s0me1newithhand7s/reNixos
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

treewide: upstreaming changes

Browse source 
Signed-off-by: s0me1newithhand7s <117505144+s0me1newithhand7s@users.noreply.github.com>
This commit is contained in:
s0me1newithhand7s 2025-10-24 20:48:35 +03:00
parent d159232b37
commit e4e1b03c7e
No known key found for this signature in database
160 changed files with 3408 additions and 5474 deletions
Download patch file Download diff file Expand all files Collapse all files

8
s0mePC-nix/boot/initrd.nix
View file

@ -9,6 +9,7 @@
"usb_storage"
"sd_mod"
"btrfs"
"amneziawg"
"cryptd"
];
@ -20,18 +21,23 @@
kernelModules = [
"amdgpu"
"zenpower"
"amneziawg"
];
luks = {
devices = {
cryptroot = {
device = "nvme-KINGSTON_SKC3000S_1024G_AA000000000000000013-part2";
device = "/dev/disk/by-id/nvme-KINGSTON_SKC3000S_1024G_AA000000000000000013-part2";
};
};
};
systemd = {
enable = true;
network = {
enable = true;
};
};
verbose = false;

4
s0mePC-nix/boot/kernel.nix
View file

@ -1,5 +1,6 @@
{
config,
pkgs,
lib,
...
}: {
@ -20,15 +21,18 @@
extraModulePackages = with config.boot.kernelPackages; [
zenpower
v4l2loopback
amneziawg
];
kernelModules = [
"amdgpu"
"zenpower"
"v4l2loopback"
"amneziawg"
];
kernelParams = [
"video=DP-1:2560x1440@165"
"amd_pstate=guided"
"udev.log_priority=3"
"quiet"

4
s0mePC-nix/boot/loader/systemd-boot.nix
View file

@ -1,8 +1,8 @@
{lib, ...}: {
{...}: {
boot = {
loader = {
systemd-boot = {
enable = lib.mkDefault false;
enable = false;
sortKey = "nixos";
memtest86 = {
enable = true;

