diff --git a/README.md b/README.md index bd2e934..54589f0 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,7 @@ signing, as well as for SSH'ing around. Most relevant user apps daily drivers: -- neovim +- emacs - fish - kitty - qutebrowser diff --git a/flake.nix b/flake.nix index 213572a..98bbc8f 100644 --- a/flake.nix +++ b/flake.nix @@ -1,4 +1,3 @@ - { description = "Greg Burd's NixOS and Home Manager Configuration"; @@ -42,7 +41,6 @@ }; outputs = { self - , fh , nixpkgs , nix-formatter-pack , ... diff --git a/home-manager/_mixins/desktop/signal.nix b/home-manager/_mixins/desktop/signal.nix index 67ca2cd..476107e 100644 --- a/home-manager/_mixins/desktop/signal.nix +++ b/home-manager/_mixins/desktop/signal.nix @@ -1,3 +1,3 @@ -{ desktop, lib, pkgs, ... }: { +{ pkgs, ... }: { home.packages = [ pkgs.signal-desktop ]; } diff --git a/home-manager/_mixins/users/gburd/default.nix b/home-manager/_mixins/users/gburd/default.nix index c0ea30e..578bf5d 100644 --- a/home-manager/_mixins/users/gburd/default.nix +++ b/home-manager/_mixins/users/gburd/default.nix @@ -148,7 +148,7 @@ plocate ]; sessionVariables = { -# PAGER = "moar"; + # PAGER = "moar"; }; }; programs = { diff --git a/nixos/_mixins/desktop/pantheon.nix b/nixos/_mixins/desktop/pantheon.nix index 6c85845..18b4aed 100644 --- a/nixos/_mixins/desktop/pantheon.nix +++ b/nixos/_mixins/desktop/pantheon.nix @@ -3,7 +3,7 @@ { pkgs, ... }: { imports = [ ./qt-style.nix -# ../services/networkmanager.nix + # ../services/networkmanager.nix ]; # Exclude the elementary apps I don't use diff --git a/nixos/_mixins/hardware/gpu.nix b/nixos/_mixins/hardware/gpu.nix index 1aa67de..1b1d9be 100644 --- a/nixos/_mixins/hardware/gpu.nix +++ b/nixos/_mixins/hardware/gpu.nix @@ -1,16 +1,16 @@ -{ config, lib, pkgs, ...}: { +{ config, lib, pkgs, ... }: { environment.systemPackages = with pkgs; - [ - clinfo - libva-utils - python311Packages.gpustat - vdpauinfo - ] ++ (if lib.elem "nvidia" config.services.xserver.videoDrivers then - [ - nvtop - ] - else - [ - nvtop-amd - ]); + [ + clinfo + libva-utils + python311Packages.gpustat + vdpauinfo + ] ++ (if lib.elem "nvidia" config.services.xserver.videoDrivers then + [ + nvtop + ] + else + [ + nvtop-amd + ]); } diff --git a/nixos/_mixins/optin-persistence.nix b/nixos/_mixins/optin-persistence.nix index 2a81136..96576d7 100644 --- a/nixos/_mixins/optin-persistence.nix +++ b/nixos/_mixins/optin-persistence.nix @@ -1,3 +1,9 @@ +# https://nixos.wiki/wiki/Impermanence +# +# https://nixos.wiki/wiki/Impermanence +# https://grahamc.com/blog/erase-your-darlings/ +# https://lantian.pub/en/article/modify-computer/nixos-impermanence.lantian/ +# # This file defines the "non-hardware dependent" part of opt-in persistence # It imports impermanence, defines the basic persisted dirs, and ensures each # users' home persist dir exists and has the right permissions @@ -11,9 +17,10 @@ environment.persistence = { "/persist" = { directories = [ + "/var/lib/containers" "/var/lib/systemd" "/var/lib/nixos" -# "/var/log" + # "/var/log" "/srv" ]; }; diff --git a/nixos/_mixins/users/gburd/default.nix b/nixos/_mixins/users/gburd/default.nix index fe933bd..4b4a7ee 100644 --- a/nixos/_mixins/users/gburd/default.nix +++ b/nixos/_mixins/users/gburd/default.nix @@ -76,9 +76,8 @@ in homeMode = "0755"; isNormalUser = true; - # TODO hashedPassword = "$6$RDOZHdTwt.BuOR4C$fYDkyb3yppbgX0ewPbsKabS2u9W.wyrRJONQPtugrO/gBJCzsWkfVIVYOAj07Qar1yqeYJBlBkYSFAgGe5ssw."; - #hashedPasswordFile = config.sops.secrets.gburd-password.path; + # TODO: hashedPasswordFile = config.sops.secrets.gburd-password.path; openssh.authorizedKeys.keys = [ (builtins.readFile ../../../../home-manager/_mixins/users/gburd/ssh.pub) (builtins.readFile ../../../../home-manager/_mixins/users/gburd/symas-ssh.pub) diff --git a/nixos/_mixins/virt/default.nix b/nixos/_mixins/virt/default.nix index 414515c..28f2890 100644 --- a/nixos/_mixins/virt/default.nix +++ b/nixos/_mixins/virt/default.nix @@ -1,25 +1,24 @@ { config, desktop, lib, pkgs, ... }: { - #https://nixos.wiki/wiki/Podman environment.systemPackages = with pkgs; [ - unstable.distrobox fuse-overlayfs - podman-compose - podman-tui ] ++ lib.optionals (desktop != null) [ - unstable.pods unstable.quickemu + unstable.quickgui xorg.xhost ]; virtualisation = { - podman = { - defaultNetwork.settings = { - dns_enabled = true; + containers.enable = true; + containers.storage.settings = { + storage = { + driver = "overlay"; + runroot = "/run/containers/storage"; + graphroot = "/var/lib/containers/storage"; + rootless_storage_path = "/tmp/containers-$USER"; + options.overlay.mountopt = "nodev,metacopy=on,acltype=posixacl"; }; - dockerCompat = true; - dockerSocket.enable = true; - enable = true; - enableNvidia = lib.elem "nvidia" config.services.xserver.videoDrivers; }; + docker.storageDriver = "btrfs"; }; + } diff --git a/nixos/_mixins/virt/docker.nix b/nixos/_mixins/virt/docker.nix new file mode 100644 index 0000000..d15a4d3 --- /dev/null +++ b/nixos/_mixins/virt/docker.nix @@ -0,0 +1,14 @@ +{ pkgs, lib, config, ... }: { + + # https://nixos.wiki/wiki/Docker + environment.systemPackages = with pkgs; [ docker-compose ]; + + virtualisation.docker = { + enable = true; + rootless = { + enable = true; + setSocketVariable = true; + }; + }; + +} diff --git a/nixos/_mixins/virt/podman.nix b/nixos/_mixins/virt/podman.nix new file mode 100644 index 0000000..0fe2c76 --- /dev/null +++ b/nixos/_mixins/virt/podman.nix @@ -0,0 +1,34 @@ +{ config, desktop, lib, pkgs, ... }: +let + dockerEnabled = config.virtualisation.docker.enable; +in +{ + + # https://nixos.wiki/wiki/Podman + environment.systemPackages = with pkgs; [ + unstable.distrobox + podman-compose + podman-tui + ] ++ lib.optionals (desktop != null) [ + unstable.pods + podman-desktop + ]; + + virtualisation.podman = { + enable = true; + dockerCompat = !dockerEnabled; + dockerSocket.enable = !dockerEnabled; + defaultNetwork.settings.dns_enabled = true; + enableNvidia = lib.elem "nvidia" config.services.xserver.videoDrivers; + }; + + virtualisation.oci-containers.backend = lib.mkIf (!dockerEnabled) "podman"; + + environment.extraInit = lib.mkIf (!dockerEnabled) + '' + if [ -z "$DOCKER_HOST" -a -n "$XDG_RUNTIME_DIR" ]; then + export DOCKER_HOST="unix://$XDG_RUNTIME_DIR/podman/podman.sock" + fi + ''; + +} diff --git a/nixos/floki/default.nix b/nixos/floki/default.nix index 9589a05..3eebe1e 100644 --- a/nixos/floki/default.nix +++ b/nixos/floki/default.nix @@ -12,9 +12,8 @@ ../_mixins/services/bluetooth.nix ../_mixins/services/pipewire.nix ../_mixins/virt - - # ../_mixins/global - # ../_mixins/users/gburd + ../_mixins/virt/docker.nix + ../_mixins/virt/podman.nix ]; boot = { diff --git a/shells/code-format/flake.nix b/shells/code-format/flake.nix index 58094e5..a832779 100644 --- a/shells/code-format/flake.nix +++ b/shells/code-format/flake.nix @@ -7,8 +7,7 @@ }; outputs = - { self - , nixpkgs + { nixpkgs , flake-utils }: diff --git a/shells/gpu/flake.nix b/shells/gpu/flake.nix index 9583f16..f4e0f0a 100644 --- a/shells/gpu/flake.nix +++ b/shells/gpu/flake.nix @@ -7,8 +7,7 @@ }; outputs = - { self - , nixpkgs + { nixpkgs , flake-utils }: diff --git a/shells/network/flake.nix b/shells/network/flake.nix index 140086c..f36f7d8 100644 --- a/shells/network/flake.nix +++ b/shells/network/flake.nix @@ -7,8 +7,7 @@ }; outputs = - { self - , nixpkgs + { nixpkgs , flake-utils }: