From b9824d3aa742ccdbce836ab7bebbbcb84d21deb7 Mon Sep 17 00:00:00 2001 From: Charlie Root Date: Wed, 24 Jul 2024 17:47:16 +0200 Subject: [PATCH] wpaperd initial config --- hosts/vali/temperance/configuration.nix | 6 +- hosts/vali/temperance/programs.nix | 18 +- modules/cli/nh.nix | 2 +- modules/default.nix | 2 +- .../editors/nvf/plugins/settings/gestures.nix | 4 +- modules/gui/foot.nix | 4 +- modules/options/usrEnv/services/default.nix | 1 + modules/services/wpaperd.nix | 22 ++ modules/system/nix/documentation.nix | 40 ++-- modules/system/nix/module.nix | 202 +++++++++--------- modules/system/nix/nixpkgs.nix | 73 +++---- modules/wms/wayland/hypr/land.nix | 10 +- options/common/gpu/nvidia.nix | 10 +- options/common/networking.nix | 3 + 14 files changed, 205 insertions(+), 192 deletions(-) create mode 100644 modules/services/wpaperd.nix diff --git a/hosts/vali/temperance/configuration.nix b/hosts/vali/temperance/configuration.nix index 9f19ef3..17ada0d 100644 --- a/hosts/vali/temperance/configuration.nix +++ b/hosts/vali/temperance/configuration.nix @@ -17,17 +17,14 @@ "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" ]; # enable flakes - experimental-features = ["nix-command" "flakes"]; # reduce file size used & automatic garbage collector - auto-optimise-store = true; - max-jobs = 3; - cores = 4; }; }; security.sudo.package = pkgs.sudo.override {withInsults = true;}; security.polkit.enable = true; programs.kdeconnect.enable = true; programs.dconf.enable = true; + virtualisation.docker.enable = true; boot.kernelPackages = pkgs.linuxPackages_xanmod_latest; modules = { system = { @@ -63,6 +60,7 @@ }; services = { locate.enable = true; + wpaperd.enable = true; media.mpd = { enable = true; musicDirectory = "/home/${config.modules.other.system.username}/Nextcloud/Media/Music"; diff --git a/hosts/vali/temperance/programs.nix b/hosts/vali/temperance/programs.nix index 312e165..9c66832 100644 --- a/hosts/vali/temperance/programs.nix +++ b/hosts/vali/temperance/programs.nix @@ -6,17 +6,12 @@ nixpkgs-wayland = inputs'.nixpkgs-wayland.packages; in { environment.systemPackages = with pkgs; [ - abaddon alsa-utils asciinema - bibata-cursors blanket - broot - browsh - cachix - calc calibre cbonsai + coreutils cmake cmus difftastic @@ -69,6 +64,7 @@ in { nitch nixpkgs-wayland.swww nmap + nodejs_20 notesnook obsidian onlyoffice-bin @@ -89,26 +85,18 @@ in { shotwell signal-desktop-beta smartmontools - strawberry teamspeak_client telegram-desktop - texliveFull tldr thunderbird tor-browser trash-cli tree ttyper - typst - # typstfmt does not work either - typstyle - typst-lsp unzip util-linux v4l-utils - ventoy-full vlc - vscodium wget wine winetricks @@ -116,9 +104,7 @@ in { wl-clipboard xdg-utils xournalpp - yt-dlp zapzap zip - zoxide ]; } diff --git a/modules/cli/nh.nix b/modules/cli/nh.nix index c82d11e..fa007c1 100644 --- a/modules/cli/nh.nix +++ b/modules/cli/nh.nix @@ -11,7 +11,7 @@ in { config = mkIf cfg.enable { programs.nh = { enable = true; - clean.enable = true; + clean.enable = false; clean.extraArgs = "--keep-since 4d --keep 3"; flake = "/home/vali/projects/nichts"; }; diff --git a/modules/default.nix b/modules/default.nix index 9fc5882..a2550a8 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -10,6 +10,6 @@ _: { ./runners ./styling ./options - #./system/nix/module.nix + ./system/nix/module.nix ]; } diff --git a/modules/editors/nvf/plugins/settings/gestures.nix b/modules/editors/nvf/plugins/settings/gestures.nix index eb18667..4b030dc 100644 --- a/modules/editors/nvf/plugins/settings/gestures.nix +++ b/modules/editors/nvf/plugins/settings/gestures.nix @@ -1,6 +1,4 @@ -{config, ...}: let - inherit (config.modules.other.system) username; -in { +_: { programs.neovim-flake.settings.vim = { gestures.gesture-nvim.enable = false; }; diff --git a/modules/gui/foot.nix b/modules/gui/foot.nix index 72b3ba4..981275a 100644 --- a/modules/gui/foot.nix +++ b/modules/gui/foot.nix @@ -62,8 +62,8 @@ in { abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.,~:;/?#@!