163
s0mePC-nix/default.nix
View file

@ -1,81 +1,86 @@
{
{self, ...}: {
imports = [
./boot/initrd.nix
./boot/kernel.nix
./boot/lanzaboote.nix
./boot/plymouth.nix
./boot/tmp.nix
./boot/loader/systemd-boot.nix
./boot/zfs.nix
"${self}/s0mePC-nix/boot/initrd.nix"
"${self}/s0mePC-nix/boot/kernel.nix"
"${self}/s0mePC-nix/boot/lanzaboote.nix"
"${self}/s0mePC-nix/boot/plymouth.nix"
"${self}/s0mePC-nix/boot/tmp.nix"
"${self}/s0mePC-nix/boot/loader/systemd-boot.nix"
"${self}/s0mePC-nix/boot/zfs.nix"
./console/console.nix
"${self}/s0mePC-nix/disko/disk.nix"
"${self}/s0mePC-nix/disko/lvm_vg.nix"
./environment/systemPackages.nix
./environment/variables.nix
"${self}/s0mePC-nix/console/console.nix"
./hardware/amdgpu.nix
./hardware/cpu.nix
./hardware/graphics.nix
./hardware/openrazer.nix
./hardware/qmk.nix
./hardware/zram.nix
"${self}/s0mePC-nix/environment/systemPackages.nix"
"${self}/s0mePC-nix/environment/variables.nix"
./home-manager/users.nix
"${self}/s0mePC-nix/hardware/amdgpu.nix"
"${self}/s0mePC-nix/hardware/cpu.nix"
"${self}/s0mePC-nix/hardware/graphics.nix"
"${self}/s0mePC-nix/hardware/openrazer.nix"
"${self}/s0mePC-nix/hardware/qmk.nix"
"${self}/s0mePC-nix/hardware/zram.nix"
./i18n/locales.nix
"${self}/s0mePC-nix/home-manager/users.nix"
./networking/dhcp.nix
./networking/firewall.nix
./networking/hostname.nix
./networking/networkmanager.nix
./networking/wireguard.nix
./networking/nameservers.nix
./networking/hosts.nix
./networking/hostId.nix
"${self}/s0mePC-nix/i18n/locales.nix"
./nix/package.nix
./nix/settings/allowed-users.nix
./nix/settings/experimental-features.nix
./nix/settings/substituters.nix
./nix/settings/trusted-public-keys.nix
./nix/settings/trusted-users.nix
./nix/settings/auto-optimise-store.nix
./nix/settings/trusted-substituters.nix
"${self}/s0mePC-nix/networking/dhcp.nix"
"${self}/s0mePC-nix/networking/firewall.nix"
"${self}/s0mePC-nix/networking/hostname.nix"
"${self}/s0mePC-nix/networking/networkmanager.nix"
"${self}/s0mePC-nix/networking/wireguard.nix"
"${self}/s0mePC-nix/networking/nameservers.nix"
"${self}/s0mePC-nix/networking/hosts.nix"
"${self}/s0mePC-nix/networking/hostId.nix"
./nixpkgs/config.nix
./nixpkgs/system.nix
"${self}/s0mePC-nix/nix/package.nix"
"${self}/s0mePC-nix/nix/settings/allowed-users.nix"
"${self}/s0mePC-nix/nix/settings/experimental-features.nix"
"${self}/s0mePC-nix/nix/settings/substituters.nix"
"${self}/s0mePC-nix/nix/settings/trusted-public-keys.nix"
"${self}/s0mePC-nix/nix/settings/trusted-substituters.nix"
"${self}/s0mePC-nix/nix/settings/trusted-users.nix"
"${self}/s0mePC-nix/nix/settings/auto-optimise-store.nix"
./programs/gamescope.nix
./programs/gamemode.nix
./programs/nh.nix
./programs/steam.nix
./programs/ssh.nix
./programs/yubikey-touch-detector.nix
"${self}/s0mePC-nix/nixpkgs/config.nix"
"${self}/s0mePC-nix/nixpkgs/system.nix"
./security/polkit.nix
./security/rtkit.nix
./security/sudo.nix
./security/sudo-rs.nix
"${self}/s0mePC-nix/programs/gamescope.nix"
"${self}/s0mePC-nix/programs/gamemode.nix"
"${self}/s0mePC-nix/programs/nh.nix"
"${self}/s0mePC-nix/programs/steam.nix"
"${self}/s0mePC-nix/programs/ssh.nix"
"${self}/s0mePC-nix/programs/yubikey-touch-detector.nix"
"${self}/s0mePC-nix/programs/nekoray.nix"
./services/greetd.nix
./services/libinput.nix
./services/openssh.nix
./services/pipewire.nix
./services/netbird.nix
./services/qmk.nix
./services/scx.nix
./services/xserver.nix
./services/zapret.nix
./services/zerotier.nix
./services/yggdrasil.nix
./services/sunshine.nix
./services/usbmuxd.nix
./services/irqbalance.nix
./services/yubikey-agent.nix
./services/resolved.nix
"${self}/s0mePC-nix/security/polkit.nix"
"${self}/s0mePC-nix/security/rtkit.nix"
"${self}/s0mePC-nix/security/sudo.nix"
"${self}/s0mePC-nix/security/sudo-rs.nix"
"${self}/s0mePC-nix/security/pam/yubico.nix"
./sops/defaults.nix
./sops/secrets.nix
"${self}/s0mePC-nix/services/greetd.nix"
"${self}/s0mePC-nix/services/libinput.nix"
"${self}/s0mePC-nix/services/openssh.nix"
"${self}/s0mePC-nix/services/pipewire.nix"
"${self}/s0mePC-nix/services/netbird.nix"
"${self}/s0mePC-nix/services/qmk.nix"
"${self}/s0mePC-nix/services/scx.nix"
"${self}/s0mePC-nix/services/xserver.nix"
"${self}/s0mePC-nix/services/zapret.nix"
"${self}/s0mePC-nix/services/zerotier.nix"
"${self}/s0mePC-nix/services/yggdrasil.nix"
"${self}/s0mePC-nix/services/sunshine.nix"
"${self}/s0mePC-nix/services/usbmuxd.nix"
"${self}/s0mePC-nix/services/irqbalance.nix"
"${self}/s0mePC-nix/services/yubikey-agent.nix"
"${self}/s0mePC-nix/services/resolved.nix"
"${self}/s0mePC-nix/sops/defaults.nix"
"${self}/s0mePC-nix/sops/secrets.nix"
"${self}/hand7s/stylix/base16Scheme.nix"
"${self}/hand7s/stylix/cursor.nix"
@ -83,24 +88,24 @@
"${self}/hand7s/stylix/fonts.nix"
"${self}/hand7s/stylix/image.nix"
./system/name.nix
./system/stateVersion.nix
"${self}/s0mePC-nix/system/name.nix"
"${self}/s0mePC-nix/system/stateVersion.nix"
./systemd/oomd.nix
./systemd/slices/system-slice.nix
./systemd/slices/user-slice.nix
./systemd/slices/root-slice.nix
"${self}/s0mePC-nix/systemd/oomd.nix"
"${self}/s0mePC-nix/systemd/slices/system-slice.nix"
"${self}/s0mePC-nix/systemd/slices/user-slice.nix"
"${self}/s0mePC-nix/systemd/slices/root-slice.nix"
./time/timeZone.nix
"${self}/s0mePC-nix/time/timeZone.nix"
./users/users/hand7s.nix
./users/users/root.nix
./users/mutableUsers.nix
"${self}/s0mePC-nix/users/users/hand7s.nix"
"${self}/s0mePC-nix/users/users/root.nix"
"${self}/s0mePC-nix/users/mutableUsers.nix"
./virtualisation/docker.nix
"${self}/s0mePC-nix/virtualisation/docker.nix"
./xdg/icons.nix
./xdg/mime.nix
./xdg/portal.nix
"${self}/s0mePC-nix/xdg/icons.nix"
"${self}/s0mePC-nix/xdg/mime.nix"
"${self}/s0mePC-nix/xdg/portal.nix"
];
}

