init & hosts
vi did:web:vt3e.cat
Sat, 02 May 2026 18:18:54 +0100
17 files changed,
715 insertions(+),
0 deletions(-)
jump to
A
.zed/settings.json
@@ -0,0 +1,11 @@
+{ + "languages": { + "Nix": { + "formatter": { + "external": { + "command": "nixfmt", + }, + }, + }, + }, +}
A
flake.lock
@@ -0,0 +1,65 @@
+{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1777780644, + "narHash": "sha256-CYpc+mk28rmcQWGygeM8CA+Z8SZYy8BOyQtiW18spao=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "b9311028044a9e9b2cf27db15ef0a87d464e212d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nixos-hardware": { + "locked": { + "lastModified": 1777796046, + "narHash": "sha256-bEJp/zaQApzynGRaAO62BZSz9tFikKtIHCn2yIA/s7Q=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "eeb02f6e29fc8139c0b15af5ff0fdfdc6d0d3d90", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixos-hardware", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1777578337, + "narHash": "sha256-Ad49moKWeXtKBJNy2ebiTQUEgdLyvGmTeykAQ9xM+Z4=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "15f4ee454b1dce334612fa6843b3e05cf546efab", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixos-hardware": "nixos-hardware", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +}
A
flake.nix
@@ -0,0 +1,71 @@
+{ + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + + home-manager = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + + outputs = + { nixpkgs, home-manager, ... }@inputs: + let + supportedSystems = nixpkgs.lib.systems.flakeExposed; + forAllSystems = nixpkgs.lib.genAttrs supportedSystems; + + mkNixosSystem = + hostname: system: + nixpkgs.lib.nixosSystem { + inherit system; + + specialArgs = { + inherit inputs hostname; + inputs' = builtins.mapAttrs (_: flake: { + legacyPackages = flake.legacyPackages.${system} or { }; + packages = flake.packages.${system} or { }; + }) inputs; + }; + + modules = [ + ./hosts/common + ./hosts/${hostname} + ]; + }; + in + { + formatter = forAllSystems ( + system: + let + pkgs = nixpkgs.legacyPackages.${system}; + in + pkgs.nixfmt + ); + + nixosConfigurations = { + dahlia = mkNixosSystem "dahlia" "x86_64-linux"; + # ivy = mkNixosSystem "ivy" "x86_64-linux"; + }; + + homeConfigurations = { + "willow@dahlia" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages."x86_64-linux"; + extraSpecialArgs = { + inherit inputs; + hostname = "dahlia"; + }; + modules = [ "./home/willow@dahlia.nix" ]; + }; + + # "willow@ivy" = home-manager.lib.homeManagerConfiguration { + # pkgs = nixpkgs.legacyPackages."x86_64-linux"; + # extraSpecialArgs = { + # inherit inputs; + # hostname = "ivy"; + # }; + # modules = [ "./home/willow@ivy.nix" ]; + # }; + }; + }; +}
A
home/apr@dahlia.nix
@@ -0,0 +1,49 @@
+{ pkgs, ... }: +{ + imports = [ + ./common + ./common/sway.nix + ]; + + home = { + username = "willow"; + homeDirectory = "/home/willow"; + stateVersion = "25.11"; + + sessionVariables = { + XDG_DESKTOP_PORTAL = "gnome"; + GTK_USE_PORTAL = "1"; + }; + + file.".ssh/allowed_signers".text = '' + willow ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPWD6wk95qNhk/36vEH34qIRp/TPCcQ+D+u5Xd9/N0m1 + did:web:vt3e.cat ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDXt8vkpi9jOp9dCjoS8u0dC4fDdgb73w8z7VNI42FB + did:plc:nz5npphohxgjo2blfipdatam ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINGmmVCj5fvjT09SMmMsheGJ9vMKRF1UWoTEwR7yWeKO + ''; + + packages = with pkgs; [ + kitty + alacritty + ghostty-bin + firefox + dmenu + ]; + + gtk = { + enable = true; + theme = { + name = "Adwaita-dark"; + package = pkgs.gnome-themes-extra; + }; + gtk4.iconTheme = { + package = pkgs.adwaita-icon-theme; + name = "Adwaita"; + }; + gtk3.iconTheme = { + package = pkgs.adwaita-icon-theme; + name = "Adwaita"; + }; + }; + + }; +}
A
home/common/default.nix
@@ -0,0 +1,8 @@
+{ + imports = [ + ./ssh.nix + ./git.nix + ]; + + programs.home-manager.enable = true; +}
A
home/common/git.nix
@@ -0,0 +1,42 @@