$&%*+="'()[]''; }; cursor = { - style = "block"; - blink = "false"; + style = "beam"; + blink = "true"; }; mouse = { hide-when-typing = "yes"; diff --git a/modules/options/usrEnv/services/default.nix b/modules/options/usrEnv/services/default.nix index 1c4d44b..fe8cb70 100644 --- a/modules/options/usrEnv/services/default.nix +++ b/modules/options/usrEnv/services/default.nix @@ -4,6 +4,7 @@ in { options.modules.usrEnv.services = { locate.enable = mkEnableOption "Locate service"; + wpaperd.enable = mkEnableOption "Wpaperd wallpaper daemon"; media = { mpd = { enable = mkEnableOption "mpd service"; diff --git a/modules/services/wpaperd.nix b/modules/services/wpaperd.nix new file mode 100644 index 0000000..95034ea --- /dev/null +++ b/modules/services/wpaperd.nix @@ -0,0 +1,22 @@ +{ + lib, + pkgs, + config, +}: let + inherit (config.modules.other.system) username; + cfg = config.modules.usrEnv.services.wpaperd; + inherit (lib) mkIf; +in { + config = mkIf cfg.enable { + home-manager.users.${username} = { + programs.wpaperd = { + enable = true; + package = pkgs.wpaperd; + settings.any = { + mode = "center"; + path = "/home/vali/projects/nichts/assets/wallpapers/river.png"; + }; + }; + }; + }; +} diff --git a/modules/system/nix/documentation.nix b/modules/system/nix/documentation.nix index 025e71e..86bf019 100644 --- a/modules/system/nix/documentation.nix +++ b/modules/system/nix/documentation.nix @@ -4,25 +4,25 @@ # whether to enable the `doc` output of packages # generally in ${pkg}/share/ as plaintext or html # # can shave off a few megabytes - # doc.enable = false; - # - # # whether to install the `info` command and the `info` - # # output of packages - # info.enable = false; - # - # man = { - # # Whether to install manual pages - # # this means packages that provide a `man` output will have said output - # # included in the final closure - # enable = true; - # - # # Whether to generate the manual page index caches - # # if true, it becomes possible to search for a page or keyword - # # using utilities like apropos(1) and the -k option of man(1). - # generateCaches = true; - # - # # Whether to enable mandoc as the default man page viewer. - # mandoc.enable = false; # my default manpage viewer is Neovim, so this isn't necessary - # }; + doc.enable = false; + + # whether to install the `info` command and the `info` + # output of packages + info.enable = false; + + man = { + # Whether to install manual pages + # this means packages that provide a `man` output will have said output + # included in the final closure + enable = true; + + # Whether to generate the manual page index caches + # if true, it becomes possible to search for a page or keyword + # using utilities like apropos(1) and the -k option of man(1). + generateCaches = true; + + # Whether to enable mandoc as the default man page viewer. + mandoc.enable = false; # my default manpage viewer is Neovim, so this isn't necessary + }; }; } diff --git a/modules/system/nix/module.nix b/modules/system/nix/module.nix index ae677a0..854af6b 100644 --- a/modules/system/nix/module.nix +++ b/modules/system/nix/module.nix @@ -1,79 +1,79 @@ {pkgs, ...}: { imports = [ ./documentation.nix # nixos documentation - ./nixpkgs.nix # global nixpkgs configuration.nix + # ./nixpkgs.nix # global nixpkgs configuration.nix ]; nix = { # Lix, Nix but gay! - # package = pkgs.lix; - # - # # Run the Nix daemon on lowest possible priority so that my system - # # stays responsive during demanding tasks such as GC and builds. - # # This is especially useful while auto-gc and auto-upgrade are enabled - # # as they can be quite demanding on the CPU. - # daemonCPUSchedPolicy = "idle"; - # daemonIOSchedClass = "idle"; - # daemonIOSchedPriority = 7; - # - # # Collect garbage - # gc = { - # automatic = true; - # dates = "20:00"; - # options = "--delete-older-than 7d"; - # persistent = false; # don't try to catch up on missed GC runs - # }; - # - # # Automatically optimize nix store by removing hard links - # # do it after the gc. - # optimise = { - # automatic = true; - # dates = ["21:00"]; - # }; - # + package = pkgs.lix; + + # Run the Nix daemon on lowest possible priority so that my system + # stays responsive during demanding tasks such as GC and builds. + # This is especially useful while auto-gc and auto-upgrade are enabled + # as they can be quite demanding on the CPU. + daemonCPUSchedPolicy = "idle"; + daemonIOSchedClass = "idle"; + daemonIOSchedPriority = 7; + + # Collect garbage + gc = { + automatic = true; + dates = "20:00"; + options = "--delete-older-than 7d"; + persistent = false; # don't try to catch up on missed GC runs + }; + + # Automatically optimize nix store by removing hard links + # do it after the gc. + optimise = { + automatic = true; + dates = ["21:00"]; + }; + settings = { # Tell nix to use the xdg spec for base directories # while transitioning, any state must be carried over # manually, as Nix won't do it for us. - # use-xdg-base-directories = true; - # - # # Automatically optimise symlinks - # auto-optimise-store = true; - # - # # Allow sudo users to mark the following values as trusted - # allowed-users = ["root" "@wheel" "nix-builder"]; - # - # # Only allow sudo users to manage the nix store - # trusted-users = ["root" "@wheel" "nix-builder"]; - # - # # Let the system decide the number of max jobs - # # based on available system specs. Usually this is - # # the same as the number of cores your CPU has. - # max-jobs = "auto"; - # - # # Always build inside sandboxed environments - # sandbox = true; - # sandbox-fallback = false; - # - # # Continue building derivations even if one fails - # keep-going = true; - # - # # Fallback to local builds after remote builders are unavailable. - # # Setting this too low on a slow network may cause remote builders - # # to be discarded before a connection can be established. - # connect-timeout = 5; - # - # # If we haven't received data for >= 20s, retry the download - # stalled-download-timeout = 20; - # - # # Show more logs when a build fails and decides to display - # # a bunch of lines. `nix log` would normally provide more - # # information, but this may save us some time and keystrokes. - # log-lines = 30; - # - # # Extra features of Nix that are considered unstable - # # and experimental. By default we should always include - # # `flakes` and `nix-command`, while others are usually + use-xdg-base-directories = true; + + # Automatically optimise symlinks + auto-optimise-store = true; + + # Allow sudo users to mark the following values as trusted + allowed-users = ["root" "@wheel" "nix-builder"]; + + # Only allow sudo users to manage the nix store + trusted-users = ["root" "@wheel" "nix-builder"]; + + # Let the system decide the number of max jobs + # based on available system specs. Usually this is + # the same as the number of cores your CPU has. + max-jobs = "auto"; + + # Always build inside sandboxed environments + sandbox = true; + sandbox-fallback = false; + + # Continue building derivations even if one fails + keep-going = true; + + # Fallback to local builds after remote builders are unavailable. + # Setting this too low on a slow network may cause remote builders + # to be discarded before a connection can be established. + connect-timeout = 5; + + # If we haven't received data for >= 20s, retry the download + stalled-download-timeout = 20; + + # Show more logs when a build fails and decides to display + # a bunch of lines. `nix log` would normally provide more + # information, but this may save us some time and keystrokes. + log-lines = 30; + + # Extra features of Nix that are considered unstable + # and experimental. By default we should always include + # `flakes` and `nix-command`, while others are usually # optional. extra-experimental-features = [ "flakes" # flakes @@ -82,39 +82,39 @@ ]; # Ensures that the result of Nix expressions is fully determined by - # # explicitly declared inputs, and not influenced by external state. - # # In other words, fully stateless evaluation by Nix at all times. - # # pure-eval = true; - # - # # Don't warn me that my git tree is dirty, I know. - # warn-dirty = false; - # - # # Maximum number of parallel TCP connections - # # used to fetch imports and binary caches. - # # 0 means no limit, default is 25. - # http-connections = 50; # lower values fare better on slow connections - # - # # Whether to accept nix configuration from a flake - # # without displaying a Y/N prompt. For those obtuse - # # enough to keep this true, I wish the best of luck. - # # tl;dr: this is a security vulnerability. - # accept-flake-config = false; - # - # # Whether to execute builds