-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
12 changed files
with
233 additions
and
570 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,152 +1,24 @@ | ||
| { | ||
| config, | ||
| lib, | ||
| inputs, | ||
| pkgs, | ||
| ... | ||
| }: | ||
| with lib; | ||
| { | ||
| imports = [ | ||
| ./networking.nix | ||
| ]; | ||
|
|
||
| config = { | ||
| # To fix home-manager issue | ||
| # https://github.com/nix-community/home-manager/blob/master/modules/misc/version.nix | ||
| system.stateVersion = "23.11"; | ||
|
|
||
| # This is a dummy key in ISO image, we shall not worry about its security. | ||
| # Agenix breaks in LiveCD due to https://github.com/ryantm/agenix/issues/165. | ||
| age.identityPaths = [ | ||
| (pkgs.writeText "img_key_ed25519" (builtins.readFile ../../secrets/raw/img_key_ed25519)) | ||
| ]; | ||
|
|
||
| # GPG agent that makes GPG work in LiveCD. | ||
| programs.gnupg.agent.enable = true; | ||
|
|
||
| # ZFS is currently broken on the latest kernel. Since we don't use it, it's fine to disable it. | ||
| boot.supportedFilesystems = lib.mkForce [ | ||
| "btrfs" | ||
| "reiserfs" | ||
| "vfat" | ||
| "f2fs" | ||
| "xfs" | ||
| "ntfs" | ||
| "cifs" | ||
| ]; | ||
|
|
||
| # Needed for boot! Otherwise the initrd couldn't mount the root on hub. | ||
| boot.initrd.availableKernelModules = [ "hub" ]; | ||
|
|
||
| # Set internationalisation properties. | ||
| console = { | ||
| font = "Lat2-Terminus16"; | ||
| useXkbConfig = true; | ||
| }; | ||
| i18n = { | ||
| defaultLocale = "en_US.UTF-8"; | ||
| inputMethod = { | ||
| enable = true; | ||
| type = "ibus"; | ||
| ibus.engines = with pkgs.ibus-engines; [ | ||
| libpinyin | ||
| typing-booster | ||
| ]; | ||
| }; | ||
| }; | ||
|
|
||
| # Fonts | ||
| fonts.packages = with pkgs; [ | ||
| noto-fonts | ||
| noto-fonts-cjk-sans | ||
| noto-fonts-emoji | ||
| fira-code | ||
| fira-code-symbols | ||
| nerd-fonts.fira-code | ||
| ]; | ||
|
|
||
| isoImage.edition = "gnome"; | ||
|
|
||
| # Whitelist wheel users to do anything | ||
| # This is useful for things like pkexec | ||
| # | ||
| # WARNING: this is dangerous for systems | ||
| # outside the installation-cd and shouldn't | ||
| # be used anywhere else. | ||
| security.polkit.extraConfig = '' | ||
| polkit.addRule(function(action, subject) { | ||
| if (subject.isInGroup("wheel")) { | ||
| return polkit.Result.YES; | ||
| } | ||
| }); | ||
| ''; | ||
|
|
||
| networking.wireless.enable = mkForce false; | ||
|
|
||
| services.xserver.displayManager = { | ||
| gdm = { | ||
| # autoSuspend makes the machine automatically suspend after inactivity. | ||
| # It's possible someone could/try to ssh'd into the machine and obviously | ||
| # have issues because it's inactive. | ||
| # See: | ||
| # * https://github.com/NixOS/nixpkgs/pull/63790 | ||
| # * https://gitlab.gnome.org/GNOME/gnome-control-center/issues/22 | ||
| autoSuspend = false; | ||
| }; | ||
| }; | ||
| services.displayManager.autoLogin = { | ||
| enable = true; | ||
| user = "nixos"; | ||
| }; | ||
|
|
||
| my.gnome-desktop = { | ||
| enable = true; | ||
