diff options
| author | Natasha Moongrave <natasha@256phi.eu> | 2026-06-12 13:37:13 +0200 |
|---|---|---|
| committer | Natasha Moongrave <natasha@256phi.eu> | 2026-06-12 13:37:13 +0200 |
| commit | 15d50528cf86e93bad19f65f1e4b47af49e94d71 (patch) | |
| tree | caaa600a8f38df84dc269a3844d276393e90262c /system | |
| parent | 72ee2b5a1e65ce804d6e1dcfd11aec06385594cc (diff) | |
Nuked everything
Diffstat (limited to 'system')
| -rw-r--r-- | system/audio.nix | 15 | ||||
| -rw-r--r-- | system/bluetooth.nix | 15 | ||||
| -rw-r--r-- | system/boot.nix | 45 | ||||
| -rw-r--r-- | system/default.nix | 19 | ||||
| -rw-r--r-- | system/desktop.nix | 16 | ||||
| -rw-r--r-- | system/encryption.nix | 62 | ||||
| -rw-r--r-- | system/graphics.nix | 13 | ||||
| -rw-r--r-- | system/ly/blackhole-smooth-240x67.dur | bin | 484298 -> 0 bytes | |||
| -rw-r--r-- | system/networking.nix | 3 | ||||
| -rw-r--r-- | system/nix.nix | 43 | ||||
| -rw-r--r-- | system/packages.nix | 76 | ||||
| -rw-r--r-- | system/programs.nix | 72 | ||||
| -rw-r--r-- | system/services.nix | 36 | ||||
| -rw-r--r-- | system/users.nix | 8 | ||||
| -rw-r--r-- | system/virtualisation.nix | 12 |
15 files changed, 0 insertions, 435 deletions
diff --git a/system/audio.nix b/system/audio.nix deleted file mode 100644 index 80dd60b..0000000 --- a/system/audio.nix +++ /dev/null @@ -1,15 +0,0 @@ -{pkgs, ...}: { - security.rtkit.enable = true; - - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - - environment.systemPackages = with pkgs; [ - pavucontrol - ]; -} diff --git a/system/bluetooth.nix b/system/bluetooth.nix deleted file mode 100644 index a4bc960..0000000 --- a/system/bluetooth.nix +++ /dev/null @@ -1,15 +0,0 @@ -{...}: { - hardware.bluetooth = { - enable = true; - powerOnBoot = true; - settings = { - General = { - Experimental = true; - FastConnectable = true; - }; - Policy = { - AutoEnable = true; - }; - }; - }; -} diff --git a/system/boot.nix b/system/boot.nix deleted file mode 100644 index af96d4e..0000000 --- a/system/boot.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - boot = { - kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; - - kernelModules = ["ntsync"]; - initrd = { - kernelModules = ["i915"]; - systemd.enable = true; - }; - - loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; - }; - grub = { - enable = lib.mkDefault true; - device = "nodev"; - useOSProber = lib.mkDefault false; - efiSupport = true; - }; - systemd-boot = { - enable = false; - consoleMode = "keep"; - configurationLimit = 5; - }; - }; - - plymouth = { - enable = false; - theme = "deus_ex"; - themePackages = [ - (pkgs.adi1090x-plymouth-themes.override { - selected_themes = ["deus_ex"]; - }) - ]; - }; - }; - - fileSystems."/boot".options = ["fmask=0077" "dmask=0077"]; -} diff --git a/system/default.nix b/system/default.nix deleted file mode 100644 index bbeb009..0000000 --- a/system/default.nix +++ /dev/null @@ -1,19 +0,0 @@ -{...}: { - imports = [ - ./nix.nix - ./boot.nix - ./audio.nix - ./bluetooth.nix - ./graphics.nix - ./networking.nix - ./packages.nix - ./programs.nix - ./services.nix - ./users.nix - ./encryption.nix - ./virtualisation.nix - # Desktop and stylix are now configured per-rice in home/rices/*/system.nix - ]; - - system.stateVersion = "25.11"; -} diff --git a/system/desktop.nix b/system/desktop.nix deleted file mode 100644 index 0337478..0000000 --- a/system/desktop.nix +++ /dev/null @@ -1,16 +0,0 @@ -{...}: { - # X server and window manager - services.xserver = { - enable = true; - windowManager.i3.enable = true; - - # Czech QWERTZ layout - xkb = { - layout = "cz"; - options = "eurosign:e,caps:escape"; - }; - }; - - # Compositor (system-level service) - services.picom.enable = true; -} diff --git a/system/encryption.nix b/system/encryption.nix deleted file mode 100644 index d5555a2..0000000 --- a/system/encryption.nix +++ /dev/null @@ -1,62 +0,0 @@ -{pkgs, ...