46
s0mePC-nix/disko/disk.nix Normal file
View file

@ -0,0 +1,46 @@
{
disko = {
devices = {
disk = {
main = {
device = "/dev/disk/by-id/nvme-KINGSTON_SKC3000S_1024G_AA000000000000000013";
type = "disk";
content = {
type = "gpt";
partitions = {
ESP = {
type = "EF00";
size = "1024M";
name = "boot";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"fmask=0022"
"dmask=0022"
];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "lvm-crypted";
settings = {
allowDiscards = true;
};
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
};
};
};
};
}

41
s0mePC-nix/disko.nix → s0mePC-nix/disko/lvm_vg.nix
View file

@ -1,47 +1,6 @@
{
disko = {
devices = {
disk = {
main = {
device = "/dev/disk/by-id/nvme-KINGSTON_SKC3000S_1024G_AA000000000000000013";
type = "disk";
content = {
type = "gpt";
partitions = {
ESP = {
type = "EF00";
size = "1024M";
name = "boot";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"fmask=0022"
"dmask=0022"
];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "lvm-crypted";
settings = {
allowDiscards = true;
};
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";

4
s0mePC-nix/environment/systemPackages.nix
View file

@ -6,9 +6,11 @@
environment = {
systemPackages = with pkgs; [
(lib.hiPrio uutils-coreutils-noprefix)
xdg-desktop-portal-gtk
uutils-findutils
uutils-diffutils
xdg-desktop-portal
xdg-desktop-portal-gtk
xdg-desktop-portal-hyprland
home-manager
];
};