+{ + programs.git = { + enable = true; + + settings = { + gpg.format = "ssh"; + gpg.ssh.allowedSignersFile = "~/.ssh/allowed_signers"; + init.defaultBranch = "main"; + rebase.autostash = true; + push.autoSetupRemote = true; + pull.rebase = true; + + user = { + email = "did:web:vt3e.cat"; + name = "vi"; + }; + + ignores = [ + "result" + ".wspace" + ]; + }; + + signing = { + key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDXt8vkpi9jOp9dCjoS8u0dC4fDdgb73w8z7VNI42FB did:web:vt3e.cat"; + signByDefault = true; + }; + + includes = [ + { + condition = "gitdir:~/d/handle/"; + contents = { + user = { + name = "handle"; + signingkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINGmmVCj5fvjT09SMmMsheGJ9vMKRF1UWoTEwR7yWeKO did:plc:nz5npphohxgjo2blfipdatam"; + email = "did:plc:nz5npphohxgjo2blfipdatam"; + }; + }; + } + ]; + }; +}
A
home/common/ssh.nix
@@ -0,0 +1,22 @@
+{ lib, ... }: +{ + programs.ssh.enableDefaultConfig = false; + home.activation.writeSSHConfig = lib.hm.dag.entryAfter [ "writeBoundary" ] '' + rm -f $HOME/.ssh/config + cat > $HOME/.ssh/config <<EOF + Host tangled-handle + IdentitiesOnly yes + User git + HostName tangled.sh + IdentityFile ~/.ssh/id_ed25519_handle + + Host tangled.sh + IdentitiesOnly yes + User git + HostName tangled.sh + IdentityFile ~/.ssh/id_ed25519 + EOF + + chmod 600 $HOME/.ssh/config + ''; +}
A
hosts/common/default.nix
@@ -0,0 +1,92 @@
+{ pkgs, ... }: +{ + imports = [ + ./users.nix + ./nix.nix + + ../../modules/desktop.nix + ]; + + programs = { + fish.enable = true; + nix-ld.enable = true; + }; + + security = { + polkit.enable = true; + rtkit.enable = true; + }; + + services = { + tailscale.enable = true; + openssh = { + enable = true; + ports = [ 22 ]; + settings = { + PasswordAuthentication = true; + PermitRootLogin = "prohibit-password"; + }; + }; + }; + + time.timeZone = "Europe/London"; + i18n = { + defaultLocale = "en_GB.UTF-8"; + extraLocaleSettings = { + LC_ADDRESS = "en_GB.UTF-8"; + LC_IDENTIFICATION = "en_GB.UTF-8"; + LC_MEASUREMENT = "en_GB.UTF-8"; + LC_MONETARY = "en_GB.UTF-8"; + LC_NAME = "en_GB.UTF-8"; + LC_NUMERIC = "en_GB.UTF-8"; + LC_PAPER = "en_GB.UTF-8"; + LC_TELEPHONE = "en_GB.UTF-8"; + LC_TIME = "en_GB.UTF-8"; + }; + }; + + environment.systemPackages = with pkgs; [ + # dev tools + htop + vim + ripgrep + fd + + git + just + jq + + # file + unzip + zip + file + tree + tree-from-tags + fuse3 + + # networking + wget + curl + openssl + wirelesstools + + # media + mpv + imv + imagemagick + playerctl + ffmpeg + + # whatever + gnupg + killall + gnome-keyring + libsecret + + fastfetch + hyfetch + kittysay + + nautilus + ]; +}
A
hosts/common/nix.nix
@@ -0,0 +1,49 @@
+{ pkgs, inputs, ... }: +{ + nix = { + package = pkgs.lixPackageSets.stable.lix; + + gc = { + automatic = true; + options = "--delete-older-than 3d"; + }; + + settings = { + experimental-features = [ + "nix-command" + "flakes" + ]; + }; + }; + + nixpkgs = { + config = { + allowUnfree = true; + }; + + overlays = [ + (final: prev: { + inherit (final.lixPackageSets.stable) + nixpkgs-review + nix-direnv + nix-eval-jobs + nix-fast-build + colmena + ; + }) + ]; + }; + + system.autoUpgrade = { + enable = true; + flake = inputs.self.outPath; + flags = [ + "--update-input" + "nixpkgs" + "-L" + ]; + dates = "02:00"; + randomizedDelaySec = "1h"; + }; + +}
A
hosts/common/sway.nix
@@ -0,0 +1,7 @@
+{ + wayland.windowManager.sway = { + enable = true; + systemd.enable = true; + wrapperFeatures.gtk = true; + }; +}
A
hosts/common/users.nix
@@ -0,0 +1,33 @@
+{ pkgs, ... }: +{ + users = { + mutableUsers = false; + + users = { + willow = { + initialPassword = "pass"; + uid = 1000; + isNormalUser = true; + extraGroups = [ + "wheel" + "docker" + "networkmanager" + "adbusers" + "plugdev" + ]; + + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDXt8vkpi9jOp9dCjoS8u0dC4fDdgb73w8z7VNI42FB did:web:vt3e.cat" + ]; + + shell = pkgs.fish; + }; + root = { + initialPassword = "pass"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDXt8vkpi9jOp9dCjoS8u0dC4fDdgb73w8z7VNI42FB did:web:vt3e.cat" + ]; + }; + }; + }; +}
A
hosts/dahlia/default.nix
@@ -0,0 +1,69 @@