}: { - # The encrypted USB is NOT part of boot anymore - # We do NOT use crypttab or systemd-cryptsetup units at all - - systemd.tmpfiles.rules = [ - "d /mnt/ssh-keys 0755 root root -" - "d /mnt/nixos-config 0755 root root -" - "d /mnt/storage 0755 root root -" - "d /mnt/tools 0755 root root -" - "d /mnt/isos 0755 root root -" - ]; - - environment.systemPackages = with pkgs; [ - cryptsetup - # 🔓 Mount + unlock + load SSH key - (writeShellScriptBin "keys-mount" '' - set -e - DEVICE="/dev/disk/by-uuid/d5aa2823-2023-410b-a83e-a4f707db5f7c" - NAME="ssh-keys" - MNT="/mnt/ssh-keys" - MNT_CONFIG="/mnt/nixos-config" - MNT_STORAGE="/mnt/storage" - MNT_TOOLS="/mnt/tools" - echo "🔐 Unlocking encrypted USB..." - sudo cryptsetup open "$DEVICE" "$NAME" - echo "📂 Mounting partitions..." - sudo mount "/dev/mapper/$NAME" "$MNT" - sudo mount -L nixos-config "$MNT_CONFIG" - sudo mount -L storage "$MNT_STORAGE" - sudo mount -L tools "$MNT_TOOLS" - echo "🔑 Adding SSH keys..." - ssh-add "$MNT/poseidon" - ssh-add "$MNT/apollo" - ssh-add "$MNT/codeberg" - ssh-add "$MNT/gitlab-keys" - echo "🔑 Importing GPG key..." - gpg --import "$MNT/gpg-privkey.asc" - echo "✅ Done" - '') - # 🔒 Clean unmount + lock - (writeShellScriptBin "keys-umount" '' - set -e - MNT="/mnt/ssh-keys" - NAME="ssh-keys" - echo "🔑 Removing SSH keys..." - ssh-add -d "$MNT/poseidon" 2>/dev/null || true - ssh-add -d "$MNT/apollo" 2>/dev/null || true - ssh-add -d "$MNT/codeberg" 2>/dev/null || true - ssh-add -d "$MNT/gitlab-keys" 2>/dev/null || true - echo "🔑 Clearing GPG key..." - gpgconf --kill gpg-agent - echo "📤 Unmounting..." - sudo umount /mnt/nixos-config || true - sudo umount /mnt/storage || true - sudo umount /mnt/tools || true - sudo umount "$MNT" || true - echo "🔒 Closing encrypted device..." - sudo cryptsetup close "$NAME" || true - echo "✅ Done" - '') - ]; -} diff --git a/system/graphics.nix b/system/graphics.nix deleted file mode 100644 index e2d9629..0000000 --- a/system/graphics.nix +++ /dev/null @@ -1,13 +0,0 @@ -{pkgs, ...}: { - services.xserver.videoDrivers = ["intel"]; - - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - intel-vaapi-driver - intel-media-driver - intel-compute-runtime - mesa - ]; - }; -} diff --git a/system/ly/blackhole-smooth-240x67.dur b/system/ly/blackhole-smooth-240x67.dur Binary files differdeleted file mode 100644 index d65c878..0000000 --- a/system/ly/blackhole-smooth-240x67.dur +++ /dev/null diff --git a/system/networking.nix b/system/networking.nix deleted file mode 100644 index e1e9450..0000000 --- a/system/networking.nix +++ /dev/null @@ -1,3 +0,0 @@ -{...}: { - networking.networkmanager.enable = true; -} diff --git a/system/nix.nix b/system/nix.nix deleted file mode 100644 index ff0512a..0000000 --- a/system/nix.nix +++ /dev/null @@ -1,43 +0,0 @@ -{pkgs, ...}: { - nix = { - package = pkgs.lixPackageSets.stable.lix; - - settings = { - trusted-users = ["root" "mun"]; - - substituters = [ - "https://cache.lix.systems" - "https://cache.nixos.org/" - ]; - - trusted-public-keys = [ - "cache.lix.systems-1:32QFpmvZsbQ8HhH3dBHDx1E8zFGbxqMNxjE2Rk5OGcQ=" - "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" - ]; - - experimental-features = ["nix-command" "flakes"]; - }; - gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 7d"; - }; - optimise = { - automatic = true; - dates = ["weekly"]; - }; - }; - - # Fix nixpkgs.overlays for Lix compatibility - nixpkgs.overlays = [ - (final: prev: { - inherit - (prev.lixPackageSets.stable) - nixpkgs-review - nix-eval-jobs - nix-fast-build - colmena - ; - }) - ]; -} diff --git a/system/packages.nix b/system/packages.nix deleted file mode 100644 index fcc194d..0000000 --- a/system/packages.nix +++ /dev/null @@ -1,76 +0,0 @@ -{pkgs, ...