chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2024-10-23 04:38:44 +08:00
Code Issues Packages Projects Releases Wiki Activity
2cb7980163
nixos/basic.nix

318 lines
8.6 KiB
Nix
Raw Normal View History

init
2023-05-28 23:49:58 +08:00
{ config, pkgs, lib, ... } @inputs:
{
# 基本设置
nix.settings.experimental-features = [ "nix-command" "flakes" ];
networking.hostName = "chn-PC";
networking.networkmanager.enable = true;
time.timeZone = "Asia/Shanghai";
i18n =
{
defaultLocale = "zh_CN.UTF-8";
supportedLocales = ["zh_CN.UTF-8/UTF-8" "en_US.UTF-8/UTF-8" "C.UTF-8/UTF-8"];
};
system.stateVersion = "22.11";
# 输入法
i18n.inputMethod =
{
enabled = "fcitx5";
fcitx5.addons = with pkgs; [fcitx5-rime fcitx5-chinese-addons fcitx5-mozc];
};
# 图形界面
services.xserver =
{
enable = true;
displayManager.sddm.enable = true;
desktopManager.plasma5.enable = true;
一些修补
2023-06-02 19:46:37 +08:00
videoDrivers = [ "nvidia" "intel" "qxl" ];
整理 inputs
2023-05-30 21:21:46 +08:00
};
hardware.nvidia.prime =
{
offload.enable = true;
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
init
2023-05-28 23:49:58 +08:00
};
# 打印机
services.printing.enable = true;
# 声音
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire =
{
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# 虚拟机(作为顾客)
services.qemuGuest.enable = true;
services.spice-vdagentd.enable = true;
# waydroid
virtualisation.waydroid.enable = true;
一些修补
2023-06-02 19:46:37 +08:00
virtualisation.lxd.enable = true;
init
2023-05-28 23:49:58 +08:00
# 用户
users.users.chn =
{
isNormalUser = true;
一些修补
2023-06-02 19:46:37 +08:00
extraGroups = [ "networkmanager" "wheel" "wireshark" "libvirtd" ];
init
2023-05-28 23:49:58 +08:00
passwordFile = config.sops.secrets."password/chn".path;
shell = pkgs.zsh;
};
users.mutableUsers = false;
sops.secrets."password/chn".neededForUsers = true;
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.chn = { pkgs, ... }:
{
home.stateVersion = "22.11";
programs.zsh =
{
enable = true;
initExtraBeforeCompInit =
''
# p10k instant prompt
P10K_INSTANT_PROMPT="$XDG_CACHE_HOME/p10k-instant-prompt-''${(%):-%n}.zsh"
[[ ! -r "$P10K_INSTANT_PROMPT" ]] || source "$P10K_INSTANT_PROMPT"
一些修补
2023-06-02 19:46:37 +08:00
HYPHEN_INSENSITIVE="true"
init
2023-05-28 23:49:58 +08:00
'';
plugins =
[
{
file = "powerlevel10k.zsh-theme";
name = "powerlevel10k";
src = "${pkgs.zsh-powerlevel10k}/share/zsh-powerlevel10k";
}
{
file = "p10k.zsh";
name = "powerlevel10k-config";
src = ./p10k-config;
}
一些修补
2023-06-02 19:46:37 +08:00
{
name = "zsh-exa";
src = pkgs.fetchFromGitHub
{
owner = "ptavares";
repo = "zsh-exa";
rev = "0.2.3";
sha256 = "0vn3iv9d3c1a4rigq2xm52x8zjaxlza1pd90bw9mbbkl9iq8766r";
};
}
init
2023-05-28 23:49:58 +08:00
];
};
一些修补
2023-06-02 19:46:37 +08:00
# xsession.profileExtra =
# ''
# export GTK_USE_PORTAL="1"
# '';
init
2023-05-28 23:49:58 +08:00
};
# 软件包
environment.systemPackages = with pkgs;
[
beep neofetch screen dos2unix tldr gnugrep
整理 inputs
2023-05-30 21:21:46 +08:00
pciutils usbutils lshw powertop
init
2023-05-28 23:49:58 +08:00
zsh ksh zsh-powerlevel10k zsh-autosuggestions zsh-syntax-highlighting
vim nano
(
vscode-with-extensions.override
{
使用自己的仓库 更新 使用vscode插件仓库
2023-06-03 06:53:33 +08:00
vscodeExtensions = (with vscode-extensions;
init
2023-05-28 23:49:58 +08:00
[
ms-vscode.cpptools
llvm-vs-code-extensions.vscode-clangd
ms-vscode.cmake-tools
ms-ceintl.vscode-language-pack-zh-hans
github.copilot
