Created
May 21, 2021 11:58
-
-
Save ingenieroariel/acab25c16b13810905ba055b17c42237 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| inputs.nixpkgs.url = github:NixOS/nixpkgs/nixos-unstable; | |
| inputs.home-manager.url = github:nix-community/home-manager/0fa2b16a0714e35f472d17dc707ee130a269123f; | |
| inputs.home-manager.inputs.nixpkgs.follows = "/nixpkgs"; | |
| outputs = inputs: { | |
| nixosConfigurations.bang = inputs.nixpkgs.lib.nixosSystem { | |
| system = "x86_64-linux"; | |
| modules = [ | |
| inputs.nixpkgs.nixosModules.notDetected | |
| inputs.home-manager.nixosModules.home-manager | |
| ({ config, pkgs, ... }: | |
| { | |
| boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" ]; | |
| boot.initrd.kernelModules = [ ]; | |
| boot.kernelModules = [ "kvm-amd" "amdgpu" "snd-seq" "snd-rawmidi" ]; | |
| boot.extraModulePackages = [ ]; | |
| boot.kernel.sysctl = { "vm.swappiness" = 10; "fs.inotify.max_user_watches" = 524288; }; | |
| boot.kernelParams = [ | |
| "threadirq" | |
| "amd_iommu=pt" | |
| "iommu=soft" | |
| "radeon.si_support=0" | |
| "radeon.cik_support=0" | |
| "amdgpu.si_support=1" | |
| "amdgpu.cik_support=0" | |
| "amdgpu.modeset=1" | |
| "amdgpu.dc=1" | |
| "slub_debug=FZP" | |
| "page_poison=1" | |
| "page_alloc.shuffle=1" | |
| ]; | |
| boot.kernel.sysctl."kernel.yama.ptrace_scope" = 1; | |
| boot.kernel.sysctl."kernel.kptr_restrict" = 2; | |
| boot.kernel.sysctl."net.core.bpf_jit_enable" = false; | |
| boot.kernel.sysctl."kernel.ftrace_enabled" = false; | |
| boot.blacklistedKernelModules = [ | |
| # Obscure network protocols | |
| "ax25" | |
| "netrom" | |
| "rose" | |
| # Old or rare or insufficiently audited filesystems | |
| "adfs" | |
| "affs" | |
| "bfs" | |
| "befs" | |
| "cramfs" | |
| "efs" | |
| "erofs" | |
| "exofs" | |
| "freevxfs" | |
| "f2fs" | |
| "hfs" | |
| "hpfs" | |
| "jfs" | |
| "minix" | |
| "nilfs2" | |
| "ntfs" | |
| "omfs" | |
| "qnx4" | |
| "qnx6" | |
| "sysv" | |
| "ufs" | |
| ]; | |
| # Breaks nixos-rebuild swirtch | |
| #nix.allowedUsers = [ "@users" ]; | |
| # Breaks firefox startup | |
| #environment.memoryAllocator.provider = "scudo"; | |
| #environment.variables.SCUDO_OPTIONS = "ZeroContents=1"; | |
| security.hideProcessInformation = true; | |
| security.lockKernelModules = true; | |
| security.protectKernelImage = true; | |
| security.allowSimultaneousMultithreading = false; | |
| security.forcePageTableIsolation = true; | |
| security.unprivilegedUsernsClone = false; | |
| security.virtualisation.flushL1DataCache = "always"; | |
| boot.kernelPatches = [ { | |
| name = "realtime-config"; | |
| patch = null; | |
| structuredExtraConfig = '' | |
| CPU_FREQ n | |
| PREEMPT y | |
| PREEMPT_RT y | |
| PREEMPT_RT_FULL? y | |
| HPET_TIMER y | |
| LATENCYTOP y | |
| SCHEDSTATS y | |
| IOSCHED_DEADLINE y | |
| DEFAULT_DEADLINE y | |
| DEFAULT_IOSCHED "deadline" | |
| HPET_TIMER y | |
| TREE_RCU_TRACE n | |
| #IRQ_TIME_ACCOUNTING=y | |
| #HAVE_IRQ_TIME_ACCOUNTING=y | |
| ''; | |
| }]; | |
| boot.postBootCommands = '' | |
| echo 2048 > /sys/class/rtc/rtc0/max_user_freq | |
| echo 2048 > /proc/sys/dev/hpet/max-user-freq | |
| setpci -v -d *:* latency_timer=b0 | |
| setpci -v -s $00:1b.0 latency_timer=ff | |
| ''; | |
| security.pam.loginLimits = [ | |
| { domain = "@audio"; item = "memlock"; type = "-"; value = "unlimited"; } | |
