wieerwill/nix-home-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

change from mono-home-manager to full flake multi-system configuration

Browse Source
This commit is contained in:
wieerwill
2025-11-30 12:28:05 +01:00
parent 5c3a992f34
commit 362f65c384
62 changed files with 4469 additions and 576 deletions
Download Patch File Download Diff File Expand all files Collapse all files

110
hosts/steamdeck/configuration.nix Normal file
View File

@@ -0,0 +1,110 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports = [ # Include the results of the hardware scan.
./hardware-configuration.nix
./../../modules/desktop.nix
./../../modules/secrets.nix
./../../modules/security.nix
./../../modules/unfree.nix
./../../modules/users.nix
#./../../modules/wifi.nix
(
#let revision = "e74e57a37de55ecfdc62f49fe5a7463b2a52499a"; in
let revision = "98a61cf0708885abddebc6938ca7282928981d5e"; in
builtins.fetchTarball {
url = "https://github.com/Jovian-Experiments/Jovian-NixOS/archive/${revision}.tar.gz";
sha256 = "sha256:0f1c3ilr9rm6jrs3nfhvf8ni0jccfy1810s6a94iywa9416w1k7c";
} + "/modules"
)
];
networking.hostName = "decky";
networking.networkmanager.enable = true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.initrd.luks.devices."luks-1c04b05d-0ddf-429a-95c3-1f5fdb570207".device = "/dev/disk/by-uuid/1c04b05d-0ddf-429a-95c3-1f5fdb570207";
# Set time zone and internationalisation
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "de_DE.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
# Configure console keymap
console.keyMap = "de";
# List packages installed in system profile.
# To search, run: $ nix search wget
environment.systemPackages = with pkgs; [
wget
curl
git
vim
];
jovian = {
devices.steamdeck = {
enable = true;
autoUpdate = false;
enableGyroDsuService = true;
};
steam = {
enable = true;
autoStart = true;
user = "wieerwill";
desktopSession = "sway";
updater.splash = "jovian";
};
decky-loader = {
enable = false;
#extraPackages = [pkgs.curl pkgs.unzip];
#user = "wieerwill";
};
};
# Enable sound with pipewire.
services.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
};
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings = {
General = {
Experimental = true;
};
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "25.05"; # Did you read the comment?
}

40
hosts/steamdeck/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,40 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/ceb735f5-6728-4fb6-9d25-3bbf7d198b49";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/E8E8-9A4B";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/d1808b85-6f98-40f3-a06a-62836aee3809"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0f3u1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

36
hosts/steamdeck/home.nix Normal file
View File

@@ -0,0 +1,36 @@
{ inputs, ... }: {
imports = [ ../../home/_home.nix ];
homeModules = {
#androidstudio.enable = true;
#backup.enable = true;
chromium.enable = true;
#design.enable = true;
embedded.enable = true;
fonts.enable = true;
git.enable = true;
#javascript.enable = true;
keepass.enable = true;
#llm.enable = true;
logseq.enable = true;
#mail.enable = true;
#obsidian.enable = true;
redshift.enable = true;
secrets.enable = true;
security.enable = true;
#social.enable = true;
sway.enable = true;
syncthing.enable = true;
terminal.enable = true;
#tor.enable = true;
vim.enable = true;
#vpnpia.enable = true;
vscode.enable = false;
#zenbrowser.enable = true;
};
_module.args = {
#sops-nix = inputs.sops-nix;
zen-browser = inputs.zen-browser;
};
}

206
hosts/steamdeck/old_sway.nix Normal file
View File

@@ -0,0 +1,206 @@
{ config, pkgs, lib, ... }:
let
# Define variables for your workspaces and displays
display1 = "card1-eDP-1";
touchDisplay = "10248:4117:FTS3528:00_2808:1015"; #steamdeck
workspace1 = "1:Web";
workspace2 = "2:App";
workspace3 = "3:Chat";
workspace4 = "4:Read";
workspace5 = "5:Code";
workspace6 = "6:Password";
workspace7 = "7:Shell";
workspace8 = "8:Media";
in
{
# Enable Sway window manager
wayland.windowManager.sway = {
enable = true;
wrapperFeatures.gtk = true;
# Sway configuration
config = rec {
modifier = "Mod4"; # Windows key
terminal = "alacritty";
menu = "bemenu-run";
# Autostart applications
startup = [
{ command = "swaymsg workspace ${workspace7}; exec nvim"; }
{ command = "swaymsg workspace ${workspace7}; exec alacritty"; }
{ command = "keepassxc"; }
{ command = "logseq"; }
{ command = "thunderbird"; }
{ command = "firefox"; }
#{ command = "steam"; }
# Update environment variables
{ command = "dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK XDG_CURRENT_DESKTOP XDG_SESSION_TYPE NIXOS_OZONE_WL XCURSOR_THEME XCURSOR_SIZE PATH";}
# Start sway-session.target
{ command = "systemctl --user start sway-session.target";}
# Switch to the desired workspaces on each output
#{ command = "swaymsg focus output ${display1}; swaymsg workspace ${workspace1}"; }
#{ command = "swaymsg focus output ${display2}; swaymsg workspace ${workspace3}"; }
];
# Keyboard layout
input = {
# Enable touch screen
"10248:4117:FTS3528:00_2808:1015" = {
#send_events = "enabled";
#tap_enabled = "true";
map_to_output = "${display1}";
};
# Map touch devices to display
"type:touch" = {
map_to_output = "${display1}";
};
# Configure Steam Controller pointer
"10462:4613:Valve_Software_Steam_Controller" = {
# For the pointer device
#accel_speed = "0.0";
natural_scroll = "false";
left_handed = "false";
scroll_method = "two_finger";
middle_emulation = "true";
};
# Configure Steam Controller keyboard
"10462:4613:Valve_Software_Steam_Controller" = {
xkb_layout = "de";
};
# Set German layout for all keyboards
"type:keyboard" = {
xkb_layout = "de";
repeat_delay = "600";
repeat_rate = "25";
};
# For all pointers
"type:pointer" = {
# accel_speed = "0.0";
natural_scroll = "false";
left_handed = "false";
middle_emulation = "true";
};
"*" = {
xkb_layout = "de"; # German keyboard layout
};
};
# Display configuration
output = {
"${display1}" = {
res = "1280x800"; # Steam Deck resolution
pos = "0 0";
scale = "1";
};
"*" = {
scale = "1";
};
};
# Keybindings
keybindings = {
"Mod4+1" = "workspace ${workspace1}";
"Mod4+2" = "workspace ${workspace2}";
"Mod4+3" = "workspace ${workspace3}";
"Mod4+4" = "workspace ${workspace4}";
"Mod4+5" = "workspace ${workspace5}";
"Mod4+6" = "workspace ${workspace6}";
"Mod4+7" = "workspace ${workspace7}";
"Mod4+8" = "workspace ${workspace8}";
"Mod4+Shift+1" = "move container to workspace ${workspace1}";
"Mod4+Shift+2" = "move container to workspace ${workspace2}";
"Mod4+Shift+3" = "move container to workspace ${workspace3}";
"Mod4+Shift+4" = "move container to workspace ${workspace4}";
"Mod4+Shift+5" = "move container to workspace ${workspace5}";
"Mod4+Shift+6" = "move container to workspace ${workspace6}";
"Mod4+Shift+7" = "move container to workspace ${workspace7}";
"Mod4+Shift+8" = "move container to workspace ${workspace8}";
"Mod4+Mod1+f" = "exec firefox, workspace ${workspace1}";
"Mod4+Mod1+g" = "exec logseq, workspace ${workspace2}";
"Mod4+Mod1+t" = "exec thunderbird, workspace ${workspace3}";
"Mod4+Mod1+s" = "exec signal-desktop, workspace ${workspace3}";
"Mod4+Mod1+o" = "exec okular, workspace ${workspace4}";
"Mod4+Mod1+c" = "exec codium, workspace ${workspace5}";
"Mod4+Mod1+k" = "exec keepassxc, workspace ${workspace6}";
"Mod4+Return" = "exec alacritty, workspace ${workspace7}";
"Mod4+Mod1+p" = "exec alacritty -e pulsemixer, workspace ${workspace7}";
"Mod4+Mod1+v" = "exec alacritty -e neovim, workspace ${workspace7}";
"Mod4+Mod1+b" = "exec alacritty -e bluetuith, workspace ${workspace7}";
"Mod4+Mod1+n" = "exec alacritty -e nmtui, workspace ${workspace7}";
"Mod4+Mod1+h" = "exec alacritty -e htop, workspace ${workspace7}";
"XF86AudioRaiseVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" = "exec pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioMute" = "exec pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioMicMute" = "exec pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86MonBrightnessDown" = "exec brightnessctl set 5%-";
"XF86MonBrightnessUp" = "exec brightnessctl set 5%+";
"Print" = "exec grimshot save area";
"Mod4+Shift+q" = "exec swaynagmode --exit";
"Mod4+Shift+Return" = "exec swaynagmode --confirm";
# steamdeck specific keys
# "bindcode 304" = "exec firefox";...
};
# Assign workspaces to outputs (adjust as needed)
workspaceOutputAssign = [
{
workspace = workspace1;
output = display1;
}
# Add other workspace-output assignments if you have multiple monitors
];
# Assign applications to workspaces
assigns = {
"${workspace1}" = [ { app_id = "firefox"; } ];
"${workspace2}" = [ { class = "Logseq"; } ];
"${workspace3}" = [
{ class = "Signal"; }
{ app_id = "thunderbird"; }
];
"${workspace4}" = [ { app_id = "org.kde.okular"; } ];
"${workspace5}" = [
{ class = "VSCodium"; }
{ class = "nvim"; }
];
"${workspace6}" = [ { app_id = "org.keepassxc.KeePassXC"; } ];
"${workspace7}" = [ { app_id = "Alacritty"; } ];
"${workspace8}" = [
{ class = "vlc"; }
{ class = "steam"; }
];
};
};
};
services.swayidle = {
enable = true;
timeouts = [
{
timeout = 60 * 4;
command = lib.getExe config.programs.swaylock.package;
}
];
};
programs.swaylock = {
enable = true;
#package = pkgs.swaylock-effects;
settings = {
font = "hack";
screenshots = true;
clock = true;
show-failed-attempts = true;
indicator-idle-visible = true;
effect-blur = "8x5";
};
};
}