+{ pkgs, ... }: +{ + imports = [ + ./hardware.nix + ./programs.nix + ./services.nix + ]; + + mods.desktop.enable = true; + + hardware = { + enableRedistributableFirmware = true; + graphics.enable = true; + bluetooth.enable = true; + }; + + boot = { + kernelPackages = pkgs.linuxPackages_latest; + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + }; + + nix = { + distributedBuilds = true; + buildMachines = [ + { + hostName = "192.168.1.107"; + system = "x86_64-linux"; + protocol = "ssh-ng"; + sshUser = "willow"; + sshKey = "/etc/nix/id_builder"; + + maxJobs = 20; + speedFactor = 10; + + supportedFeatures = [ + "nixos-test" + "benchmark" + "big-parallel" + "kvm" + ]; + } + ]; + + # extraOptions = '' + # builders-use-substitutes = true; + # ''; + }; + + + + networking = { + networkmanager.enable = true; + hostName = "dahlia"; + firewall.enable = false; + }; + + virtualisation.docker = { + enable = true; + rootless = { + enable = true; + setSocketVariable = true; + }; + }; + + system.stateVersion = "25.11"; +}
A
hosts/dahlia/hardware.nix
@@ -0,0 +1,59 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ehci_pci" + "ahci" + "usbhid" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # boot.initrd.kernelModules = [ "hid_generic" ]; + # boot.kernelParams =[ "usbhid.quirks=0x2f81:0x2608:0x0040" ]; # first try + # boot.kernelParams =[ "usbhid.quirks=0x2f81:0x2608:0x20000000" ]; # second try + + fileSystems."/" = { + device = "/dev/disk/by-uuid/efee3abd-63ef-4f13-ae33-7ab98149ffe3"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/E39C-35A3"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/0d40d7d9-32c0-4138-be3c-7c2f4394df66"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.docker0.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +}
A
hosts/dahlia/programs.nix
@@ -0,0 +1,30 @@
+{ pkgs, ... }: + +{ + programs = { + dconf.enable = true; + steam.enable = true; + }; + + programs.foot.enable = true; + + programs.nix-ld = { + enable = true; + package = pkgs.nix-ld; + }; + + programs.obs-studio = { + enable = true; + enableVirtualCamera = true; + + plugins = with pkgs.obs-studio-plugins; [ + wlrobs + obs-backgroundremoval + obs-pipewire-audio-capture + obs-vaapi + obs-gstreamer + obs-vkcapture + droidcam-obs + ]; + }; +}
A
hosts/dahlia/services.nix
@@ -0,0 +1,21 @@
+{ pkgs, ... }: + +{ + services = { + blueman.enable = true; + gvfs.enable = true; + desktopManager.gnome.enable = true; + + displayManager = { + sessionPackages = with pkgs; [ + sway + niri + ]; + gdm = { + enable = true; + wayland = true; + }; + }; + }; +} +
A
justfile
@@ -0,0 +1,17 @@
+_default: + @just --list --unsorted + +build HOST *args: + sudo nixos-rebuild build --flake .#{{ HOST }} {{ args }} + +switch HOST *args: + sudo nixos-rebuild switch --flake .#{{ HOST }} {{ args }} + +boot HOST *args: + sudo nixos-rebuild boot --flake .#{{ HOST }} {{ args }} + +update: + nix flake update + +check: + nix flake check
A
modules/desktop.nix
@@ -0,0 +1,70 @@
+{ + config, + lib, + pkgs, + ... +}: +let + cfg = config.mods.desktop; +in +{ + options.mods.desktop = { + enable = lib.mkEnableOption "desktop"; + }; + + config = lib.mkIf cfg.enable { + xdg = { + portal = { + enable = true; + wlr.enable = true; + xdgOpenUsePortal = true; + + extraPortals = with pkgs; [ + xdg-desktop-portal-gnome + xdg-desktop-portal-gtk + xdg-desktop-portal-wlr + ]; + config = { + common = { + "org.freedesktop.impl.portal.FileChooser" = [ "gnome" ]; + }; + niri = { + default = [ + "gnome" + "gtk" + ]; + "org.freedesktop.impl.portal.Access" = "gtk"; + "org.freedesktop.impl.portal.Notification" = "gtk"; + "org.freedesktop.impl.portal.Secret" = "gnome-keyring"; + "org.freedesktop.impl.portal.FileChooser" = "gnome"; + }; + }; + }; + }; + + services = { + flatpak.enable = true; + gnome.gnome-keyring.enable = true; + mpd.enable = true; + printing.enable = true; + }; + + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + wireplumber.enable = true; + jack.enable = true; + }; + + services.xserver = { + enable = true; + xkb = { + layout = "gb"; + variant = ""; + }; + }; + + }; +}