| extraExcludePackages = [ pkgs.orca ]; | ||
| }; | ||
| my.base = { | ||
| enable = true; | ||
| hostname = "img"; | ||
| }; | ||
| my.home.nixos = { | ||
| extraPackages = with pkgs; [ | ||
| firefox | ||
| htop | ||
| dnsutils | ||
| smartmontools | ||
| ]; | ||
| extraDconf = { | ||
| # Show screen keyboard | ||
| "org/gnome/desktop/a11y/applications".screen-keyboard-enabled = true; | ||
| }; | ||
| }; | ||
| my.steamdeck = { | ||
| enable = true; | ||
| }; | ||
|
|
||
| # This is a LiveCD, please don't enable disk config in NixOS. | ||
| disko.enableConfig = false; | ||
|
|
||
| environment.systemPackages = | ||
| with pkgs; | ||
| let | ||
| create-disko-pkg = | ||
| name: path: | ||
| (runCommandLocal "disko-${name}" { } '' | ||
| mkdir -p $out/bin | ||
| install ${path} $out/bin/disko-${name} | ||
| ''); | ||
| in | ||
| [ | ||
| (writeShellScriptBin "install-script" (builtins.readFile ./install.sh)) | ||
| my.image-base = { | ||
| enable = true; | ||
| target = "deck"; | ||
| }; | ||
|
|
||
| (create-disko-pkg "main" config.system.build.diskoScript) | ||
| (create-disko-pkg "format" config.system.build.formatScript) | ||
| (create-disko-pkg "mount" config.system.build.mountScript) | ||
| ]; | ||
| # Needed for boot! Otherwise the initrd couldn't mount the root on hub. | ||
| boot.initrd.availableKernelModules = [ "hub" ]; | ||
|
|
||
| users.users.nixos = { | ||
| shell = pkgs.zsh; | ||
| my.home.nixos = { | ||
| extraDconf = { | ||
| # Show screen keyboard | ||
| "org/gnome/desktop/a11y/applications".screen-keyboard-enabled = true; | ||
| }; | ||
| programs.zsh.enable = true; | ||
| }; | ||
| my.steamdeck = { | ||
| enable = true; | ||
| }; | ||
| } |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,150 +1,23 @@ | ||
| { | ||
| inputs, | ||
| config, | ||
| lib, | ||
| pkgs, | ||
| ... | ||
| }: | ||
| with lib; | ||
| { | ||
| imports = [ | ||
| ./networking.nix | ||
| ]; | ||
|
|
||
| config = { | ||
| # To fix home-manager issue | ||
| # https://github.com/nix-community/home-manager/blob/master/modules/misc/version.nix | ||
| system.stateVersion = "24.11"; | ||
|
|
||
| boot.kernelPackages = pkgs.linuxPackages_latest; | ||
|
|
||
| # This is a dummy key in ISO image, we shall not worry about its security. | ||
| # Agenix breaks in LiveCD due to https://github.com/ryantm/agenix/issues/165. | ||
| age.identityPaths = [ | ||
| (pkgs.writeText "img_key_ed25519" (builtins.readFile ../../secrets/raw/img_key_ed25519)) | ||
| ]; | ||
|
|
||
| # GPG agent that makes GPG work in LiveCD. | ||
| programs.gnupg.agent.enable = true; | ||
|
|
||
| # ZFS is currently broken on the latest kernel. Since we don't use it, it's fine to disable it. | ||
| boot.supportedFilesystems = lib.mkForce [ | ||
| "btrfs" | ||
| "reiserfs" | ||
| "vfat" | ||
| "f2fs" | ||
| "xfs" | ||
| "ntfs" | ||
| "cifs" | ||
| ]; | ||
|
|
||
| # Set internationalisation properties. | ||
| console = { | ||
| font = "Lat2-Terminus16"; | ||
| useXkbConfig = true; | ||
| }; | ||
| i18n = { | ||
| defaultLocale = "en_US.UTF-8"; | ||
| inputMethod = { | ||