| { domain = "@audio"; item = "rtprio"; type = "-"; value = "99"; } | |
| { domain = "@audio"; item = "nofile"; type = "soft"; value = "99999"; } | |
| { domain = "@audio"; item = "nofile"; type = "hard"; value = "99999"; } | |
| ]; | |
| # Use the systemd-boot EFI boot loader. | |
| boot.loader.systemd-boot.enable = true; | |
| boot.loader.efi.canTouchEfiVariables = true; | |
| boot.vesa = false; | |
| boot.tmpOnTmpfs = false; | |
| boot.cleanTmpDir = true; | |
| hardware.cpu.amd.updateMicrocode= true; | |
| hardware.enableRedistributableFirmware = true; | |
| fileSystems."/" = | |
| { device = "zroot/root/nixos"; | |
| fsType = "zfs"; | |
| }; | |
| fileSystems."/home" = | |
| { device = "zroot/root/home"; | |
| fsType = "zfs"; | |
| }; | |
| fileSystems."/tmp" = | |
| { device = "zroot/root/tmp"; | |
| fsType = "zfs"; | |
| }; | |
| fileSystems."/boot" = | |
| { device = "/dev/disk/by-uuid/A57D-89D3"; | |
| fsType = "vfat"; | |
| }; | |
| networking.hostName = "bang"; # Define your hostname. | |
| networking.hostId = "1238dcba"; | |
| time.timeZone = "America/Bogota"; | |
| networking.useDHCP = false; | |
| networking.interfaces.wlo1.useDHCP = true; | |
| networking.networkmanager.enable = true; | |
| environment.systemPackages = with pkgs; [ | |
| wget vim any-nix-shell htop tmux git docker nixFlakes | |
| lm_sensors krakenx ripgrep pciutils usbutils glxinfo | |
| firefox-wayland | |
| google-cloud-sdk | |
| unzip | |
| ffmpeg-full | |
| zoom-us | |
| reaper | |
| ]; | |
| home-manager.useGlobalPkgs = true; | |
| home-manager.useUserPackages = true; | |
| home-manager.users.x = { pkgs, ... }: { | |
| programs.git = { | |
| enable = true; | |
| userName = "Ariel Nunez"; | |
| userEmail = "[email protected]"; | |
| }; | |
| wayland.windowManager.sway = { | |
| enable = true; | |
| wrapperFeatures = { | |
| base = true; | |
| gtk = true; | |
| }; | |
| xwayland = false; | |
| config = rec { | |
| modifier = "Mod4"; | |
| terminal = "${pkgs.alacritty}/bin/alacritty"; | |
| output = { | |
| "Unknown 0x0819 0x00000000" = { | |
| mode = "[email protected]"; | |
| subpixel = "rgb"; | |
| scale = "1.0"; | |
| position = "0,1440"; | |
| }; | |
| "Samsung Electric Company SE790C HTRG800016" = { | |
| mode = "[email protected]"; | |
| subpixel = "rgb"; | |
| scale = "1.0"; | |
| adaptive_sync = "off"; | |
| position = "0,0"; | |
| }; | |
| "*" = { | |
| background = "#185373 solid_color"; | |
| }; | |
| }; | |
| keybindings = { | |
| "${modifier}+Return" = "exec ${terminal}"; | |
| "${modifier}+Shift+Return" = "exec ${pkgs.firefox-wayland}/bin/firefox"; | |
| "${modifier}+Shift+Backspace" = "exec ${pkgs.vscodium}/bin/codium"; | |
| "${modifier}+Shift+q" = "kill"; | |
| "${modifier}+Shift+c" = "reload"; | |
| "${modifier}+Delete" = "${pkgs.swaylock}/bin/swaylock -f -c '#000000'"; | |
| "${modifier}+Escape" = "exec ${pkgs.nwg-launchers}/bin.nwggrid"; | |
| "${modifier}+Ctrl+Alt+Delete" = "exit"; | |
| "Ctrl+q" = "exec echo"; # the most ridiculous firefox bug ever | |
| "${modifier}+Left" = "focus left"; | |
| "${modifier}+Down" = "focus down"; | |
| "${modifier}+Up" = "focus up"; | |
| "${modifier}+Right" = "focus right"; | |
| "${modifier}+Shift+Left" = "move left"; | |
| "${modifier}+Shift+Down" = "move down"; | |
| "${modifier}+Shift+Up" = "move up"; | |
| "${modifier}+Shift+Right" = "move right"; | |