60
hosts/t440p/configuration.nix Normal file
View File

@@ -0,0 +1,60 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, ... }:
{
imports = [ # Include the results of the hardware scan and modules
./hardware-configuration.nix
./../../modules/desktop.nix
./../../modules/secrets.nix
./../../modules/security.nix
./../../modules/unfree.nix
./../../modules/users.nix
#./../../modules/wifi.nix
];
networking.hostName = "t440p";
networking.networkmanager.enable = true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.initrd.luks.devices."luks-1c04b05d-0ddf-429a-95c3-1f5fdb570207".device = "/dev/disk/by-uuid/1c04b05d-0ddf-429a-95c3-1f5fdb570207";
# Set time zone and internationalisation
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "de_DE.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
console.keyMap = "de";
# List packages installed in system profile.
# To search, run: $ nix search wget
environment.systemPackages = with pkgs; [
wget
curl
git
vim
tree
];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "25.05"; # Did you read the comment?
}

43
hosts/t440p/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,43 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/48e4d114-d841-4506-862b-eb4ba2101767";
fsType = "ext4";
};
boot.initrd.luks.devices."luks-153f407e-269d-4a10-9544-4d2946a49824".device = "/dev/disk/by-uuid/153f407e-269d-4a10-9544-4d2946a49824";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/1747-74BD";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/64dcaac6-e355-4ca7-aa0c-40b1184baf18"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s25.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

36
hosts/t440p/home.nix Normal file
View File

@@ -0,0 +1,36 @@
{ inputs, ... }: {
imports = [ ../../home/_home.nix ];
homeModules = {
#androidstudio.enable = true;
#backup.enable = true;
chromium.enable = true;
#design.enable = true;
embedded.enable = true;
fonts.enable = true;
git.enable = true;
#javascript.enable = true;
keepass.enable = true;
#llm.enable = true;
logseq.enable = true;
#mail.enable = true;
#obsidian.enable = true;
redshift.enable = true;
secrets.enable = true;
security.enable = true;
#social.enable = true;
sway.enable = true;
syncthing.enable = true;
terminal.enable = true;
#tor.enable = true;
vim.enable = true;
#vpnpia.enable = true;
vscode.enable = false;
#zenbrowser.enable = true;
};
_module.args = {
#sops-nix = inputs.sops-nix;
zen-browser = inputs.zen-browser;
};
}

