisation;
in
{
options.tnix.virtualisation.waydroid = {
enable = lib.mkEnableOption "Waydroid Android container";
};
config = lib.mkIf cfg.waydroid.enable {
virtualisation.waydroid.enable = true;
};
};
}