3
s0mePC-nix/environment/variables.nix
View file

@ -7,9 +7,6 @@
SDL_VIDEODRIVER = "wayland";
CLUTTER_BACKEND = "wayland";
GDK_BACKEND = "wayland";
XDG_SESSION_TYPE = "wayland";
XDG_CURRENT_DESKTOP = "wayland";
XDG_SESSION_DESKTOP = "wayland";
NIXPKGS_ALLOW_UNFREE = "1";
NIXPKGS_ALLOW_INSECURE = "1";
NIXOS_OZONE_WL = "1";

2
s0mePC-nix/hardware/openrazer.nix
View file

@ -1,7 +1,7 @@
{...}: {
hardware = {
openrazer = {
enable = true;
enable = false;
users = [
"hand7s"
];

1
s0mePC-nix/home-manager/users.nix
View file

@ -13,6 +13,7 @@
inputs.chaotic.homeManagerModules.default
inputs.sops-nix.homeManagerModules.sops
inputs.nix-index-database.homeModules.nix-index
inputs.noctalia.homeModules.default
];
};

28
s0mePC-nix/networking/firewall.nix
View file

@ -4,15 +4,27 @@
allowPing = true;
enable = true;
checkReversePath = false;
allowedUDPPorts = [
9993
2080
];
allowedTCPPorts = [
9993
2080
];
interfaces = {
eno1 = rec {
allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
allowedUDPPortRanges = allowedTCPPortRanges;
};
salt-hand7s-pc = rec {
allowedTCPPorts = [
6567
];
allowedUDPPorts = allowedTCPPorts;
};
};
};
};
}

2
s0mePC-nix/networking/hosts.nix
View file

@ -1,7 +1,7 @@
{...}: {
networking = {
hosts = {
# Nope
# nope
};
};
}

2
s0mePC-nix/nix/settings/substituters.nix
View file

@ -3,7 +3,6 @@
settings = {
substituters = [
# cache.nixos.org
"https://nixos-cache-proxy.cofob.dev"
"https://cache.nixos.org"
# cache.garnix.org
"https://cache.garnix.io"
@ -13,6 +12,7 @@
"https://ags.cachix.org"
"https://hyprland.cachix.org"
"https://chaotic-nyx.cachix.org/"
"https://colmena.cachix.org"
];
};
};

1
s0mePC-nix/nix/settings/trusted-public-keys.nix
View file

@ -12,6 +12,7 @@
"ags.cachix.org-1:naAvMrz0CuYqeyGNyLgE010iUiuf/qx6kYrUv3NwAJ8="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
"colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg="
];
};
};

3
s0mePC-nix/nixpkgs/overlays.nix
View file

@ -1,7 +1,6 @@
{inputs, ...}: {
{...}: {
nixpkgs = {
overlays = [
inputs.hyprpanel.overlay
];
};
}

1
s0mePC-nix/programs/gamemode.nix
View file

@ -2,6 +2,7 @@
programs = {
gamemode = {
enable = true;
enableRenice = true;
};
};
}

11
s0mePC-nix/programs/nekoray.nix Normal file
View file

@ -0,0 +1,11 @@
{...}: {
programs = {
nekoray = {
enable = true;
tunMode = {
enable = true;
setuid = true;
};
};
};
}

15
s0mePC-nix/security/pam/yubico.nix Normal file
View file

@ -0,0 +1,15 @@
{...}: {
security = {
pam = {
yubico = {
enable = false;
debug = true;
mode = "challenge-response";
control = "sufficient";
id = [
"1873055870"
];
};
};
};
}

8
s0mePC-nix/services/greetd.nix
View file

@ -1,11 +1,15 @@
{pkgs, ...}: {
{
pkgs,
lib,
...
}: {
services = {
greetd = {
enable = true;
restart = false;
settings = {
default_session = {
command = "${pkgs.greetd.tuigreet}/bin/tuigreet -r -t -c Hyprland --greet-align center";
command = "${lib.getExe pkgs.tuigreet} -r -t -c ${lib.getExe pkgs.hyprland} --greet-align center";
user = "greeter";
};
};

2
s0mePC-nix/services/openssh.nix
View file

@ -5,7 +5,7 @@
allowSFTP = true;
openFirewall = true;
ports = [
49560
45734
];
settings = {