| enable = true; | ||
| type = "ibus"; | ||
| ibus.engines = with pkgs.ibus-engines; [ | ||
| libpinyin | ||
| typing-booster | ||
| ]; | ||
| }; | ||
| }; | ||
|
|
||
| # Fonts | ||
| fonts.packages = with pkgs; [ | ||
| noto-fonts | ||
| noto-fonts-cjk-sans | ||
| noto-fonts-emoji | ||
| fira-code | ||
| fira-code-symbols | ||
| nerd-fonts.fira-code | ||
| ]; | ||
|
|
||
| isoImage.edition = "gnome"; | ||
|
|
||
| # Whitelist wheel users to do anything | ||
| # This is useful for things like pkexec | ||
| # | ||
| # WARNING: this is dangerous for systems | ||
| # outside the installation-cd and shouldn't | ||
| # be used anywhere else. | ||
| security.polkit.extraConfig = '' | ||
| polkit.addRule(function(action, subject) { | ||
| if (subject.isInGroup("wheel")) { | ||
| return polkit.Result.YES; | ||
| } | ||
| }); | ||
| ''; | ||
|
|
||
| networking.wireless.enable = mkForce false; | ||
|
|
||
| services.xserver.displayManager = { | ||
| gdm = { | ||
| # autoSuspend makes the machine automatically suspend after inactivity. | ||
| # It's possible someone could/try to ssh'd into the machine and obviously | ||
| # have issues because it's inactive. | ||
| # See: | ||
| # * https://github.com/NixOS/nixpkgs/pull/63790 | ||
| # * https://gitlab.gnome.org/GNOME/gnome-control-center/issues/22 | ||
| autoSuspend = false; | ||
| }; | ||
| }; | ||
| services.displayManager.autoLogin = { | ||
| enable = true; | ||
| user = "nixos"; | ||
| }; | ||
|
|
||
| my.gnome-desktop = { | ||
| enable = true; | ||
| extraExcludePackages = [ pkgs.orca ]; | ||
| }; | ||
| my.base = { | ||
| enable = true; | ||
| hostname = "img"; | ||
| }; | ||
| my.home.nixos = { | ||
| extraPackages = with pkgs; [ | ||
| firefox | ||
| htop | ||
| dnsutils | ||
| smartmontools | ||
| ]; | ||
| extraDconf = | ||
| let | ||
| hm = inputs.home-manager.lib.hm; | ||
| in | ||
| { | ||
| "org/gnome/desktop/interface"."scaling-factor" = hm.gvariant.mkUint32 2; | ||
| }; | ||
| }; | ||
| my.image-base = { | ||
| enable = true; | ||
| target = "tb14"; | ||
| }; | ||
|
|
||
| # This is a LiveCD, please don't enable disk config in NixOS. | ||
| disko.enableConfig = false; | ||
| boot.kernelPackages = pkgs.linuxPackages_latest; | ||
|
|
||
| environment.systemPackages = | ||
| with pkgs; | ||
| my.home.nixos = { | ||
| extraDconf = | ||
| let | ||
| create-disko-pkg = | ||
| name: path: | ||
| (runCommandLocal "disko-${name}" { } '' | ||
| mkdir -p $out/bin | ||
| install ${path} $out/bin/disko-${name} | ||
| ''); | ||
| hm = inputs.home-manager.lib.hm; | ||
| in | ||
| [ | ||
| (writeShellScriptBin "install-script" (builtins.readFile ./install.sh)) | ||
|
|
||
| (create-disko-pkg "main" config.system.build.diskoScript) | ||
| (create-disko-pkg "format" config.system.build.formatScript) | ||
| (create-disko-pkg "mount" config.system.build.mountScript) | ||
| ]; | ||
|
|
||
| users.users.nixos.shell = pkgs.zsh; | ||
| programs.zsh.enable = true; | ||
| { | ||
| "org/gnome/desktop/interface"."scaling-factor" = hm.gvariant.mkUint32 2; | ||
| }; | ||
| }; | ||
| } |
Oops, something went wrong.