| "${modifier}+Prior" = "workspace prev"; | |
| "${modifier}+Next" = "workspace next"; | |
| "${modifier}+b" = "splith"; | |
| "${modifier}+v" = "splitv"; | |
| "${modifier}+f" = "fullscreen toggle"; | |
| "${modifier}+a" = "focus parent"; | |
| "${modifier}+s" = "layout stacking"; | |
| "${modifier}+w" = "layout tabbed"; | |
| "${modifier}+e" = "layout toggle split"; | |
| "${modifier}+Shift+space" = "floating toggle"; | |
| "${modifier}+Shift+Alt+space" = "sticky toggle"; | |
| "${modifier}+space" = "focus mode_toggle"; | |
| "${modifier}+1" = "workspace number 1"; | |
| "${modifier}+2" = "workspace number 2"; | |
| "${modifier}+3" = "workspace number 3"; | |
| "${modifier}+4" = "workspace number 4"; | |
| "${modifier}+5" = "workspace number 5"; | |
| "${modifier}+6" = "workspace number 6"; | |
| "${modifier}+7" = "workspace number 7"; | |
| "${modifier}+8" = "workspace number 8"; | |
| "${modifier}+9" = "workspace number 9"; | |
| "${modifier}+0" = "workspace number 10"; | |
| "${modifier}+Shift+1" = "move container to workspace number 1"; | |
| "${modifier}+Shift+2" = "move container to workspace number 2"; | |
| "${modifier}+Shift+3" = "move container to workspace number 3"; | |
| "${modifier}+Shift+4" = "move container to workspace number 4"; | |
| "${modifier}+Shift+5" = "move container to workspace number 5"; | |
| "${modifier}+Shift+6" = "move container to workspace number 6"; | |
| "${modifier}+Shift+7" = "move container to workspace number 7"; | |
| "${modifier}+Shift+8" = "move container to workspace number 8"; | |
| "${modifier}+Shift+9" = "move container to workspace number 9"; | |
| "${modifier}+Shift+0" = "move container to workspace number 10"; | |
| "${modifier}+Shift+minus" = "move scratchpad"; | |
| "${modifier}+minus" = "scratchpad show"; | |
| "${modifier}+Ctrl+Alt+Home" = "output * enable"; | |
| "${modifier}+Ctrl+Alt+End" = "output -- disable"; | |
| "${modifier}+Print" = ''exec ${pkgs.grim}/bin/grim \"''${HOME}/screenshot-$(date '+%s').png\"''; | |
| "${modifier}+Shift+Print" = ''exec ${pkgs.grim}/bin/grim -g \"$(slurp)\" \"''${HOME}/screenshot-$(date '+%s').png\"''; | |
| "${modifier}+Ctrl+Alt+Up" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set +10"; | |
| "${modifier}+Ctrl+Alt+Down" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set 10-"; | |
| "${modifier}+Ctrl+Alt+Prior" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set +100"; | |
| "${modifier}+Ctrl+Alt+Next" = "exec ${pkgs.brightnessctl}/bin/brightnessctl set 100-"; | |
| "${modifier}+Ctrl+Alt+Left" = "exec ${pkgs.pulsemixer}/bin/pulsemixer --change-volume -2"; | |
| "${modifier}+Ctrl+Alt+Right" = "exec ${pkgs.pulsemixer}/bin/pulsemixer --change-volume +2"; | |
| } ; | |
| }; | |
| }; | |
| }; | |
| users.defaultUserShell = "/var/run/current-system/sw/bin/fish"; | |
| users.mutableUsers = false; | |
| users.users."root".initialHashedPassword = ""; | |
| users.users."root".hashedPassword = config.users.users."root".initialHashedPassword; | |
| users.users."x".hashedPassword = config.users.users."root".initialHashedPassword; | |
| boot.supportedFilesystems = [ "zfs" ]; | |
| boot.initrd.supportedFilesystems = [ "zfs" ]; | |
| boot.zfs.enableUnstable = true; | |
| services.zfs.autoScrub.enable = true; | |
| fonts = { | |
| #fontDir.enable = true; | |
| enableGhostscriptFonts = true; | |