21
hosts/t440p/sway-hardware.nix Normal file
View File

@@ -0,0 +1,21 @@
{ config, pkgs, lib, ... }:
{
wayland.windowManager.sway.config = {
output = {
"eDP-1" = {
pos = "0 0";
scale = "1";
};
};
input = {
"type:keyboard" = {
xkb_layout = "de";
};
"*" = {
xkb_layout = "de";
};
};
};
}

85
hosts/vps04_08/home.nix Normal file
View File

@@ -0,0 +1,85 @@
{ config, pkgs, ... }:
{
imports = [ ../../home/_home.nix ];
home.username = "wieerwill";
home.homeDirectory = "/home/wieerwill";
programs.home-manager.enable = true;
home.stateVersion = "25.05";
# Basic packages
home.packages = with pkgs; [
neovim
git
curl
gnupg
bash-completion
sops
];
# Harden SSH known_hosts, prevent password auth
programs.ssh = {
enable = true;
extraConfig = ''
PasswordAuthentication no
PermitRootLogin no
'';
};
# Optional: Docker CLI tools (remote management only!)
home.file.".docker/config.json".text = builtins.toJSON {
detachKeys = "ctrl-e,e";
};
# Automatic updates
systemd.user.services."autoupdate-nix" = {
Unit = {
Description = "Regular nix flake update";
};
Service = {
ExecStart = "${pkgs.nix}/bin/nix flake update --commit-lock-file";
};
Install.WantedBy = [ "default.target" ];
};
# Hardened Bash profile
programs.bash = {
enable = true;
enableCompletion = true;
initExtra = ''
set -o errexit
set -o nounset
set -o pipefail
'';
};
homeModules = {
#androidstudio.enable = true;
#backup.enable = true;
#chromium.enable = true;
#design.enable = true;
#embedded.enable = true;
fonts.enable = true;
#git.enable = true;
#javascript.enable = true;
#keepass.enable = true;
#llm.enable = true;
#logseq.enable = true;
#mail.enable = true;
#obsidian.enable = true;
#redshift.enable = true;
secrets.enable = true;
#security.enable = true;
#social.enable = true;
#sway.enable = true;
#syncthing.enable = true;
terminal.enable = true;
#tor.enable = true;
#vim.enable = true;
#vpnpia.enable = true;
#vscode.enable = false;
#zenbrowser.enable = true;
};
}

70
hosts/xaorus/home.nix Normal file
View File

@@ -0,0 +1,70 @@
{ config, pkgs, ... }:
{
imports = [ ../../home/_home.nix ];
home.username = "wieerwill";
home.homeDirectory = "/home/wieerwill";
#home-manager.users.wieerwill.networking.hostName = "xaorus";
home.stateVersion = "25.05";
programs.home-manager.enable = true;
# create soft links from source to target
home.file = {
"nixConig".source = "/home/wieerwill/Dokumente/GitHub/NixHomeManager";
"logseq".source = "/home/wieerwill/Dokumente/logseq";
"projects".source = "/home/wieerwill/Dokumente/projects";
"vereine".source = "/home/wieerwill/Dokumente/vereine";
#"Downloads".source = "/home/wieerwill/Dokumente/Downloads";
};
#programs.gnome-terminal.enable = true;
# Optional: apps for GNOME desktop
home.packages = with pkgs; [
#gnome.gnome-tweaks
#gnome.dconf-editor
];
# XDG integration
#xdg.enable = true;
# Fonts and GTK themes
#fonts.fontconfig.enable = true;
#gtk = {
# enable = true;
# theme.name = "Adwaita-dark";
# iconTheme.name = "Papirus";
# cursorTheme.name = "Adwaita";
#};
homeModules = {
#androidstudio.enable = true;
#backup.enable = true;
#chromium.enable = true;
#design.enable = true;
#embedded.enable = true;
fonts.enable = true;
#git.enable = true;
#javascript.enable = true;
#keepass.enable = true;
#llm.enable = true;
#logseq.enable = true;
#mail.enable = true;
#obsidian.enable = true;
#redshift.enable = true;
secrets.enable = true;
#security.enable = true;
#social.enable = true;
#sway.enable = true;
syncthing.enable = true;
#terminal.enable = true;
#tor.enable = true;
#vim.enable = true;
#vpnpia.enable = true;
#vscode.enable = false;
#zenbrowser.enable = true;
};
}