summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--nixos.org448
1 files changed, 226 insertions, 222 deletions
diff --git a/nixos.org b/nixos.org
index 1255858..1575830 100644
--- a/nixos.org
+++ b/nixos.org
@@ -10,248 +10,252 @@ later
 For now this is the way I'm configuring nixos. There is no flakes here, just a configuration.nix and a bunch of other
 stuff
 * Prefix
-  The nixos config is going to consist of a bunch of "imports" which are just a bunch of configs
-  in the imports part of the main configuration. Then we can put each part of said config on its own source block
-  This does require a bit of a prefix, that lets us access packages, existing configuration and library functions
-  #+begin_src nix :tangle configuration.nix :noweb no-export :padline no
-    { config, lib, pkgs, ... }:
-    let
-      sources = import ./nix/sources.nix;
-      nur = import sources.NUR { inherit pkgs; };
-      nurModules = import sources.NUR { };
-    in
-    {
-      imports = [
-	<<nixos-config>>
-      ];
-    }
-  #+end_src
+The nixos config is going to consist of a bunch of "imports" which are just a bunch of configs
+in the imports part of the main configuration. Then we can put each part of said config on its own source block
+This does require a bit of a prefix, that lets us access packages, existing configuration and library functions
+#+begin_src nix :tangle configuration.nix :noweb no-export :padline no
+  { config, lib, pkgs, ... }:
+  let
+    sources = import ./nix/sources.nix;
+    nur = import sources.NUR { inherit pkgs; };
+    nurModules = import sources.NUR { };
+  in
+  {
+    imports = [
+      <<nixos-config>>
+    ];
+  }
+#+end_src
 * Configuration
 ** Hardware
-   Normal nixos installation comes with a hardware-configuration file. we are not going to add the contents of that
-   file here ourself, but instead add it as an external module. This is the only place where we'll do this
-   #+begin_src nix :noweb-ref nixos-config :tangle no
-     ./hardware-configuration.nix
-   #+end_src
+Normal nixos installation comes with a hardware-configuration file. we are not going to add the contents of that
+file here ourself, but instead add it as an external module. This is the only place where we'll do this
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  ./hardware-configuration.nix
+#+end_src
 ** personal stuff
-   First, some personal stuff, so that I can tel people my computer is mine
-   #+begin_src nix :noweb-ref nixos-config :tangle no
-     {
-       options.mainUser = with lib; mkOption {
-	 type = types.str;
-	 default = builtins.getEnv "USER";
-       };
-     }
-   #+end_src
+First, some personal stuff, so that I can tel people my computer is mine
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    options.mainUser = with lib; mkOption {
+      type = types.str;
+      default = builtins.getEnv "USER";
+    };
+  }
+#+end_src
 
-   and then the actual info:
-   #+begin_src nix :noweb-ref nixos-config :tangle no
-     {
-       mainUser = "erik";
-       networking.hostName = "RACEMONSTER";
-       time.timeZone = "Europe/Amsterdam";
-     }
-   #+end_src
+and then the actual info:
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    mainUser = "erik";
+    networking.hostName = "RACEMONSTER";
+    time.timeZone = "Europe/Amsterdam";
+  }
+#+end_src
 ** Main user config
-   This sets up a (secret) default password for the main user and also sets some default groups
-   #+begin_src nix :noweb-ref nixos-config :tangle no
-     {
-       users.mutableUsers = false;
-       # Define a user account. Don't forget to set a password with ‘passwd’.
-       users.users.${config.mainUser} = {
-	 initialHashedPassword = "$6$XTH/sALyqg$G.bMWemErh4KGCAjUfT16DL96QMn/4NTmxlw6Z26wUVJn.tagQG.Fzmrz7uPkdiWZbBBFWP36.YA4hw9AcL8Q1";
-	 isNormalUser = true;
-	 extraGroups = [ "video" "wheel" "NetworkManager" ]; # Enable ‘sudo’ for the user.
-	 # shell = pkgs.nushell;
-       };
-     }
-   #+end_src
+This sets up a (secret) default password for the main user and also sets some default groups
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    users.mutableUsers = false;
+    # Define a user account. Don't forget to set a password with ‘passwd’.
+    users.users.${config.mainUser} = {
+      initialHashedPassword = "$6$XTH/sALyqg$G.bMWemErh4KGCAjUfT16DL96QMn/4NTmxlw6Z26wUVJn.tagQG.Fzmrz7uPkdiWZbBBFWP36.YA4hw9AcL8Q1";
+      isNormalUser = true;
+      extraGroups = [ "video" "wheel" "NetworkManager" ]; # Enable ‘sudo’ for the user.