github.github-vscode-theme
ms-vscode.hexeditor
oderwat.indent-rainbow
james-yu.latex-workshop
pkief.material-icon-theme
ms-vscode-remote.remote-ssh
使用自己的仓库 更新 使用vscode插件仓库
2023-06-03 06:53:33 +08:00
])
++ (with nix-vscode-extensions.vscode-marketplace;
init
2023-05-28 23:49:58 +08:00
[
使用自己的仓库 更新 使用vscode插件仓库
2023-06-03 06:53:33 +08:00
twxs.cmake
ms-vscode.cpptools-themes
guyutongxue.cpp-reference
]);
init
2023-05-28 23:49:58 +08:00
}
)
整理 inputs
2023-05-30 21:21:46 +08:00
(
pkgs.writeShellScriptBin "nvidia-offload"
''
export __NV_PRIME_RENDER_OFFLOAD=1
export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
export __GLX_VENDOR_LIBRARY_NAME=nvidia
export __VK_LAYER_NV_optimus=NVIDIA_only
exec "$@"
''
)
init
2023-05-28 23:49:58 +08:00
wget aria2 curl yt-dlp qbittorrent
一些修补
2023-06-02 19:46:37 +08:00
tree git autojump exa
init
2023-05-28 23:49:58 +08:00
nix-output-monitor comma
docker docker-compose
apacheHttpd certbot-full
一些修补
2023-06-02 19:46:37 +08:00
pigz rar unrar upx unzip zip
init
2023-05-28 23:49:58 +08:00
util-linux snapper gparted snapper-gui
firefox google-chrome
qemu_full virt-manager
zotero ocrmypdf pdfgrep texlive.combined.scheme-full libreoffice-qt
ovito paraview gimp # vsim vesta
(python3.withPackages (ps: with ps; [ phonopy ]))
整理 inputs
2023-05-30 21:21:46 +08:00
element-desktop tdesktop discord qq config.nur.repos.xddxdd.wechat-uos config.nur.repos.linyinfeng.wemeet
init
2023-05-28 23:49:58 +08:00
remmina
bitwarden openssl ssh-to-age gnupg age sops
spotify yesplaymusic # netease-cloud-music-gtk config.nur.repos.eh5.netease-cloud-music
crow-translate
scrcpy
ipset iptables iproute2 wireshark dig nettools
touchix.v2ray-forwarder
mathematica
整理 inputs
2023-05-30 21:21:46 +08:00
gcc cudaPackages.cudatoolkit clang-tools
config.nur.repos.ataraxiasjel.proton-ge
一些修补
2023-06-02 19:46:37 +08:00
octave root
libsForQt5.qtstyleplugin-kvantum
init
2023-05-28 23:49:58 +08:00
]
++ (with lib; filter isDerivation (attrValues pkgs.plasma5Packages.kdeGear));
programs.wireshark.enable = true;
programs.anime-game-launcher.enable = true;
programs.honkers-railway-launcher.enable = true;
programs.nix-index-database.comma.enable = true;
programs.nix-index.enable = true;
programs.command-not-found.enable = false;
programs.steam.enable = true;
默认超时 10s 安装 tuxedo control center
2023-06-06 11:29:30 +08:00
nixpkgs.config.permittedInsecurePackages =
[ "openssl-1.1.1u" "electron-19.0.7" "nodejs-14.21.3" "electron-13.6.9" ];
init
2023-05-28 23:49:58 +08:00
nix.settings.substituters = [ "https://xddxdd.cachix.org" ];
nix.settings.trusted-public-keys = [ "xddxdd.cachix.org-1:ay1HJyNDYmlSwj5NXQG065C8LfoqqKaTNCyzeixGjf8=" ];
# 字体
fonts =
{
fontDir.enable = true;
fonts = with pkgs;
[ noto-fonts source-han-sans source-han-serif source-code-pro hack-font jetbrains-mono nerdfonts ];
fontconfig.defaultFonts =
{
emoji = [ "Noto Color Emoji" ];
monospace = [ "Noto Sans Mono CJK SC" "Sarasa Mono SC" "DejaVu Sans Mono"];
sansSerif = ["Noto Sans CJK SC" "Source Han Sans SC" "DejaVu Sans"];
serif = ["Noto Serif CJK SC" "Source Han Serif SC" "DejaVu Serif"];
};
};
# zsh
programs.zsh =
{
enable = true;
syntaxHighlighting.enable = true;
autosuggestions.enable = true;
enableCompletion = true;
一些修补
2023-06-02 19:46:37 +08:00
ohMyZsh =
{
enable = true;
plugins = [ "git" "colored-man-pages" "extract" "history-substring-search" "autojump" ];
};
init
2023-05-28 23:49:58 +08:00
};