2
s0mePC-nix/services/resolved.nix
View file

@ -4,7 +4,7 @@
enable = true;
dnsovertls = "true";
dnssec = "true";
llmnr = "resolve";
llmnr = "true";
domains = [
"~."
];

6
s0mePC-nix/services/scx.nix
View file

@ -1,9 +1,9 @@
{pkgs, ...}: {
{...}: {
services = {
scx = {
enable = true;
package = pkgs.scx_git.full;
scheduler = "scx_lavd";
# package = pkgs.scx_git.full;
scheduler = "scx_cosmos";
};
};
}

2
s0mePC-nix/services/sunshine.nix
View file

@ -4,7 +4,7 @@
enable = true;
capSysAdmin = true;
openFirewall = true;
autoStart = false;
autoStart = true;
};
};
}

1
s0mePC-nix/services/xserver.nix
View file

@ -18,6 +18,7 @@
xkb = {
layout = "us, ru";
variant = "";
options = "grp:caps_toggle";
};
};

2
s0mePC-nix/services/yggdrasil.nix
View file

@ -4,7 +4,7 @@
enable = true;
persistentKeys = false;
settings = {
# PrivateKey = ""; it's won't work as i thought :D;
PrivateKey = "${yggKeyPC}";
Peers = [
# Germany :Erm:

5
s0mePC-nix/services/yubikey-agent.nix
View file

@ -1,7 +1,8 @@
{...}: {
{pkgs, ...}: {
services = {
yubikey-agent = {
enab = true;
package = pkgs.yubikey-agent;
enable = false;
};
};
}

3
s0mePC-nix/services/zerotier.nix
View file

@ -2,6 +2,9 @@
services = {
zerotierone = {
enable = true;
joinNetworks = [
# nope
];
};
};
}

11
s0mePC-nix/users/users/hand7s.nix
View file

@ -5,21 +5,12 @@
description = "me";
isSystemUser = false;
isNormalUser = true;
initialHashedPassword = "$6$vNggR38kZoLNZglM$QM5Qc8Ck1ko9YgME4RpV7KGLb1.UBynKmmWwABDI1GrMl54my7r7sXHiQ3VgqpMwaUtHeifJh5Zv.QR8lGXd50";
initialHashedPassword = "$6$ckgRhNWmJgSwOUpJ$kfeAdokd5fa76HWbTmWN2YXx4M/PQVOTJku1ODbqbBhEkUFiLftdaJFRnNXfIM3Jtz0ShoRMSVCB7mDkxDrdi/";
extraGroups = [
"wheel"
"networkmanager"
"docker"
"openrazer"
];
openssh = {
authorizedKeys = {
keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDp2IIdR5jV1HyG4aiRX7SfTNrXDhCx5rTiFU40qkOKq litvinovb0@gmail.com"
];
};
};
};
};
};

2
s0mePC-nix/users/users/root.nix
View file

@ -2,7 +2,7 @@
users = {
users = {
root = {
initialHashedPassword = "$6$vNggR38kZoLNZglM$QM5Qc8Ck1ko9YgME4RpV7KGLb1.UBynKmmWwABDI1GrMl54my7r7sXHiQ3VgqpMwaUtHeifJh5Zv.QR8lGXd50";
initialHashedPassword = "$6$n4OLMvYHHStHvtmr$6OL0NV1dEM2b6oJRewkhuoFxM80lI67tfbJ6QkCg8WAA1gbeKrcwDAuJjm8zvpY4zcDR3Z5Zbo8uebfOi6XXF0";
};
};
};

8
s0mePC-nix/xdg/portal.nix
View file

@ -7,21 +7,21 @@
common = {
default = [
"gtk"
"wlr"
];
};
sway = {
hyprland = {
preferred = [
"gtk"
"wlr"
"hyprland"
];
};
};
extraPortals = with pkgs; [
xdg-desktop-portal
xdg-desktop-portal-gtk
xdg-desktop-portal-wlr
xdg-desktop-portal-hyprland
];
};
};