andy/linux-nixos-hyprland-config-dotfiles
Template
1
0
Fork 0
mirror of https://github.com/XNM1/linux-nixos-hyprland-config-dotfiles.git synced 2025-09-15 09:45:58 +03:00
Code Activity

first commit

Browse Source
This commit is contained in:
XNM
2023-09-28 03:29:43 +03:00
commit 9124fc4fc7
136 changed files with 11135 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

601
nixos/configuration.nix Normal file
View File

@@ -0,0 +1,601 @@
# Edit trueconfiguration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ pkgs, lib, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.loader.timeout = 2;
boot.initrd.enable = true;
boot.initrd.systemd.enable = true;
boot.kernelParams = [ "quiet" "fbcon=nodefer" "vt.global_cursor_default=0" "kernel.modules_disabled=1" "lsm=landlock,lockdown,yama,integrity,apparmor,bpf" "usbcore.autosuspend=-1" "video4linux" "acpi_rev_override=5" ];
boot.plymouth = {
enable = true;
# logo = pkgs.fetchurl {
# url = "https://pluspng.com/img-png/black-lagoon-png-revy-1-png-1594-1080-anime-boysdjblack-lagoon-1594.png";
# sha256 = "e0CZmXTVIJv6BDXXYksTsncl9t/QGkYC/BavNy4fcnQ=";
# };
font = "${pkgs.jetbrains-mono}/share/fonts/truetype/JetBrainsMono-Regular.ttf";
themePackages = [ pkgs.catppuccin-plymouth ];
theme = "catppuccin-macchiato";
};
# Setup keyfile
boot.initrd.secrets = {
"/crypto_keyfile.bin" = null;
};
# FIXME: Enable swap on luks
zramSwap.enable = true;
# Enable Display Manager
services.greetd = {
enable = true;
settings = {
default_session = {
command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --time-format '%I:%M %p | %a %h | %F' --cmd Hyprland";
user = "greeter";
};
};
};
# # Enable Hyprland
programs.hyprland.enable = true;
environment.sessionVariables.NIXOS_OZONE_WL = "1";
environment.sessionVariables.WLR_NO_HARDWARE_CURSORS = "1";
# services.xserver.enable = true;
# services.xserver.displayManager.lightdm.enable = true;
# services.xserver.displayManager.lightdm.greeters.enso.enable = true;
# services.xserver.displayManager.lightdm.greeters.enso.theme.name = "Catppuccin-Teal-Dark";
# services.xserver.displayManager.lightdm.greeters.enso.iconTheme.name = "Colloid-teal-dark";
# services.xserver.displayManager.lightdm.greeters.enso.cursorTheme.name = "Catppuccin-Macchiato-Teal-Cursors";
# services.xserver.displayManager.lightdm.background = "$HOME/.config/wezterm/lain.png";
# Enable Gnome
# services.xserver.enable = true;
# services.xserver.displayManager.gdm.enable = true;
# services.xserver.desktopManager.gnome.enable = true;
# Gnome Exclude Packages
# environment.gnome.excludePackages = (with pkgs; [
# gnome-tour
# ]) ++ (with pkgs.gnome; [
# gnome-terminal
# gedit # text editor
# epiphany # web browser
# geary # email reader
# tali # poker game
# iagno # go game
# hitori # sudoku game
# atomix # puzzle game
# ]);
# Enable fingerprint scanner
# services.fprintd = {
# enable = true;
# tod.enable = true;
# tod.driver = pkgs.libfprint-2-tod1-goodix-550a;
# };
# Enable Theme
environment.variables.GTK_THEME = "Catppuccin-Macchiato-Standard-Teal-dark";
environment.variables.XCURSOR_THEME = "Catppuccin-Macchiato-Teal-Cursors";
environment.variables.XCURSOR_SIZE = "24";
console = {
earlySetup = true;
colors = [
"24273a"
"ed8796"
"a6da95"
"eed49f"
"8aadf4"
"f5bde6"
"8bd5ca"
"cad3f5"
"5b6078"
"ed8796"
"a6da95"
"eed49f"
"8aadf4"
"f5bde6"
"8bd5ca"
"a5adcb"
];
};
# Setup Env Variables
environment.variables.SPOTIFY_PATH = "${pkgs.spotify}/";
environment.variables.JDK_PATH = "${pkgs.jdk11}/";
environment.variables.NODEJS_PATH = "${pkgs.nodejs_20}/";
environment.variables.CI = "1";
# environment.variables.CLIPBOARD_EDITOR = "hx";
environment.variables.CLIPBOARD_NOAUDIO = "1";
# environment.variables.CLIPBOARD_NOGUI = "1";
# environment.variables.CLIPBOARD_NOPROGRESS = "1";
# environment.variables.CLIPBOARD_NOREMOTE = "1";
environment.variables.CLIPBOARD_SILENT = "1";
# Nix Configuration
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
auto-optimise-store = true;
substituters = ["https://hyprland.cachix.org"];
trusted-public-keys = ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="];
};
# Linux Kernel
boot.kernelPackages = pkgs.linuxKernel.packages.linux_zen;
# Enable networking
networking.networkmanager = {
enable = true;
dns = "none";
};
networking.hostName = "isitreal-laptop"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable Bluetooth
hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = false;
services.blueman.enable = true;
