amaury_joly/nix-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

reformat

Browse Source
This commit is contained in:
Amaury JOLY
2026-04-02 14:10:16 +02:00
parent 6c9ba6ea88
commit 6105c58cda
23 changed files with 230 additions and 233 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
config.nix
View File

@@ -1,7 +1,6 @@
# Central Configuration
# Define user-specific and system-specific values here
# This file should be imported in flake.nix as specialArgs
{
# User configuration
username = "alice";

7
configuration-vmgaming.nix
View File

@@ -1,6 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
imports = [
./hosts/vmgaming/configuration.nix

6
configuration.nix
View File

@@ -1,6 +1,8 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
imports = [
# Hardware configuration
./hosts/laptop/configuration.nix

66
flake.lock generated
View File

@@ -1,28 +1,5 @@
{
"nodes": {
"claude-desktop": {
"inputs": {
"flake-utils": [
"flake-utils"
],
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1764098187,
"narHash": "sha256-H6JjWXhKqxZ8QLMoqndZx9e5x0Sv5AiipSmqvIxIbgo=",
"owner": "k3d3",
"repo": "claude-desktop-linux-flake",
"rev": "b2b040cb68231d2118906507d9cc8fd181ca6308",
"type": "github"
},
"original": {
"owner": "k3d3",
"repo": "claude-desktop-linux-flake",
"type": "github"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
@@ -32,11 +9,11 @@
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1773646590,
"narHash": "sha256-qwnecNC3DB0hSu6MvU27xh/Mg9uPbmmg7d1wBOtO7ds=",
"lastModified": 1774857716,
"narHash": "sha256-z05BKQ6F9/6H2/ecIYEXuq54JCUEiOpdYXTQIijB/wM=",
"owner": "nix-community",
"repo": "fenix",
"rev": "350a4df2afc34c1ae115173e0509cec7067a06c9",
"rev": "9ad9c53e902485e006c07ae54a7dd4ad55a8c4d8",
"type": "github"
},
"original": {
@@ -88,11 +65,11 @@
]
},
"locked": {
"lastModified": 1774007980,
"narHash": "sha256-FOnZjElEI8pqqCvB6K/1JRHTE8o4rer8driivTpq2uo=",
"lastModified": 1775104157,
"narHash": "sha256-rm/7k0D2J9SP30pyZ2C1HqarDncZDN6KAUI0gzgg4TA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "9670de2921812bc4e0452f6e3efd8c859696c183",
"rev": "41e6e2ab37763c09db4e639033392cf40900440a",
"type": "github"
},
"original": {
@@ -125,11 +102,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1773821835,
"narHash": "sha256-TJ3lSQtW0E2JrznGVm8hOQGVpXjJyXY2guAxku2O9A4=",
"lastModified": 1775036866,
"narHash": "sha256-ZojAnPuCdy657PbTq5V0Y+AHKhZAIwSIT2cb8UgAz/U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b40629efe5d6ec48dd1efba650c797ddbd39ace0",
"rev": "6201e203d09599479a3b3450ed24fa81537ebc4e",
"type": "github"
},
"original": {
@@ -164,11 +141,11 @@
"poetry2nix": "poetry2nix"
},
"locked": {
"lastModified": 1773927313,
"narHash": "sha256-2XjQPMd79Z5hOS67rjCuDyiIW4I7XpBe/7yYRSyhA8k=",
"lastModified": 1774890105,
"narHash": "sha256-nrbMvz/M3Yidq9oag9A4E2yctUn+S07GN2zf1JLsRA0=",
"owner": "FirelightFlagboy",
"repo": "parsec-cloud-nix",
"rev": "b45bbf594b3031583c5b2c9609f6c5ebdc4df903",
"rev": "7f1f18378e63ad82d138c756a75e721d08d9a6a2",
"type": "github"
},
"original": {
@@ -204,7 +181,6 @@
},
"root": {
"inputs": {
"claude-desktop": "claude-desktop",
"flake-utils": "flake-utils",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
@@ -216,11 +192,11 @@
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1773543526,
"narHash": "sha256-CKmkYqUi2pI1uDGDfpK0mkZbRLyjUKCpYDU3eMHtmks=",
"lastModified": 1774787924,
"narHash": "sha256-Cbpmf0+1pqi/zbpub2vkp5lTPx3QdVtDkkagDwQzHHg=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "90c8906e6443e7cee18cece9c2621a8b1c10794c",
"rev": "f1297b21119565c626320c1ffc248965fffb2527",
"type": "github"
},
"original": {
@@ -237,11 +213,11 @@
]
},
"locked": {
"lastModified": 1773889674,
"narHash": "sha256-+ycaiVAk3MEshJTg35cBTUa0MizGiS+bgpYw/f8ohkg=",
"lastModified": 1774910634,
"narHash": "sha256-B+rZDPyktGEjOMt8PcHKYmgmKoF+GaNAFJhguktXAo0=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "29b6519f3e0780452bca0ac0be4584f04ac16cc5",
"rev": "19bf3d8678fbbfbc173beaa0b5b37d37938db301",
"type": "github"
},
"original": {
@@ -322,11 +298,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1773655023,
"narHash": "sha256-89jAxVhDIm6nFTBX3eM53NjLm36egOXYJGoPDogN4iE=",
"lastModified": 1774885989,
"narHash": "sha256-BhBjT/jts56x+6GArrYHhGzg4TM7et+wAKknvJvGfK0=",
"owner": "netbrain",
"repo": "zwift",
"rev": "a015de248bac88a3eec734b6565a86e10214a486",
"rev": "2ed245f8f481e60709f9aa719e246ab5d61facd2",
"type": "github"
},
"original": {

