From 53ec6b75c1d878f9e0f71e83d05e69cb8d1b4b3f Mon Sep 17 00:00:00 2001 From: fruchti Date: Sun, 23 Mar 2025 09:53:24 +0100 Subject: [PATCH 1/7] Add KDE, Ernesto --- hosts/Ernesto.nix | 203 ++++++++++++++++++++++++++++++++++++++++++++++ hosts/kde.nix | 37 +++++++++ 2 files changed, 240 insertions(+) create mode 100644 hosts/Ernesto.nix create mode 100644 hosts/kde.nix diff --git a/hosts/Ernesto.nix b/hosts/Ernesto.nix new file mode 100644 index 0000000..82e65be --- /dev/null +++ b/hosts/Ernesto.nix @@ -0,0 +1,203 @@ +{ config, lib, pkgs, ... }: +{ + imports = [ + ./kde.nix + ./development.nix + ./printer.nix + # ./clamav.nix + ]; + + networking.hostName = "Ernesto"; + + boot.loader.systemd-boot = { + enable = true; + windows = { + "windows" = { + title = "Windows 10"; + efiDeviceHandle = "HD1d65535a3"; + sortKey = "a_windows"; + }; + }; + edk2-uefi-shell = { + enable = true; + sortKey = "z_edk2"; + }; + }; + boot.loader.efi.canTouchEfiVariables = true; + + hardware.bluetooth = { + enable = true; + settings = { + General = { + Enable = "Source,Sink,Media,Socket"; + # Bluetooth headsets don’t appear in PulseAudio without this, + # might be a pecularity of the dongle + ControllerMode = "bredr"; + }; + }; + }; + hardware.graphics.enable = true; + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.nvidia = { + powerManagement.enable = true; + open = false; + }; + + console.keyMap = "us"; + services.xserver.xkb.layout = "us-fruchti"; + i18n.defaultLocale = "de_DE.UTF-8"; + networking.networkmanager.enable = true; + services.avahi.enable = true; + networking.firewall.allowedTCPPorts = [ 22 ]; + + programs.gnupg.agent = { + enable = true; + # enableSSHSupport = true; + }; + + environment.systemPackages = with pkgs; [ + ntfsprogs + direnv nix-direnv + tmux zellij + helix + picocom + wget + texlive.combined.scheme-full + xsel + rsync + ranger nnn w3m + hexyl + git + gnupg + ripgrep + fd + ncdu + rink + htop + ncmpcpp + usbutils # lsusb etc. + dig + nmap + file + binwalk + ffmpeg + shellcheck + + wine + wineWowPackages.stable + winePackages.fonts + pavucontrol + xsensors + + kitty + kitty-themes + + firefox + ungoogled-chromium + thunderbird + + zathura + inkscape + vlc mpv a52dec + gthumb + gimp + darktable + tenacity + + openscad + freecad + solvespace + dune3d + + vscodium + marktext + tor-browser-bundle-bin + libreoffice-fresh + tdesktop + horizon-eda + kicad-small + pulseview + nextcloud-client + ]; + + services.burp.client = { + enable = true; + server = "rupert"; + includes = [ + "/etc/nixos" + "/home" + "/data" + "/windows/Users" + "/shared" + ]; + passwordFile = "/secrets/burp_client_password"; + sslKeyPasswordFile = "/secrets/burp_ssl_key_password"; + encryptionPasswordFile = "/secrets/burp_encryption_password"; + extraConfig = '' + working_dir_recovery_method = resume + max_resume_attempts = 5 + exclude_regex = /home/.*/\.cache + exclude_regex = /home/.*/\.mozilla + exclude_regex = /home/.*/\.local + exclude_regex = /home/.*/\.cargo + exclude_regex = /home/.*/\.texlive.* + exclude_regex = /home/.*/\.vscode.* + exclude_regex = sync_[0-9a-f]+\.db + exclude_regex = \.fuse_hidden.* + ''; + }; + + programs.steam = { + enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + localNetworkGameTransfers.openFirewall = true; + }; + + nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ + "steam" + "steam-original" + "steam-runtime" + "steam-run" + "steam-unwrapped" + "nvidia-x11" + "nvidia-settings" + ]; + + fileSystems = { + "/windows" = { + device = "/dev/disk/by-uuid/7692527592523A37"; + fsType = "ntfs"; + options = [ + "defaults" + "gid=1010" + "umask=002" + ]; + }; + "/data" = { + device = "/dev/disk/by-uuid/6b063b1a-8f80-430e-8ecb-83f1d4087e4c"; + fsType = "btrfs"; + }; + "/shared" = { + device = "/dev/disk/by-uuid/15D9B1070A5041E1"; + fsType = "ntfs"; + options = [ + "defaults" + "gid=1010" + "umask=002" + ]; + }; + }; + + users.extraGroups = { + windows = { + gid = 1010; + members = [ "fruchti" ]; + }; + }; + + services.earlyoom = { + enable = true; + enableNotifications = true; + }; +} diff --git a/hosts/kde.nix b/hosts/kde.nix new file mode 100644 index 0000000..4c33738 --- /dev/null +++ b/hosts/kde.nix @@ -0,0 +1,37 @@ +{ pkgs, ... }: +{ + services.displayManager = { + enable = true; + sddm.enable = true; + sddm.wayland.enable = true; + defaultSession = "plasma"; + # autoLogin = { + # user = "fruchti"; + # enable = true; + # }; + }; + + services.desktopManager.plasma6.enable = true; + + # Sound + # security.rtkit.enable = true; + # services.pipewire = { + # enable = true; + # alsa.enable = true; + # alsa.support32Bit = true; + # pulse.enable = true; + # }; + hardware.pulseaudio = { + enable = true; + package = pkgs.pulseaudioFull; + extraConfig = '' + load-module module-switch-on-connect + ''; + }; + services.pipewire.enable = false; + + environment.systemPackages = with pkgs; [ + libsForQt5.qt5ct + libsForQt5.qtstyleplugin-kvantum + ]; +} From 442e2898630c6d15b53580519bf50a518c2e4709 Mon Sep 17 00:00:00 2001 From: fruchti Date: Sat, 9 Aug 2025 16:18:46 +0200 Subject: [PATCH 2/7] Add udev rule for Tai-Action CMSIS-DAP link --- hosts/development.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hosts/development.nix b/hosts/development.nix index 52ca333..2652015 100644 --- a/hosts/development.nix +++ b/hosts/development.nix @@ -36,6 +36,9 @@ # WCH-LinkE SUBSYSTEMS=="usb", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="8010", MODE="0660", GROUP="plugdev" + # Tai-Action CMSIS-DAP Link + SUBSYSTEMS=="usb", ATTRS{idVendor}=="0d28", ATTRS{idProduct}=="0204", MODE="0660", GROUP="plugdev" + # Glasgow SUBSYSTEM=="usb", ATTRS{idVendor}=="20b7", ATTRS{idProduct}=="9db1", MODE="0660", GROUP="plugdev" From 8dc4f8eb53d333cce175308abf9269a2d68637bb Mon Sep 17 00:00:00 2001 From: fruchti Date: Sat, 9 Aug 2025 16:19:15 +0200 Subject: [PATCH 3/7] Ernesto: Install Signal, Ghidra --- hosts/Ernesto.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/Ernesto.nix b/hosts/Ernesto.nix index 82e65be..2e6f6e0 100644 --- a/hosts/Ernesto.nix +++ b/hosts/Ernesto.nix @@ -114,9 +114,11 @@ tor-browser-bundle-bin libreoffice-fresh tdesktop + signal-desktop horizon-eda kicad-small pulseview + ghidra nextcloud-client ]; From 27fb045023c9c138526cb6aa82286932c2b9dae5 Mon Sep 17 00:00:00 2001 From: fruchti Date: Sat, 9 Aug 2025 16:19:55 +0200 Subject: [PATCH 4/7] KDE: Enable auto-login --- hosts/kde.nix | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/hosts/kde.nix b/hosts/kde.nix index 4c33738..3031f9c 100644 --- a/hosts/kde.nix +++ b/hosts/kde.nix @@ -5,10 +5,14 @@ sddm.enable = true; sddm.wayland.enable = true; defaultSession = "plasma"; - # autoLogin = { - # user = "fruchti"; - # enable = true; - # }; + autoLogin = { + user = "fruchti"; + enable = true; + }; + }; + + security.pam.services.sddm = { + enableKwallet = true; }; services.desktopManager.plasma6.enable = true; From 08e5fc8d9dad1a3f68acb75b0ea5c5d114c31b33 Mon Sep 17 00:00:00 2001 From: fruchti Date: Sat, 9 Aug 2025 16:20:05 +0200 Subject: [PATCH 5/7] KDE: Fix pulseaudio option path --- hosts/kde.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/kde.nix b/hosts/kde.nix index 3031f9c..e96aa9d 100644 --- a/hosts/kde.nix +++ b/hosts/kde.nix @@ -25,7 +25,7 @@ # alsa.support32Bit = true; # pulse.enable = true; # }; - hardware.pulseaudio = { + services.pulseaudio = { enable = true; package = pkgs.pulseaudioFull; extraConfig = '' From 0b2db8a89fb862d8aad746a9bd863cafb36bac2f Mon Sep 17 00:00:00 2001 From: fruchti Date: Sat, 9 Aug 2025 16:20:35 +0200 Subject: [PATCH 6/7] KDE: Enable Wayland portals --- hosts/kde.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/hosts/kde.nix b/hosts/kde.nix index e96aa9d..5f3b362 100644 --- a/hosts/kde.nix +++ b/hosts/kde.nix @@ -34,6 +34,16 @@ }; services.pipewire.enable = false; + xdg = { + portal = { + enable = true; + extraPortals = with pkgs; [ + xdg-desktop-portal-wlr + xdg-desktop-portal-gtk + ]; + }; + }; + environment.systemPackages = with pkgs; [ libsForQt5.qt5ct libsForQt5.qtstyleplugin-kvantum From 266a40697cd7a1c7a791909de385b5bdd0b9db41 Mon Sep 17 00:00:00 2001 From: fruchti Date: Sat, 9 Aug 2025 16:20:49 +0200 Subject: [PATCH 7/7] KDE: Enable KDE Connect --- hosts/kde.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/kde.nix b/hosts/kde.nix index 5f3b362..2816a73 100644 --- a/hosts/kde.nix +++ b/hosts/kde.nix @@ -44,6 +44,8 @@ }; }; + programs.kdeconnect.enable = true; + environment.systemPackages = with pkgs; [ libsForQt5.qt5ct libsForQt5.qtstyleplugin-kvantum