+      # shell = pkgs.nushell;
+    };
+  }
+#+end_src
 ** Init system
-   nixos is started with systemd-boot, since we don't run any other distros
-   #+begin_src nix :noweb-ref nixos-config :tangle no
-     {
-       boot.loader.systemd-boot.enable = true;
-       boot.loader.efi.canTouchEfiVariables = true;
-     }
-   #+end_src
+nixos is started with systemd-boot, since we don't run any other distros
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    boot.loader.systemd-boot.enable = true;
+    boot.loader.efi.canTouchEfiVariables = true;
+  }
+#+end_src
 ** nixpkgs setup
-   not much info here right now. emacs itself now refers to emacsng
-   #+begin_src nix :noweb-ref nixos-config :tangle no
-     {
-       nix.package = pkgs.nixFlakes;
-       nixpkgs.config.allowUnfree = true;
-       nixpkgs.overlays = [
-	 (final: prev: {
-	   emacs = (import sources.emacs-ng).outputs.defaultPackage."x86_64-linux";
-	 })
-       ];
-     }
-   #+end_src
+not much info here right now. emacs itself now refers to emacsng
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    nix.package = pkgs.nixFlakes;
+    nixpkgs.config.allowUnfree = true;
+    nixpkgs.overlays = [
+      (final: prev: {
+        emacs = (import sources.emacs-ng).outputs.defaultPackage."x86_64-linux";
+      })
+    ];
+  }
+#+end_src
 *** cachix
-    Cachix and other substitute servers allow you to not have to compile things as much as you are supposed to
-    We will create a small module for cachix before we put in the rest declaratively
-    #+begin_src nix :noweb-ref nixos-config :tangle no
-      {
-	options.nix.cacheAttrs = with lib; mkOption {
-	  type = with types; attrsOf str;
-	  default = {};
+Cachix and other substitute servers allow you to not have to compile things as much as you are supposed to
+We will create a small module for cachix before we put in the rest declaratively
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    options.nix.cacheAttrs = with lib; mkOption {
+      type = with types; attrsOf str;
+      default = {};
 
-	};
-	config = with lib; {
-	  nix.binaryCaches = builtins.attrNames config.nix.cacheAttrs;
-	  nix.binaryCachePublicKeys = builtins.attrValues config.nix.cacheAttrs;
-	};
-      }
-    #+end_src
-    With the config in hand, we can now quickly and easily declare our substitute servers
-    #+begin_src nix :noweb-ref nixos-config :tangle no
-      {
-	nix.cacheAttrs = {
-	  "https://crazazy.cachix.org" = "crazazy.cachix.org-1:3KaIHK26pkvd5palJH5A4Re1Hn2+GDV+aXYnftMYAm4=";
-	  "https://emacsng.cachix.org" = "emacsng.cachix.org-1:i7wOr4YpdRpWWtShI8bT6V7lOTnPeI7Ho6HaZegFWMI=";
-	  "https://ethancedwards8.cachix.org" = "ethancedwards8.cachix.org-1:YMasjqyFnDreRQ9GXmnPIshT3tYyFHE2lUiNhbyIxOc=";
-	  "https://nix-community.cachix.org" = "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=";
-	  "https://nrdxp.cachix.org" = "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4=";
-	  "https://rycee.cachix.org" = "rycee.cachix.org-1:TiiXyeSk0iRlzlys4c7HiXLkP3idRf20oQ/roEUAh/A=";
-	};
-      }
-    #+end_src
+    };
+    config = with lib; {
+      nix.binaryCaches = builtins.attrNames config.nix.cacheAttrs;
+      nix.binaryCachePublicKeys = builtins.attrValues config.nix.cacheAttrs;
+    };
+  }
+#+end_src
+With the config in hand, we can now quickly and easily declare our substitute servers
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    nix.cacheAttrs = {
+      "https://crazazy.cachix.org" = "crazazy.cachix.org-1:3KaIHK26pkvd5palJH5A4Re1Hn2+GDV+aXYnftMYAm4=";
+      "https://emacsng.cachix.org" = "emacsng.cachix.org-1:i7wOr4YpdRpWWtShI8bT6V7lOTnPeI7Ho6HaZegFWMI=";
+      "https://ethancedwards8.cachix.org" = "ethancedwards8.cachix.org-1:YMasjqyFnDreRQ9GXmnPIshT3tYyFHE2lUiNhbyIxOc=";
+      "https://nix-community.cachix.org" = "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=";
+      "https://nrdxp.cachix.org" = "nrdxp.cachix.org-1:Fc5PSqY2Jm1TrWfm88l6cvGWwz3s93c6IOifQWnhNW4=";
+      "https://rycee.cachix.org" = "rycee.cachix.org-1:TiiXyeSk0iRlzlys4c7HiXLkP3idRf20oQ/roEUAh/A=";
+    };
+  }
+#+end_src