37
flake.nix
View File

@@ -14,46 +14,46 @@
inputs.nixpkgs.follows = "nixpkgs";
};
claude-desktop = {
url = "github:k3d3/claude-desktop-linux-flake";
inputs.nixpkgs.follows = "nixpkgs";
inputs.flake-utils.follows = "flake-utils";
};
zwift.url = "github:netbrain/zwift";
};
outputs = { self, nixpkgs, sops-nix, home-manager, zwift, flake-utils, parsec-cloud-nix, claude-desktop, ... }:
let
outputs = {
self,
nixpkgs,
sops-nix,
home-manager,
zwift,
flake-utils,
parsec-cloud-nix,
...
}: let
customConfig = import ./config.nix;
in
flake-utils.lib.eachDefaultSystem (system:
let
flake-utils.lib.eachDefaultSystem (system: let
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
};
in {
}) //
{
})
// {
nixosConfigurations.laptop = nixpkgs.lib.nixosSystem {
modules = [
sops-nix.nixosModules.sops
home-manager.nixosModules.home-manager
zwift.nixosModules.zwift
./configuration.nix
({ pkgs, lib, ...}:
{
environment.systemPackages = with pkgs; [
claude-desktop.packages.${pkgs.stdenv.hostPlatform.system}.claude-desktop-with-fhs
];
({
pkgs,
lib,
...
}: {
})
];
specialArgs = {
inherit customConfig;
parsec-cloud-nix = parsec-cloud-nix;
claude-desktop = claude-desktop;
};
};
@@ -65,7 +65,6 @@
specialArgs = {
inherit customConfig;
parsec-cloud-nix = parsec-cloud-nix;
claude-desktop = claude-desktop;
};
};
};

26
hosts/laptop/configuration.nix
View File

@@ -1,11 +1,15 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "usbhid" "sd_mod"];
@@ -13,19 +17,19 @@
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/e9209e4f-94b4-45ef-bed6-9435c96ee864";
fileSystems."/" = {
device = "/dev/disk/by-uuid/e9209e4f-94b4-45ef-bed6-9435c96ee864";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/E59B-B8FC";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/E59B-B8FC";
fsType = "vfat";
options = ["fmask=0077" "dmask=0077"];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/e8cd6918-bc63-4d24-b8eb-6a1170844a80"; }
swapDevices = [
{device = "/dev/disk/by-uuid/e8cd6918-bc63-4d24-b8eb-6a1170844a80";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@@ -33,8 +37,6 @@
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

7
hosts/vmgaming/configuration.nix
View File

@@ -1,8 +1,11 @@
# Do not modify this file directly on every rebuild. It should contain host
# specific hardware/VM configuration for VMGaming (Proxmox guest).
{ config, lib, modulesPath, ... }:
{
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];

