shahab/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add work laptop configuration

Browse Source
This commit is contained in:
Shahab Dogar
2025-12-09 21:03:44 +05:00
parent 1ad2c6ea8e
commit 5e84abe9d9
23 changed files with 582 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
home/dogar/blueocean.nix Normal file
View File

@@ -0,0 +1,42 @@
{config, lib, ...}: {
imports = lib.flatten [
#
# ========== Required Configs ==========
#
./common/core
#
# ========== Host-specific Optional Configs ==========
#
(map (config: "${builtins.toString ./.}/common/optional/${config}.nix") [
"btop"
"direnv"
"firefox"
"fonts"
"ghostty"
"git"
"hyprland"
"kitty"
"misc-packages"
"nvim"
"ssh"
"starship"
"tmux"
"uv"
"zsh"
])
];
services.yubikey-touch-detector.enable = true;
home = {
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
stateVersion = "25.05";
sessionVariables = {
EDITOR = "nvim";
NIXOS_OZONE_WL = "1";
};
file.".npmrc".source = config.lib.file.mkOutOfStoreSymlink
"${config.home.homeDirectory}/git/nix-config/dotfiles/npm/.npmrc";
};
}

39
home/dogar/common/core/default.nix Normal file
View File

@@ -0,0 +1,39 @@
{
config,
lib,
pkgs,
hostSpec,
...
}: {
imports = lib.flatten [
(map lib.custom.relativeToRoot ["modules/common" "modules/home-manager"])
];
inherit hostSpec;
home = {
username = lib.mkDefault config.hostSpec.username;
homeDirectory = lib.mkDefault config.hostSpec.home;
stateVersion = lib.mkDefault "25.05";
sessionPath = ["$HOME/.local/bin"];
sessionVariables = {
FLAKE = "$HOME/src/nix/nix-config";
SHELL = "zsh";
VISUAL = "nvim";
EDITOR = "nvim";
};
};
nix = {
package = lib.mkDefault pkgs.nix;
settings = {
experimental-features = ["nix-command" "flakes"];
warn-dirty = false;
};
};
programs.home-manager.enable = true;
# Nicely reload system units when changing configs
systemd.user.startServices = "sd-switch";
}

3
home/dogar/common/optional/btop.nix Normal file
View File

@@ -0,0 +1,3 @@
{...}: {
programs.btop = {enable = true;};
}

8
home/dogar/common/optional/direnv.nix Normal file
View File

@@ -0,0 +1,8 @@
{
programs.direnv = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
nix-direnv.enable = true;
};
}

11
home/dogar/common/optional/firefox.nix Normal file
View File

@@ -0,0 +1,11 @@
{pkgs, ...}: {
programs.firefox = {
enable = true;
package = pkgs.firefox.override {
cfg = {
# Gnome shell native connector
enableGnomeExtensions = true;
};
};
};
}

4
home/dogar/common/optional/fonts.nix Normal file
View File

@@ -0,0 +1,4 @@
{pkgs, ...}: {
fonts.fontconfig.enable = true;
home.packages = with pkgs; [nerd-fonts.jetbrains-mono];
}

12
home/dogar/common/optional/ghostty.nix Normal file
View File

@@ -0,0 +1,12 @@
{config, ...}: {
programs.ghostty = {
enable = true;
settings = {
theme = "catppuccin-mocha";
font-family = config.hostSpec.font;
font-size = 14;
initial-command = "tmux";
};
};
}

27
home/dogar/common/optional/git.nix Normal file
View File

@@ -0,0 +1,27 @@
{
lib,
pkgs,
config,
...
}: {
programs.git = {
enable = true;
lfs.enable = true;
settings = {
user = {
name = config.hostSpec.userFullName;
email = config.hostSpec.email.user;
};
gpg = {format = "ssh";};
"gpg \"ssh\"" = {
program = "${lib.getExe' pkgs._1password-gui "op-ssh-sign"}";
};
commit = {gpgsign = true;};
user = {signingKey = "~/.ssh/id_ed25519.pub";};
pull = {rebase = true;};
init = {defaultBranch = "main";};
lfs = {locksverify = true;};
};
};
}

33
home/dogar/common/optional/hyprland.nix Normal file
View File

@@ -0,0 +1,33 @@
{
config,
lib,
pkgs,
...
}: {
home = {
file = {
"${config.xdg.configHome}/hypr/hyprland.conf".source =
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/hypr/hyprland.conf"}";
"${config.xdg.configHome}/hypr/hypridle.conf".source =
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/hypr/hypridle.conf"}";
"${config.xdg.configHome}/hypr/hyprlock.conf".source =
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/hypr/hyprlock.conf"}";
"${config.xdg.configHome}/waybar".source =
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/waybar"}";
"${config.xdg.configHome}/wofi".source =
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/wofi"}";
"${config.xdg.configHome}/mako".source =
config.lib.file.mkOutOfStoreSymlink "${lib.custom.relativeToRoot "dotfiles/mako"}";
};
packages = with pkgs; [
hyprshot
hyprlock
hypridle
hyprpolkitagent
waybar
wofi
mako
];
};
}