inside cgroups. cgroups are - # # "a Linux kernel feature that limits, accounts for, and - # # isolates the resource usage (CPU, memory, disk I/O, etc.) - # # of a collection of processes." - # # See: - # # - # # use-cgroups = pkgs.stdenv.isLinux; # only supported on Linux - # - # # for direnv GC roots - # keep-derivations = true; - # keep-outputs = true; - # - # # Use binary cache, this is not Gentoo - # # external builders can also pick up those substituters - # builders-use-substitutes = true; + # explicitly declared inputs, and not influenced by external state. + # In other words, fully stateless evaluation by Nix at all times. + pure-eval = true; + + # Don't warn me that my git tree is dirty, I know. + warn-dirty = false; + + # Maximum number of parallel TCP connections + # used to fetch imports and binary caches. + # 0 means no limit, default is 25. + http-connections = 50; # lower values fare better on slow connections + + # Whether to accept nix configuration from a flake + # without displaying a Y/N prompt. For those obtuse + # enough to keep this true, I wish the best of luck. + # tl;dr: this is a security vulnerability. + accept-flake-config = false; + + # Whether to execute builds inside cgroups. cgroups are + # "a Linux kernel feature that limits, accounts for, and + # isolates the resource usage (CPU, memory, disk I/O, etc.) + # of a collection of processes." + # See: + # + use-cgroups = pkgs.stdenv.isLinux; # only supported on Linux + + # for direnv GC roots + keep-derivations = true; + keep-outputs = true; + + # Use binary cache, this is not Gentoo + # external builders can also pick up those substituters + builders-use-substitutes = true; # Substituters to pull from. While sigs are disabled, we must # make sure the substituters listed here are trusted. @@ -146,7 +146,7 @@ # and contribute heavily to you wanting to get a new desktop. # For those curious (such as myself) desktops are always seen as "AC powered" # so the system will not fail to fire if you are on a desktop system. - # systemd.services.nix-gc = { - # unitConfig.ConditionACPower = true; - # }; + systemd.services.nix-gc = { + unitConfig.ConditionACPower = true; + }; } diff --git a/modules/system/nix/nixpkgs.nix b/modules/system/nix/nixpkgs.nix index 55faa74..e1b9eb0 100644 --- a/modules/system/nix/nixpkgs.nix +++ b/modules/system/nix/nixpkgs.nix @@ -5,41 +5,42 @@ nixpkgs = { # Configuration reference: # - # config = { - # # Allow broken packages to be built. Setting this to false means packages - # # will refuse to evaluate sometimes, but only if they have been marked as - # # broken for a specific reason. At that point we can either try to solve - # # the breakage, or get rid of the package entirely. - # allowBroken = false; - # allowUnsupportedSystem = true; - # - # # Really a pain in the ass to deal with when disabled. True means - # # we are able to build unfree packages without explicitly allowing - # # each unfree package. - # allowUnfree = true; - # - # # Default to none, add more as necessary. This is usually where - # # electron packages go when they reach EOL. - # permittedInsecurePackages = []; - # - # # Nixpkgs sets internal package aliases to ease migration from other - # # distributions easier, or for convenience's sake. Even though the manual - # # and the description for this option recommends this to be true, I prefer - # # explicit naming conventions, i.e., no aliases. - # allowAliases = true; - # - # # Enable parallel building by default. This, in theory, should speed up building - # # derivations, especially rust ones. However setting this to true causes a mass rebuild - # # of the *entire* system closure, so it must be handled with proper care. - # enableParallelBuildingByDefault = false; - # - # # List of derivation warnings to display while rebuilding. - # # See: - # # NOTE: "maintainerless" can be added to emit warnings - # # about packages without maintainers but it seems to me - # # like there are more packages without maintainers than - # # with maintainers, so it's disabled for the time being. - # showDerivationWarnings = []; - # }; + hostPlatform = "x86_64-linux"; + config = { + # Allow broken packages to be built. Setting this to false