# Set your time zone.
time.hardwareClockInLocalTime = true;
time.timeZone = "Europe/Kyiv";
# Select internationalisation properties.
services.xserver = {
layout = "us,ua,ru";
xkbOptions = "grp:alt_shift_toggle";
};
i18n.supportedLocales = [
"en_US.UTF-8/UTF-8"
"uk_UA.UTF-8/UTF-8"
"ru_RU.UTF-8/UTF-8"
];
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
# Fonts
fonts.packages = with pkgs; [
jetbrains-mono
nerd-font-patcher
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
networking.firewall.enable = true;
# networking.firewall.allowedTCPPorts = [ 3000 ];
# networking.firewall.allowedUDPPorts = [ 3000 ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Enable Encrypted Proxy DNS
networking = {
nameservers = [ "127.0.0.1" "::1"];
dhcpcd.extraConfig = "nohook resolv.conf";
};
services.dnscrypt-proxy2 = {
enable = true;
settings = {
ipv6_servers = true;
require_dnssec = true;
sources.public-resolvers = {
urls = [
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
];
cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md";
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
};
# You can choose a specific set of servers from https://github.com/DNSCrypt/dnscrypt-resolvers/blob/master/v3/public-resolvers.md
server_names = [ "cloudflare" "cloudflare-ipv6" "cloudflare-security" "cloudflare-security-ipv6" "adguard-dns-doh" "mullvad-adblock-doh" "mullvad-doh" "nextdns" "nextdns-ipv6" "quad9-dnscrypt-ipv4-filter-pri" "google" "google-ipv6" "ibksturm" ];
};
};
systemd.services.dnscrypt-proxy2.serviceConfig = {
StateDirectory = "dnscrypt-proxy";
};
# Enable MAC Randomize
# systemd.services.macchanger = {
# enable = true;
# description = "Change MAC address";
# wantedBy = [ "multi-user.target" ];
# after = [ "network.target" ];
# serviceConfig = {
# Type = "oneshot";
# ExecStart = "${pkgs.macchanger}/bin/macchanger -r wlp0s20f3";
# ExecStop = "${pkgs.macchanger}/bin/macchanger -p wlp0s20f3";
# RemainAfterExit = true;
# };
# };
# Enable security services
users.users.root.hashedPassword = "!";
security.tpm2 = {
enable = true;
pkcs11.enable = true;
tctiEnvironment.enable = true;
};
security.apparmor = {
enable = true;
packages = with pkgs; [
apparmor-utils
apparmor-profiles
];
};
services.fail2ban.enable = true;
# security.polkit.enable = true;
services.usbguard = {
enable = true;
dbus.enable = true;
implicitPolicyTarget = "block";
# FIXME: set yours pref USB devices
rules = ''
allow id {id}
'';
};
services.clamav = {
daemon.enable = true;
updater.enable = true;
updater.interval = "daily"; #man systemd.time
updater.frequency = 12;
};
programs.firejail = {
enable = true;
wrappedBinaries = {
mpv = {
executable = "${lib.getBin pkgs.mpv}/bin/mpv";
profile = "${pkgs.firejail}/etc/firejail/mpv.profile";
};
imv = {
executable = "${lib.getBin pkgs.imv}/bin/imv";
profile = "${pkgs.firejail}/etc/firejail/imv.profile";
};
zathura = {
executable = "${lib.getBin pkgs.zathura}/bin/zathura";
profile = "${pkgs.firejail}/etc/firejail/zathura.profile";
};
discord = {
executable = "${lib.getBin pkgs.discord}/bin/discord";
};
};
};
# Systemd services setup
systemd.packages = with pkgs; [
auto-cpufreq
];
# Enable services
services.geoclue2 = {
enable = true;
appConfig = {
"gammastep" = {
isAllowed = true;
isSystem = false;
users = [ "1000" ];
};
};
};
# services.avahi = {
# enable = true;
# nssmdns = true;
# };
services.upower.enable = true;
programs.fish.enable = true;
programs.dconf.enable = true;
services.dbus.enable = true;
services.dbus.packages = with pkgs; [
xfce.xfconf
gnome2.GConf
];
programs.light.enable = true;
services.mpd.enable = true;
programs.thunar.enable = true;
services.tumbler.enable = true;
services.fwupd.enable = true;
services.auto-cpufreq.enable = true;
security.pam.services.swaylock = {};
# services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
# USB Automounting
services.gvfs.enable = true;
# services.udisks2.enable = true;
# services.devmon.enable = true;
# Wayland compatibility with X
# xdg.portal = {
# enable = true;
# wlr.enable = true;
# };
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable docker
virtualisation.docker.enable = true;
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
wireplumber.enable = true;
# If you want to use JACK applications, uncomment this
# jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
# media-session.enable = true;
};
# Define a user account. Don't forget to set a password with passwd.
users.users.xnm = {
isNormalUser = true;
description = "xnm";
extraGroups = [ "networkmanager" "input" "wheel" "video" "audio" "docker" "tss" ];
shell = pkgs.fish;
packages = with pkgs; [
spotify
discord
tdesktop
vscode
brave
];
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# Apply the overlay to the package set
# nixpkgs.overlays = [ spotifyOverlay ];
# Override packages
nixpkgs.config.packageOverrides = pkgs: {
colloid-icon-theme = pkgs.colloid-icon-theme.override { colorVariants = ["teal"]; };
catppuccin-gtk = pkgs.catppuccin-gtk.override {
accents = [ "teal" ]; # You can specify multiple accents here to output multiple themes
size = "standard";
variant = "macchiato";
};
discord = pkgs.discord.override {
withOpenASAR = true;
withTTS = true;
};
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
inherit pkgs;
};
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
jdk11
gleam
rebar3
erlang
go
gopls
delve
(python311Full.withPackages(ps: with ps; [ pygobject3 gobject-introspection pyqt6-sip]))
nodejs_20
bun
python311Packages.python-lsp-server
nodePackages_latest.nodemon
nodePackages_latest.typescript
nodePackages_latest.typescript-language-server
nodePackages_latest.vscode-langservers-extracted
nodePackages_latest.yaml-language-server
nodePackages_latest.dockerfile-language-server-nodejs
sumneko-lua-language-server
marksman
nil
rustup
# evcxr #rust repl
rust-analyzer
cargo-deny
cargo-audit
cargo-update
# cargo
bacon
taplo #toml formatter & lsp
lldb
gcc13
wasmedge
license-generator
git-ignore
xh
wezterm
# mcfly # terminal history
starship
zellij
helix
git
progress
noti
topgrade
ripgrep
rewrk
wrk2
procs
tealdeer
# skim #fzf better alternative in rust
monolith
aria
# macchina #neofetch alternative in rust
sd
ouch
duf
du-dust
fd
jq
gh
trash-cli
zoxide
tokei
fzf
bat
mdcat
pandoc
lsd
gping
viu
tre-command
felix-fm
chafa
lazydocker
lazygit
neofetch
onefetch
ipfetch
cpufetch
starfetch
octofetch
htop
bottom
btop
cmatrix
pipes-rs
rsclock
cava
figlet
qutebrowser
zathura
mpv
imv
numix-icon-theme-circle
colloid-icon-theme
catppuccin-gtk
catppuccin-kvantum
catppuccin-cursors.macchiatoTeal
at-spi2-atk
pamixer
pavucontrol
qt6.qtwayland
psi-notify
poweralertd
# wlsunset
gammastep
greetd.tuigreet
swaylock-effects
swayidle
brightnessctl
playerctl
psmisc
grim
slurp
imagemagick
swappy
ffmpeg_6-full
# wl-screenrec
wf-recorder
wl-clipboard
cliphist
clipboard-jh
xdg-utils
wtype
wlrctl
hyprpicker
waybar
rofi-wayland
dunst
avizo
wlogout
wpaperd
# swww
lz4
gifsicle
nuspell
hyphen
hunspell
hunspellDicts.en_US
hunspellDicts.uk_UA
hunspellDicts.ru_RU
vulnix #scan command: vulnix --system
clamav #scan command: sudo freshcalm; clamscan [options] [file/directory/-]
chkrootkit #scan command: sudo chkrootkit
# vulkan-tools
# opencl-info
# clinfo
# vdpauinfo
# libva-utils
usbutils
dig
speedtest-rs
# gnome.gnome-tweaks
# gnome.gnome-shell
# xsettingsd
# gnome.gnome-shell-extensions
# themechanger
];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}