| fonts = with pkgs; [ | |
| corefonts | |
| inconsolata | |
| terminus_font | |
| proggyfonts | |
| dejavu_fonts | |
| font-awesome-ttf | |
| ubuntu_font_family | |
| source-code-pro | |
| source-sans-pro | |
| source-serif-pro | |
| ]; | |
| }; | |
| users.users.x = { | |
| uid = 1000; | |
| createHome = true; | |
| description = "Anonymous"; | |
| extraGroups = [ "plugdev" "docker" "adbusers" "vboxusers" "x2go" "networkmanager" "audio" "jackaudio" ]; | |
| home = "/x"; | |
| isSystemUser = false; | |
| isNormalUser = true; | |
| useDefaultShell = true; | |
| }; | |
| users.groups.plugdev = {}; | |
| # (optional) fish shell for root and other users | |
| programs.zsh.enable = true; | |
| programs.ssh.startAgent = true; | |
| programs.light.enable = true; | |
| programs.fish.enable = true; | |
| programs.adb.enable = true; | |
| programs.fish.promptInit = '' | |
| any-nix-shell fish --info-right | source | |
| ''; | |
| programs.fish.interactiveShellInit = '' | |
| set fish_color_user --bold blue | |
| set fish_color_cwd --bold white | |
| set fish_greeting "" | |
| export NIX_REMOTE=daemon | |
| ''; | |
| services.udev.extraRules = '' | |
| # firmware 1.6.0+ | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl" | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="2b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl" | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="3b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl" | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="4b7c", MODE="0660", TAG+="uaccess", TAG+="udev-acl" | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1807", MODE="0660", TAG+="uaccess", TAG+="udev-acl" | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2581", ATTRS{idProduct}=="1808", MODE="0660", TAG+="uaccess", TAG+="udev-acl" | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0000", MODE="0660", TAG+="uaccess", TAG+="udev-acl" | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0001", MODE="0660", TAG+="uaccess", TAG+="udev-acl" | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="0004", MODE="0660", TAG+="uaccess", TAG+="udev-acl" | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="1011", MODE="0660", GROUP="plugdev" | |
| SUBSYSTEMS=="usb", ATTRS{idVendor}=="2c97", ATTRS{idProduct}=="1015", MODE="0660", GROUP="plugdev" | |
| '' | |
| ; | |
| swapDevices = [ ]; | |
| zramSwap.enable = true; | |
| nixpkgs.config = { | |
| allowUnfree = true; | |
| pulseaudio = true; | |
| }; | |
| nix.package = pkgs.nixFlakes; | |
| nix.extraOptions = '' | |
| keep-outputs = true | |
| keep-derivations = true | |
| builders-use-substitutes = true | |
| require-sigs = false | |
| trusted-users = x | |
| experimental-features = nix-command flakes ca-references | |
| ''; | |
| services.xserver = { | |
| enable = true; | |
| displayManager.sddm.enable = true; | |
| desktopManager.plasma5.enable = true; | |
| }; | |
| sound.enable = true; | |
| hardware.pulseaudio.enable = true; | |
| hardware.pulseaudio.package = pkgs.pulseaudioFull; | |
| system.stateVersion = "20.09"; | |
| hardware.opengl.enable = true; | |
| hardware.opengl.driSupport = true; | |
| hardware.opengl.extraPackages = with pkgs; [ vaapiVdpau libvdpau-va-gl amdvlk rocm-opencl-icd rocm-opencl-runtime ]; | |
| }) | |
| ]; | |
| }; | |
| }; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment