Glued together corsac configuration

Signed-off-by: Mel <einebeere@gmail.com>

6 files changed, 231 insertions, 0 deletions

diff --git a/modules/common.nix b/modules/common.nix
new file mode 100644
index 0000000..f035db5
--- /dev/null
+++ b/modules/common.nix
@@ -0,0 +1,74 @@
+{ me, config, lib, pkgs, ... }:
+
+{
+  imports = [
+    ./nix.nix
+    ./user.nix
+    ./locale.nix
+    ./nix-ld.nix
+  ];
+
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  networking.hostName = me;
+
+  services.envfs.enable = true;
+  virtualisation.libvirtd.enable = true;
+
+  services = {
+    openssh = {
+      enable = true;
+      settings = {
+        PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
+        PermitRootLogin = "no";
+      };
+    };
+    tailscale = {
+      enable = true;
+      useRoutingFeatures = "both";
+      extraUpFlags = [ "--ssh" ];
+    };
+  
+    # sometimes needed for gnupg
+    pcscd.enable = true;
+  };
+ 
+  programs = {
+    vim = {
+      defaultEditor = true;
+      package = pkgs.vim_configurable.customize {
+        vimrcFile = ../configs/.vimrc;
+      };
+    };
+    fish.enable = true;
+    git.enable = true;
+    tmux.enable = true;
+
+    gnupg.agent = {
+      enable = true;
+      enableSSHSupport = true;
+      pinentryPackage = pkgs.pinentry-curses;
+    };
+  };
+
+  environment.systemPackages = (with pkgs; [
+    file unzip jq dig htop glances wget gnupg pinentry-curses
+    inetutils pciutils lshw inxi iw
+    tcpdump
+    ffmpeg_7-headless
+    qemu_full virtiofsd
+
+    openvpn openvpn3 update-resolv-conf
+    
+    ripgrep gnumake gdb gcc clang
+    go gopls delve go-task
+    meson cmake
+    nil direnv
+
+    wineWowPackages.stagingFull
+    borgbackup
+  ]);
+
+  environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn";
+}
diff --git a/modules/home/common.nix b/modules/home/common.nix
new file mode 100644
index 0000000..20275ea
--- /dev/null
+++ b/modules/home/common.nix
@@ -0,0 +1,34 @@
+{ pkgs, ... }:
+
+{
+  programs = {
+    git = {
+      enable = true;
+      userName = "Mel";
+      userEmail = "einebeere@gmail.com";
+      signing = { 
+        key = "D75A C286 ACA7 00B4 D8EC 377D 2082 F8EC 11CC 009B";
+        signByDefault = true;
+      };
+      extraConfig.init.defaultBranch = "main";
+    };
+
+    tmux = {
+      enable = true;
+      mouse = true;
+      keyMode = "vi";
+      plugins = with pkgs.tmuxPlugins; [
+        yank fpp open fuzzback
+      ];
+    };
+
+    fish = {
+      enable = true;
+      interactiveShellInit = ''
+        set fish_greeting
+      '';
+    };
+
+    zoxide = { enable = true; enableFishIntegration = true; };
+  };
+}
diff --git a/modules/locale.nix b/modules/locale.nix
new file mode 100644
index 0000000..2c900c2
--- /dev/null
+++ b/modules/locale.nix
@@ -0,0 +1,32 @@
+{ config, pkgs, ... }:
+
+{
+  # Set your time zone.
+  time.timeZone = "Europe/Berlin";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  # breaks tailscale ssh with constant
+  # "cannot change locale" messages when connecting.
+  # there may be a way to use these anyway...
+  # i18n.extraLocaleSettings = {
+  #   LC_ADDRESS = "de_DE.UTF-8";
+  #   LC_IDENTIFICATION = "de_DE.UTF-8";
+  #   LC_MEASUREMENT = "de_DE.UTF-8";
+  #   LC_MONETARY = "de_DE.UTF-8";
+  #   LC_NAME = "de_DE.UTF-8";
+  #   LC_NUMERIC = "de_DE.UTF-8";
+  #   LC_PAPER = "de_DE.UTF-8";
+  #   LC_TELEPHONE = "de_DE.UTF-8";
+  #   LC_TIME = "de_DE.UTF-8";
+  # };
+
+  i18n.supportedLocales = [ "all" ]; 
+  
+  # Configure keymap in X11
+  services.xserver.xkb = {
+    layout = "us";
+    variant = "";
+  };
+}
diff --git a/modules/nix-ld.nix b/modules/nix-ld.nix
new file mode 100644
index 0000000..2ab5df5
--- /dev/null
+++ b/modules/nix-ld.nix
@@ -0,0 +1,59 @@
+{ config, pkgs, ... }:
+
+{
+  programs.nix-ld.enable = true;
+
+  programs.nix-ld.libraries = with pkgs; [
+    alsa-lib
+    at-spi2-atk
+    at-spi2-core
+    atk
+    cairo
+    cups
+    curl
+    dbus
+    expat
+    fontconfig
+    freetype
+    fuse3
+    gdk-pixbuf
+    glib
+    gtk3
+    icu
+    libGL
+    libappindicator-gtk3
+    libdrm
+    libglvnd
+    libnotify
+    libpulseaudio
+    libunwind
+    libusb1
+    libuuid
+    libxkbcommon
+    libxml2
+    mesa
+    nspr
+    nss
+    openssl
+    pango
+    pipewire
+    stdenv.cc.cc
+    systemd
+    vulkan-loader
+    xorg.libX11
+    xorg.libXScrnSaver
+    xorg.libXcomposite
+    xorg.libXcursor
+    xorg.libXdamage
+    xorg.libXext
+    xorg.libXfixes
+    xorg.libXi
+    xorg.libXrandr
+    xorg.libXrender
+    xorg.libXtst
+    xorg.libxcb
+    xorg.libxkbfile
+    xorg.libxshmfence
+    zlib
+  ];
+}
diff --git a/modules/nix.nix b/modules/nix.nix
new file mode 100644
index 0000000..d98f64d
--- /dev/null
+++ b/modules/nix.nix
@@ -0,0 +1,16 @@
+{ self, ... }:
+
+{
+  nix = {
+    # add compat scripts to the environment,
+    # to allow nixos-option to find the configuration
+    nixPath = [
+      "nixpkgs=${self}/compat"
+      "nixos-config=${self}/compat/nixos"
+    ];
+
+    settings = {
+      experimental-features = [ "flakes" "nix-command" ];
+    };
+  };
+}
diff --git a/modules/user.nix b/modules/user.nix
new file mode 100644
index 0000000..2ca826b
--- /dev/null
+++ b/modules/user.nix
@@ -0,0 +1,16 @@
+{ config, pkgs, security, ... }:
+
+{
+  users.mutableUsers = false;
+  users.users.mel = {
+    isNormalUser = true;
+    description = "Mel";
+    shell = pkgs.fish;
+    extraGroups = [ "networkmanager" "wheel" ];
+
+    hashedPassword = security.password;
+    openssh.authorizedKeys.keys = security.keys;
+
+    packages = (with pkgs; []);
+  };
+}