7
modules/laptop/bluetooth.nix
View File

@@ -1,10 +1,11 @@
# Module: Bluetooth Configuration
# Description: Enables Bluetooth with dual controller mode and experimental features
# Services: bluetooth, blueman (GUI manager)
{ config, lib, ... }:
{
config,
lib,
...
}: {
options.custom.bluetooth = {
enable = lib.mkEnableOption "Bluetooth support with blueman GUI";

8
modules/laptop/default.nix
View File

@@ -3,13 +3,9 @@
# Services: sops-nix
# Dependencies: sops-nix for secrets management
# Note: Other laptop features (gaming, virtualization, etc.) are in separate modules
{ customConfig, ... }:
let
{customConfig, ...}: let
userHome = "/home/${customConfig.username}";
in
{
in {
sops.validateSopsFiles = false;
sops.age.keyFile = "${userHome}/.config/sops/age/keys.txt";

4
modules/laptop/fingerprint.nix
View File

@@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
services.fprintd.enable = true;
services.fprintd.tod.enable = true;
services.fprintd.tod.driver = pkgs.libfprint-2-tod1-goodix-550a;

8
modules/laptop/gaming.nix
View File

@@ -1,10 +1,12 @@
# Module: Gaming Support
# Description: Enables Steam and gamepad drivers (xpadneo for Xbox controllers)
# Services: Steam, steam-hardware
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
options.custom.gaming = {
enable = lib.mkEnableOption "gaming support (Steam, gamepad drivers)";

11
modules/laptop/home-manager.nix
View File

@@ -1,6 +1,8 @@
{ lib, customConfig, ... }:
let
{
lib,
customConfig,
...
}: let
username = customConfig.username;
dotconfigPath = ../../dotconfig;
dotconfigEntries = lib.filterAttrs (name: _: !(lib.hasPrefix "." name)) (builtins.readDir dotconfigPath);
@@ -15,8 +17,7 @@ let
recursive = true;
}
);
in
{
in {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.backupFileExtension = "hm-backup";

7
modules/laptop/power.nix
View File

@@ -1,10 +1,11 @@
# Module: Power Management
# Description: CPU frequency governor and power management settings
# Services: powerManagement
{ config, lib, ... }:
{
config,
lib,
...
}: {
options.custom.power = {
enable = lib.mkEnableOption "power management configuration";

10
modules/laptop/printing.nix
View File

@@ -1,10 +1,11 @@
# Module: Printing Configuration
# Description: CUPS printing service with configured printers
# Services: printing (CUPS)
{ config, lib, ... }:
{
config,
lib,
...
}: {
options.custom.printing = {
enable = lib.mkEnableOption "printing support (CUPS)";
@@ -26,7 +27,8 @@
hardware.printers = lib.mkIf (config.custom.printing.printers != []) {
ensurePrinters = config.custom.printing.printers;
ensureDefaultPrinter = lib.mkIf (config.custom.printing.defaultPrinter != null)
ensureDefaultPrinter =
lib.mkIf (config.custom.printing.defaultPrinter != null)
config.custom.printing.defaultPrinter;
};
};

11
modules/laptop/users.nix
View File

@@ -2,10 +2,11 @@
# Description: Defines the main user 'alice' with groups, permissions, and user packages
# Packages: Browsers (Firefox), Office (LibreOffice), Development (VSCode, Git),
# Media (VLC, Spotify), Communication (Slack, Thunderbird), and more
{ pkgs, customConfig, ... }:
{
pkgs,
customConfig,
...
}: {
users.users."${customConfig.username}" = {
isNormalUser = true;
home = "/home/${customConfig.username}";
@@ -30,6 +31,8 @@
tcpdump
pandoc
libsecret
nixd
alejandra
# Communication
slack
@@ -44,7 +47,7 @@
# Gaming & Entertainment
prismlauncher # Minecraft launcher
widelands # Strategy game
# widelands # Strategy game
wasistlos # Game
moonlight-qt # Game streaming

9
modules/laptop/virtualization.nix
View File

@@ -1,10 +1,13 @@
# Module: Virtualization
# Description: Docker and VirtualBox virtualization support
# Services: Docker daemon, VirtualBox
{ config, lib, pkgs, customConfig, ... }:
{
config,
lib,
pkgs,
customConfig,
...
}: {
options.custom.virtualization = {
docker = {
enable = lib.mkEnableOption "Docker container runtime";