}: { - nixpkgs.config.allowUnfree = true; - - environment.systemPackages = with pkgs; [ - # Core - neovim - wget - git - lazygit - gnupg - pinentry-curses - - # CLI utilities - tree - ripgrep - fd - unzip - bzip2 - killall - acpi - - # System monitoring - btop - auto-cpufreq - - # Nix helpers - nh - nix-output-monitor - nvd - - # Audio/Media - alsa-utils - helvum - playerctl - pipewire - - # Bluetooth & Wireless - blueman - bluez - wirelesstools - - # Display & Graphics - feh - flameshot - xss-lock - brightnessctl - imagemagick - ghostscript - - # Development - stdenv - tree-sitter - clang - libgcc - lua - lua53Packages.luarocks - lua-language-server - stylua - nil - python314 - pyright - ruff - vtsls - ]; - - fonts = { - enableDefaultPackages = true; - packages = with pkgs; [ - fira-code - noto-fonts - noto-fonts-color-emoji - blackout - beon - ]; - }; -} diff --git a/system/programs.nix b/system/programs.nix deleted file mode 100644 index 9db68d9..0000000 --- a/system/programs.nix +++ /dev/null @@ -1,72 +0,0 @@ -{...}: { - # Fix firefox not being properly sandboxed and security - environment.etc."apparmor.d/firefox-local".text = '' - # This profile allows everything and only exists to give the - # application a name instead of having the label "unconfined" - abi <abi/4.0>, - include <tunables/global> - profile firefox-local - /home/mun/bin/firefox/{firefox,firefox-bin,updater} - flags=(unconfined) { - userns, - # Site-specific additions and overrides. See local/README for details. - include if exists <local/firefox> - } - ''; - - programs.firefox = { - enable = true; - languagePacks = ["en-GB" "cs" "sk" "de"]; - policies = { - DefaultDownloadDirectory = "\${home}/Downloads"; - Extensions.Install = map (name: "https://addons.mozilla.org/firefox/downloads/latest/${name}") [ - # Privacy - "ublock-origin" - "privacy-badger17" - "torproject-snowflake" - "clearurls" - "flagfox" - "user-agent-string-switcher" - "facebook-container" - - # QoL - "sidebery" - "onetab" - "bitwarden-password-manager" - - # YouTube - "return-youtube-dislikes" - "sponsorblock" - "youtube-recommended-videos" - "hide-members-only-videos" - - # Theming - "styl-us" - "firefox-color" - "darkreader" - ]; - Extensions.Uninstall = [ - "ddg@search.mozilla.org" - "google@search.mozilla.org" - "bing@search.mozilla.org" - "amazondotcom@search.mozilla.org" - "ebay@search.mozilla.org" - "twitter@search.mozilla.org" - ]; - DisableFirefoxStudies = true; - DisableTelemetry = true; - DisableFeedbackCommands = true; - DisablePocket = true; - }; - }; - programs.zsh.enable = true; - - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - localNetworkGameTransfers.openFirewall = true; - }; - - programs.ssh.startAgent = true; -} diff --git a/system/services.nix b/system/services.nix deleted file mode 100644 index c05e3b1..0000000 --- a/system/services.nix +++ /dev/null @@ -1,36 +0,0 @@ -{pkgs, ...}: { - security.pam.sshAgentAuth.enable = true; - - time.timeZone = "Europe/Prague"; - - services = { - displayManager.ly.enable = true; - printing.enable = true; - libinput.enable = true; - openssh.enable = true; - tailscale.enable = true; - gnome = { - gnome-keyring.enable = true; - gcr-ssh-agent.enable = false; - }; - # Setup MPD as the backend of RMPC - mpd = { - enable = true; - user = "mun"; - musicDirectory = "/home/mun/Music"; - extraConfig = '' - audio_output { - type "pipewire" - name "PipeWire" - } - audio_output { - type "fifo" - name "my_fifo" - path "/tmp/mpd.fifo" - format "44100:16:2" - } - ''; - }; - }; - systemd.services.mpd.environment.XDG_RUNTIME_DIR = "/run/user/1000"; -} diff --git a/system/users.nix b/system/users.nix deleted file mode 100644 index 5b84f9a..0000000 --- a/system/users.nix +++ /dev/null @@ -1,8 +0,0 @@ -{pkgs, ...}: { - users.groups.ssh-keys = {}; - users.users.mun = { - isNormalUser = true; - extraGroups = ["wheel" "bluetooth" "networkmanager" "kvm" "nixos" "ssh-keys"]; - shell = pkgs.zsh; - }; -} diff --git a/system/virtualisation.nix b/system/virtualisation.nix deleted file mode 100644 index eae69f7..0000000 --- a/system/virtualisation.nix +++ /dev/null @@ -1,12 +0,0 @@ -{pkgs, ...}: { - virtualisation.docker = { - enable = true; - autoPrune.enable = true; - package = pkgs.docker_29; - }; - virtualisation.oci-containers = { - backend = "docker"; - }; - - users.extraGroups.docker.members = ["mun"]; -} |