 ** udev binds
-   I have a bindmount system so that I can easily make binds to persistent directories from my home directory
-   This should prevent clutter
+I have a bindmount system so that I can easily make binds to persistent directories from my home directory
+This should prevent clutter
 *** The config
-    This part is quite advanced. It makes entries for filesystems and then makes a systemd service to re-assign
-    generated temporary directories to the owner of the home folder
-    #+begin_src nix :noweb-ref nixos-config :tangle no
-      {
-	options = with lib; {
-	  homeBinds = mkOption {
-	    type = with types; listOf str;
-	    default = [ ];
-	    description = "Bind mounts in your home folder";
-	  };
-	  persistRoot = mkOption {
-	    type = types.str;
-	    default = "/nix/persist";
-	  };
-	};
-	config = with lib; mkIf (config.homeBinds != [ ]) {
-	  fileSystems = genAttrs (map (loc: "/home/${config.mainUser}/${loc}") config.homeBinds)
-	    (loc: {
-	      device = "${config.persistRoot}${loc}";
-	      fsType = "none";
-	      options = [ "bind" ];
-	    });
-	  systemd.services.fix-home-perms = {
-	    wantedBy = [ "multi-user.target" ];
-	    after = map (loc: "${builtins.replaceStrings ["/"] ["-"] loc}.mount") config.homeBinds;
-	    serviceConfig.Type = "oneshot";
-	    script = "chown -R ${config.mainUser} /home/${config.mainUser}";
-	  };
-	};
-      }
-    #+end_src
+This part is quite advanced. It makes entries for filesystems and then makes a systemd service to re-assign
+generated temporary directories to the owner of the home folder
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    options = with lib; {
+      homeBinds = mkOption {
+        type = with types; listOf str;
+        default = [ ];
+        description = "Bind mounts in your home folder";
+      };
+      persistRoot = mkOption {
+        type = types.str;
+        default = "/nix/persist";
+      };
+    };
+    config = with lib; mkIf (config.homeBinds != [ ]) {
+      fileSystems = genAttrs (map (loc: "/home/${config.mainUser}/${loc}") config.homeBinds)
+        (loc: {
+          device = "${config.persistRoot}${loc}";
+          fsType = "none";
+          options = [ "bind" ];
+        });
+      systemd.services.fix-home-perms = {
+        wantedBy = [ "multi-user.target" ];
+        after = map (loc: "${builtins.replaceStrings ["/"] ["-"] loc}.mount") config.homeBinds;
+        serviceConfig.Type = "oneshot";
+        script = "chown -R ${config.mainUser} /home/${config.mainUser}";
+      };
+    };
+  }
+#+end_src
 *** The binds
-    These are the binds themselves, they change frequently
-    #+begin_src nix :noweb-ref nixos-config :tangle no
-      {
-	homeBinds = [
-	  ".config/keybase"
-	  ".local/share/Steam"
-	  ".local/share/keybase"
-	  ".mozilla/seamonkey"
-	  ".ssh"
-	  ".wine"
-	  "Desktop"
-	  "Documents"
-	  "Music"
-	  "Videos"
-	];
-      }
-    #+end_src
+These are the binds themselves, they change frequently
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    homeBinds = [
+      ".config/keybase"
+      ".local/share/Steam"
+      ".local/share/keybase"
+      ".mozilla/seamonkey"
+      ".ssh"
+      ".wine"
+      "Desktop"
+      "Documents"
+      "Music"
+      "Videos"
+    ];
+  }
+#+end_src
 ** Visual stuff
-   I don't acutally literally live in the terminal. So we have to implement some xorg and other stuff
+I don't acutally literally live in the terminal. So we have to implement some xorg and other stuff
 *** Basics
-    Enable printing, sound and a good keyboard, along with x11 itself
-    #+begin_src nix :noweb-ref nixos-config :tangle no
-      {
-	# Enable CUPS to print documents.
-	services.printing.enable = true;
+Enable printing, sound and a good keyboard, along with x11 itself
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    # Enable CUPS to print documents.
+    services.printing.enable = true;
 
-	# Enable sound.
-	sound.enable = true;
-	hardware.pulseaudio.enable = true;
+    # Enable sound.
+    sound.enable = true;
+    hardware.pulseaudio.enable = true;
 
-	# Enable the X11 windowing system.