# ssh security?
services.openssh.enable = true;
# firewall
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# sops
sops = { defaultSopsFile = ./secrets/chn-PC.yaml; age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; };
# 翻墙
services.dnsmasq =
{
enable = true;
settings = {
no-poll = true;
server = [ "127.0.0.1#10853" ];
listen-address = "127.0.0.1";
bind-interfaces = true;
address = [
"/mirism.one/216.24.188.24"
"/beta.mirism.one/216.24.188.24"
"/ng01.mirism.one/216.24.188.24"
"/debug.mirism.one/127.0.0.1"
];
ipset = [
"/developer.download.nvidia.com/noproxy_net"
"/yuanshen.com/noproxy_net"
"/zoom.us/noproxy_net"
];
};
};
services.xray = { enable = true; settingsFile = config.sops.secrets."xray.json".path; };
sops.secrets."xray.json" = { mode = "0440"; owner = "v2ray"; group = "v2ray"; restartUnits = [ "xray.service" ]; };
systemd.services.xray.serviceConfig =
{
DynamicUser = lib.mkForce false;
User = "v2ray";
Group = "v2ray";
CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_BIND_SERVICE";
AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_BIND_SERVICE";
};
整理 inputs
2023-05-30 21:21:46 +08:00
users.users.v2ray = { isSystemUser = true; group = "v2ray"; };
init
2023-05-28 23:49:58 +08:00
users.groups.v2ray = {};
services.v2ray-forwarder = { enable = true; proxyPort = 10880; xmuPort = 10881; };
boot.kernel.sysctl =
{
"net.ipv4.conf.all.route_localnet" = true;
"net.ipv4.conf.default.route_localnet" = true;
"net.ipv4.conf.all.accept_local" = true;
"net.ipv4.conf.default.accept_local" = true;
"net.ipv4.ip_forward" = true;
"net.ipv4.ip_nonlocal_bind" = true;
};
一些修补
2023-06-02 19:46:37 +08:00
programs.firejail.enable = true;
hardware.xone.enable = true;
hardware.xpadneo.enable = true;
hardware.bluetooth.enable = true;
启用xwayland
2023-06-04 18:29:44 +08:00
services.xserver.synaptics.enable = false;
services.xserver.libinput.enable = true;
一些修补
2023-06-02 19:46:37 +08:00
virtualisation.libvirtd.enable = true;
nixpkgs.config.packageOverrides = pkgs: rec {
wpa_supplicant = pkgs.wpa_supplicant.overrideAttrs (attrs: {
patches = attrs.patches ++ [ ./patches/xmunet.patch ];
});
};
environment.sessionVariables."GTK_USE_PORTAL" = "1";
xdg.portal.extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ];
virtualisation.spiceUSBRedirection.enable = true;
networking.resolvconf.enable = false;
environment.etc."resolv.conf".text =
''
nameserver 127.0.0.1
'';
启用xwayland
2023-06-04 18:29:44 +08:00
programs.xwayland.enable = true;
默认超时 10s 安装 tuxedo control center
2023-06-06 11:29:30 +08:00
hardware.tuxedo-control-center.enable = true;
hardware.tuxedo-keyboard.enable = true;
systemd.extraConfig = "DefaultTimeoutStopSec=10s";
systemd.user.extraConfig = "DefaultTimeoutStopSec=10s";
systemd.services.home-manager-chn.before = [ "display-manager.service" ];
nix enable keep-outputs
2023-06-08 00:26:30 +08:00
nix.extraOptions =
''
keep-outputs = true
'';
add system features gccarch-alderlake
2023-06-08 11:09:18 +08:00
nix.settings.system-features = [ "gccarch-alderlake" ];
init
2023-05-28 23:49:58 +08:00
}
Reference in New Issue Copy Permalink