14
home/dogar/common/optional/kitty.nix Normal file
View File

@@ -0,0 +1,14 @@
{config, ...}: {
programs.kitty = {
enable = true;
shellIntegration.enableZshIntegration = true;
settings = {
font = config.hostSpec.font;
shell = "tmux";
font-size = 16.0;
active_border_color = "#44ffff";
single_window_margin_width = 0;
};
};
}

35
home/dogar/common/optional/misc-packages.nix Normal file
View File

@@ -0,0 +1,35 @@
{pkgs, ...}: {
home.packages = with pkgs; [
btop
zoxide
unzip
tmux
gcc
zig
gparted
gnupg
dig
bash
kdePackages.dolphin
font-awesome
tree
wl-clipboard-rs
brightnessctl
age
nerd-fonts.jetbrains-mono
lazygit
gh
dbeaver-bin
cloudflare-warp
protonmail-desktop
rpi-imager
kubectl
k9s
postgresql_17
kitty
waybar
obsidian
yq
jq
];
}

13
home/dogar/common/optional/nvim.nix Normal file
View File

@@ -0,0 +1,13 @@
{config, ...}: {
programs.neovim = {
enable = true;
defaultEditor = true;
viAlias = true;
vimAlias = true;
};
# Create a symlink from ~/.config/nvim to the dotfiles directory
home.file.".config/nvim".source =
config.lib.file.mkOutOfStoreSymlink
"${config.home.homeDirectory}/git/nix-config/dotfiles/nvim";
}

10
home/dogar/common/optional/ssh.nix Normal file
View File

@@ -0,0 +1,10 @@
{...}: let
onePassPath = "~/.1password/agent.sock";
in {
programs.ssh = {
enable = true;
enableDefaultConfig = false;
extraConfig = "IdentityAgent ${onePassPath}";
matchBlocks."*" = {};
};
}

1
home/dogar/common/optional/starship.nix Normal file
View File

@@ -0,0 +1 @@
{...}: {programs.starship.enable = true;}

15
home/dogar/common/optional/tmux.nix Normal file
View File

@@ -0,0 +1,15 @@
{
config,
lib,
pkgs,
...
}: {
home = {
file = {
"${config.xdg.configHome}/tmux".source =
lib.custom.relativeToRoot "dotfiles/tmux";
};
packages = with pkgs; [tmux];
};
}

10
home/dogar/common/optional/uv.nix Normal file
View File

@@ -0,0 +1,10 @@
{
...
}: {
programs.uv = {
enable = true;
settings = {
pip.index-url = "https://pip.dogar.dev";
};
};
}

43
home/dogar/common/optional/zsh.nix Normal file
View File

@@ -0,0 +1,43 @@
{
config,
pkgs,
...
}: {
home.packages = with pkgs; [
eza
ripgrep
rm-improved
dust
xcp
nh
zoxide
];
programs.zsh = {
enable = true;
enableCompletion = true;
autosuggestion.enable = true;
syntaxHighlighting.enable = true;
initContent = ''
eval "$(zoxide init zsh)"
'';
shellAliases = {
".." = "cd ..";
ls = "exa";
vim = "nvim";
grep = "rg";
du = "dust";
rm = "rip";
cp = "xcp";
uo = "nh os switch ~/git/nix-config";
k = "kubectl";
};
history = {
size = 10000;
path = "${config.xdg.dataHome}/zsh/history";
};
};
}

5
hosts/common/core/default.nix
View File

@@ -16,9 +16,6 @@
];
hostSpec = {
username = "shahab";
handle = "shahab96";
email = {user = "shahab@dogar.dev";};
userFullName = "Shahab Dogar";
networking.ports.tcp.ssh = 22;
};
@@ -69,7 +66,7 @@
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 10d --keep 10";
flake = "/home/user/${config.hostSpec.home}/nix-config";
flake = "${config.hostSpec.home}/nix-config";
};
# ========= Sops =========