9
modules/laptop/zwift.nix
View File

@@ -2,10 +2,13 @@
# Description: Configures Zwift cycling simulator via Docker with proper networking
# Services: Zwift Docker container
# Ports: UDP 3022, 3024 / TCP 21587, 21588
{ config, lib, pkgs, customConfig, ... }:
{
config,
lib,
pkgs,
customConfig,
...
}: {
options.custom.zwift = {
enable = lib.mkEnableOption "Zwift cycling simulator";
};

7
modules/nixos/base.nix
View File

@@ -2,10 +2,11 @@
# Description: Core NixOS configuration with Nix settings, base packages, fonts,
# localization (FR), Fish shell, and security (GPG)
# Services: gvfs, udisks2, gnupg-agent
{ pkgs, customConfig, ... }:
{
pkgs,
customConfig,
...
}: {
nix.settings = {
experimental-features = ["nix-command" "flakes"];
substituters = [

8
modules/nixos/desktop-i3.nix
View File

@@ -2,17 +2,13 @@
# Description: Enables X11 with i3 window manager and associated desktop tools
# Services: xserver with i3
# Packages: alacritty (terminal), tint2 (panel), rofi (launcher), i3lock, dunst
{ pkgs, ... }:
let
{pkgs, ...}: let
updatescreen = pkgs.writeShellScript "updatescreens.sh" ''
#!/bin/sh
i3-msg restart
feh --bg-fill --no-xinerama Downloads/fire1.png
'';
in
{
in {
services.xserver.enable = true;
services.xserver.windowManager.i3.enable = true;
services.xserver.autorun = true;

25
modules/nixos/net.nix
View File

@@ -3,10 +3,13 @@
# configuration via wpa_supplicant, and hostname settings
# Services: dnscrypt-proxy (primary + backup), wpa_supplicant
# Security: WiFi credentials stored via sops-nix secrets
{ config, lib, pkgs, customConfig, ... }:
let
{
config,
lib,
pkgs,
customConfig,
...
}: let
backupToml = pkgs.writeText "dnscrypt-proxy-backup.toml" ''
listen_addresses = ["127.0.0.2:53"]
server_names = ["dns0-eu"]
@@ -19,9 +22,7 @@ let
'';
userHome = "/home/${customConfig.username}";
in
{
in {
networking.nftables.enable = true;
networking.firewall = {
enable = true;
@@ -54,8 +55,14 @@ in
# networking.wireless.networks = { ... };
networking.interfaces.lo.ipv4.addresses = [
{ address = "127.0.0.1"; prefixLength = 8; }
{ address = "127.0.0.2"; prefixLength = 8; }
{
address = "127.0.0.1";
prefixLength = 8;
}
{
address = "127.0.0.2";
prefixLength = 8;
}
];
networking.nameservers = ["127.0.0.1" "127.0.0.2"];

12
modules/nixos/parsec.nix
View File

@@ -2,10 +2,11 @@
# Description: Installs Parsec Cloud client (v3) with CLI and GUI
# Dependencies: parsec-cloud-nix flake input
# Note: Requires increased Node.js heap size during build (workaround)
{ pkgs, parsec-cloud-nix, ... }:
let
{
pkgs,
parsec-cloud-nix,
...
}: let
pc = parsec-cloud-nix.packages.${pkgs.stdenv.hostPlatform.system};
# WORKAROUND: Parsec build runs out of memory without increased heap size
@@ -19,8 +20,7 @@ let
};
parsecCli = pc.parsec-cloud.v3.cli;
in
{
in {
environment.systemPackages = [
parsecClientPatched
parsecCli

8
modules/nixos/wireless-networks.nix
View File

@@ -3,10 +3,12 @@
# Security: Network names, SSIDs, and all configuration stored in encrypted secrets
# Files: ~/.config/secrets/wifi-networks.yaml (encrypted with sops)
# Note: The actual networks are loaded at runtime from the encrypted file
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}: {
# WiFi networks are loaded from encrypted file at runtime
# The file is in wpa_supplicant.conf format and gets included by wpa_supplicant
# This approach keeps network names and configuration completely private

5
modules/nixos/yubikey.nix
View File

@@ -1,9 +1,6 @@
# Module: YubiKey Authentication
# Description: Enables YubiKey-based PAM auth for login and sudo across systems
{ pkgs, ... }:
{
{pkgs, ...}: {
security.pam.services = {
login.u2fAuth = true;
sudo.u2fAuth = true;