-	services.xserver.enable = true;
-	services.xserver.layout = "us";
-	services.xserver.xkbVariant = "altgr-intl";
-	services.xserver.xkbOptions = "eurosign:e";
-	# touchpad controls
-	services.xserver.libinput.enable = true;
-      }
-    #+end_src
+    # Enable the X11 windowing system.
+    services.xserver.enable = true;
+    services.xserver.layout = "us";
+    services.xserver.xkbVariant = "altgr-intl";
+    services.xserver.xkbOptions = "eurosign:e";
+    # touchpad controls
+    services.xserver.libinput.enable = true;
+  }
+#+end_src
 *** XFCE
-    I have decided to be lazy and not install a fancy window manager or whatever into the system. Thats headache
-    #+begin_src nix :noweb-ref nixos-config :tangle no
-      {
-	services.xserver.displayManager.lightdm.enable = true;
-	services.xserver.desktopManager.xfce.enable = true;
-      }
-    #+end_src
+I have decided to be lazy and not install a fancy window manager or whatever into the system. Thats headache
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    services.xserver.displayManager.lightdm.enable = true;
+    services.xserver.desktopManager.xfce.enable = true;
+  }
+#+end_src
 ** Networking
-   Some default network settings for my laptop
-   #+begin_src nix :noweb-ref nixos-config :tangle no
-     {
-       networking.networkmanager.enable = true; # Enables wireless support via wpa_supplicant.
-       networking.useDHCP = false;
-       networking.interfaces.enp0s31f6.useDHCP = true;
-       networking.interfaces.wlp1s0.useDHCP = true;
-     }
-   #+end_src
+Some default network settings for my laptop
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    networking.networkmanager.enable = true; # Enables wireless support via wpa_supplicant.
+    networking.useDHCP = false;
+    networking.interfaces.enp0s31f6.useDHCP = true;
+    networking.interfaces.wlp1s0.useDHCP = true;
+  }
+#+end_src
 ** packages
 *** Core packages
-    These are the normal packages that I use for core maintenance
-    #+begin_src nix :noweb-ref nixos-config :tangle no
-      {
-	environment.systemPackages = with pkgs; [
-	  gitFull
-	  curl
-	  vim
-	  nur.repos.crazazy.seamonkey
-	  (wine.override { wineBuild = "wineWow"; })
-	];
-      }
-    #+end_src
+These are the normal packages that I use for core maintenance
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    environment.systemPackages = with pkgs; [
+      gitFull
+      curl
+      vim
+      nur.repos.crazazy.seamonkey
+      (wine.override { wineBuild = "wineWow"; })
+    ];
+  }
+#+end_src
 *** Steam
-    I like to play videogames sometimes, however steam also requires a little more special attention
-    #+begin_src nix :noweb-ref nixos-config :tangle no
-      {
-	imports = [
-	  nurModules.repos.crazazy.modules.private.steam-config
-	];
-	environment.systemPackages = with pkgs; [
-	  steam
-	];
-      }
-    #+end_src
+I like to play videogames sometimes, however steam also requires a little more special attention
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    imports = [
+      nurModules.repos.crazazy.modules.private.steam-config
+    ];
+    environment.systemPackages = with pkgs; [
+      steam
+    ];
+  }
+#+end_src
 *** Emacs
-    Emacs needs to be integrated into the rest of the system. We are going to do that via a emacs daemon
-    #+begin_src nix :noweb-ref nixos-config :tangle no
-      {
-	services.emacs = {
-	  package = import ./emacs.nix;
-	  enable = true;
-	};
-	homeBinds = [
-	  ".config/emacs"
-	];
-      }
-    #+end_src
+Emacs needs to be integrated into the rest of the system. We are going to do that via a emacs daemon
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    services.emacs = {
+      package = with pkgs; runCommand "wrapped-emacs" {} ''
+          mkdir -p $out
+          cp -r ${import ./emacs.nix} $out
+          ${makeWrapper}/bin/wrapProgram $out/bin/emacs --set WEBKIT_FORCE_SANDBOX 0
+      '';
+      enable = true;
+    };
+    homeBinds = [
+      ".config/emacs"
+    ];
+  }
+#+end_src
 *** QEMU & frens
-    I also sometimes run qemu vms. The qemu's manager will be libvirtd, but not sure if I will even use that
-    #+begin_src nix :noweb-ref nixos-config :tangle no
-      {
-	virtualisation.libvirtd.enable = true;
-      }
-    #+end_src
+I also sometimes run qemu vms. The qemu's manager will be libvirtd, but not sure if I will even use that
+#+begin_src nix :noweb-ref nixos-config :tangle no
+  {
+    virtualisation.libvirtd.enable = true;
+  }
+#+end_src