116
hosts/common/disks/blueocean.nix Normal file
View File

@@ -0,0 +1,116 @@
{
lib,
primary,
nix,
withSwap,
swapSize,
label,
...
}: {
disko = {
devices = {
disk = {
main = {
device = primary;
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
esp = {
name = "ESP";
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
luks = {
size = "100%";
content = {
name = "crypted";
type = "luks";
passwordFile = "/tmp/secret.key";
settings = {
allowDiscards = true;
crypttabExtraOpts = ["fido2-device=auto" "token-timeout=10"];
};
content = {
type = "lvm_pv";
vg = "crypt_vg";
};
};
};
};
};
};
secondary = {
device = nix;
type = "disk";
content = {
type = "gpt";
partitions = {
luks = {
size = "100%";
content = {
name = "crypt-nix";
type = "luks";
passwordFile = "/tmp/secret.key";
settings = {
allowDiscards = true;
crypttabExtraOpts = ["fido2-device=auto" "token-timeout=10"];
};
content = {
type = "btrfs";
extraArgs = ["-L nix -f"];
subvolumes = {
"@nix" = {
mountpoint = "/nix";
mountOptions = ["subvol=nix" "compress=zstd" "noatime"];
};
};
};
};
};
};
};
};
};
lvm_vg = {
crypt_vg = {
type = "lvm_vg";
lvs = {
swap = lib.mkIf withSwap {
size = "${swapSize}G";
content = {
type = "swap";
resumeDevice = true;
};
};
main = {
size = "100%";
content = {
type = "btrfs";
extraArgs = ["-L" label "-f"];
subvolumes = {
"@root" = {
mountpoint = "/";
mountOptions = ["subvol=root" "compress=zstd" "noatime"];
};
};
};
};
};
};
};
};
};
}

95
hosts/nixos/blueocean/default.nix Normal file
View File

@@ -0,0 +1,95 @@
{
inputs,
lib,
config,
...
}: {
imports = lib.flatten [
#
# ========= Hardware =========
#
./hardware-configuration.nix
inputs.nixos-hardware.nixosModules.common-cpu-amd
inputs.nixos-hardware.nixosModules.common-gpu-amd
inputs.nixos-hardware.nixosModules.common-pc-ssd
inputs.nixos-hardware.nixosModules.lenovo-legion-16ithg6
#
# ========= Disk Layout =========
#
inputs.disko.nixosModules.disko
(lib.custom.relativeToRoot "hosts/common/disks/blueocean.nix")
{
_module.args = {
primary = "/dev/nvme0n1";
nix = "/dev/nvme1n1";
withSwap = true;
swapSize = "4";
label = "nixos";
};
}
#
# ========= Required Configs =========
#
(map lib.custom.relativeToRoot ["hosts/common/core"])
#
# ========= Optional Configs =========
#
(map (c: lib.custom.relativeToRoot "hosts/common/optional/${c}.nix") [
"1password"
"claude-code"
"dconf"
"docker"
"hyprland"
"nix-ld"
"secure-boot"
"yubikey"
])
#
# ========= Optional Services =========
#
(map
(s: lib.custom.relativeToRoot "hosts/common/optional/services/${s}.nix") [
"audio"
"bluetooth"
"firmware"
"greetd"
"openssh"
"printing"
"smart-card"
"vpn"
])
];
#
# ========= Host specification =========
#
hostSpec = {
hostName = "blueocean";
username = "dogar";
handle = "shadogar";
email = {user = "shahab.dogar@blueocean.ai";};
};
networking = {
networkmanager.enable = true;
enableIPv6 = false;
};
boot = {
loader = {
# Set this to true on first install. This must be false for secure boot.
systemd-boot = {
enable = lib.mkForce (!config.hostSpec.secureBoot);
configurationLimit = config.hostSpec.bootHistoryLimit;
};
efi.canTouchEfiVariables = true;
};
};
security.rtkit.enable = true;
system.stateVersion = "25.05";
}

47
hosts/nixos/blueocean/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,47 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
initrd = {
availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usbhid"
"thunderbolt"
"usb_storage"
"sd_mod"
];
kernelModules = [];
};
kernelModules = ["kvm-amd"];
extraModulePackages = [];
binfmt.emulatedSystems = ["aarch64-linux"]; # Add other target architectures as needed
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp193s0f3u2.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware = {
cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
graphics = {
enable = true;
};
};
}

3
hosts/nixos/rihla/default.nix
View File

@@ -87,6 +87,9 @@
secureBoot = false;
persist = "/persist";
impermanance = false;
username = "shahab";
handle = "shahab96";
email = {user = "shahab@dogar.dev";};
};
networking = {

3
hosts/nixos/rihla/hardware-configuration.nix
View File

@@ -2,7 +2,6 @@
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
@@ -38,8 +37,6 @@
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware = {
cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
graphics = {
enable = true;
};