means packages + # will refuse to evaluate sometimes, but only if they have been marked as + # broken for a specific reason. At that point we can either try to solve + # the breakage, or get rid of the package entirely. + allowBroken = false; + allowUnsupportedSystem = true; + + # Really a pain in the ass to deal with when disabled. True means + # we are able to build unfree packages without explicitly allowing + # each unfree package. + allowUnfree = true; + + # Default to none, add more as necessary. This is usually where + # electron packages go when they reach EOL. + permittedInsecurePackages = []; + + # Nixpkgs sets internal package aliases to ease migration from other + # distributions easier, or for convenience's sake. Even though the manual + # and the description for this option recommends this to be true, I prefer + # explicit naming conventions, i.e., no aliases. + allowAliases = true; + + # Enable parallel building by default. This, in theory, should speed up building + # derivations, especially rust ones. However setting this to true causes a mass rebuild + # of the *entire* system closure, so it must be handled with proper care. + enableParallelBuildingByDefault = true; + + # List of derivation warnings to display while rebuilding. + # See: + # NOTE: "maintainerless" can be added to emit warnings + # about packages without maintainers but it seems to me + # like there are more packages without maintainers than + # with maintainers, so it's disabled for the time being. + showDerivationWarnings = []; + }; }; } diff --git a/modules/wms/wayland/hypr/land.nix b/modules/wms/wayland/hypr/land.nix index ba0bcaf..92bdb84 100644 --- a/modules/wms/wayland/hypr/land.nix +++ b/modules/wms/wayland/hypr/land.nix @@ -118,7 +118,6 @@ in { "30, monitor:DP-2" # scratchpads - "special:btop, decorate:false" "special:pipewire, decorate:false" "special:nixos, decorate:false" "special:keepassxc, decorate:false" @@ -278,7 +277,6 @@ in { "$mainMod, E, exec, ${pkgs.xfce.thunar}/bin/thunar" # Toggle the four different special workspaces. - "$mainMod, B, togglespecialworkspace, btop" "$mainMod, V, togglespecialworkspace, pipewire" "$mainMod, N, togglespecialworkspace, nixos" "$mainMod, X, togglespecialworkspace, keepassxc" @@ -350,14 +348,12 @@ in { exec = [ # kill (almost) everything on special workspaces - "${pkgs.procps}/bin/pkill btop" "${pkgs.procps}/bin/pkill pavucontrol" - # and run it all again - "[workspace special:btop silent;tile] ${foot}/bin/foot -e ${pkgs.btop}/bin/btop" + "${pkgs.procps}/bin/pkill helvum" - # "[workspace special:pipewire silent;tile] ${pkgs.helvum}/bin/helvum" + # and run it all again + "[workspace special:pipewire silent;tile] ${pkgs.helvum}/bin/helvum" "[workspace special:pipewire;silent;tile] ${pkgs.pavucontrol}/bin/pavucontrol" - # "${pkgs.networkmanagerapplet}/bin/nm-applet --indicator" ]; plugin = { split-monitor-workspaces = { diff --git a/options/common/gpu/nvidia.nix b/options/common/gpu/nvidia.nix index 72cca74..88dfc28 100644 --- a/options/common/gpu/nvidia.nix +++ b/options/common/gpu/nvidia.nix @@ -13,6 +13,14 @@ powerManagement.enable = false; powerManagement.finegrained = false; nvidiaSettings = false; - package = config.boot.kernelPackages.nvidiaPackages.beta; + # package = config.boot.kernelPackages.nvidiaPackages.beta; + package = config.boot.kernelPackages.nvidiaPackages.mkDriver { + version = "560.28.03"; + sha256_64bit = "sha256-martv18vngYBJw1IFUCAaYr+uc65KtlHAMdLMdtQJ+Y="; + sha256_aarch64 = "sha256-+u0ZolZcZoej4nqPGmZn5qpyynLvu2QSm9Rd3wLdDmM="; + openSha256 = "sha256-asGpqOpU0tIO9QqceA8XRn5L27OiBFuI9RZ1NjSVwaM="; + settingsSha256 = "sha256-b4nhUMCzZc3VANnNb0rmcEH6H7SK2D5eZIplgPV59c8="; + persistencedSha256 = "sha256-MhITuC8tH/IPhCOUm60SrPOldOpitk78mH0rg+egkTE="; + }; }; } diff --git a/options/common/networking.nix b/options/common/networking.nix index 6af7452..3a95576 100644 --- a/options/common/networking.nix +++ b/options/common/networking.nix @@ -4,10 +4,13 @@ ... }: let inherit (config.modules.other.system) username; + inherit (lib) mkForce; in { networking = { + enableIPv6 = true; networkmanager = { enable = true; + plugins = mkForce []; # Bloated as hell, plugins be gone dns = "systemd-resolved"; }; };