diff --git a/flake.nix b/flake.nix index 01e5461..c7fc0c5 100644 --- a/flake.nix +++ b/flake.nix @@ -103,6 +103,7 @@ nixos/systems/grasshopper nixos/systems/inkbook nixos/systems/hela + nixos/systems/saw nixng/containers/ingress-blowhole nixng/containers/ingress-toothpick diff --git a/nixos/systems/saw/default.nix b/nixos/systems/saw/default.nix new file mode 100644 index 0000000..f4cfc49 --- /dev/null +++ b/nixos/systems/saw/default.nix @@ -0,0 +1,208 @@ +# SPDX-FileCopyrightText: 2024 Richard Brežák +# +# SPDX-License-Identifier: LGPL-3.0-or-later +{ + inputs, + lib', + config, + ... +}: let + inherit + (lib') + flip + mapAttrs + singleton + ; + + config' = config; +in { + flake.nixosConfigurations.saw = inputs.nixpkgs-stable.lib.nixosSystem { + system = "x86_64-linux"; + # lib = lib'; + + specialArgs = { + config' = config'; + inputs' = inputs; + secret = lib'.loadSecrets inputs.secret; + }; + + modules = + singleton + ({ + pkgs, + config, + lib, + ... + }: let + river-gtk = pkgs.river.overrideAttrs (final: prev: { + nativeBuildInputs = + prev.nativeBuildInputs + ++ (with pkgs; [ + makeWrapper + wrapGAppsHook3 + ]); + + buildInputs = + prev.buildInputs + ++ (with pkgs; [ + gdk-pixbuf + gsettings-desktop-schemas + glib + gtk3 + ]); + + postFixup = '' + gappsWrapperArgsHook + + wrapProgram $out/bin/river \ + "''${gappsWrapperArgs[@]}" + ''; + }); + + squeekboard = pkgs.squeekboard.overrideAttrs (final: prev: { + patches = + (prev.patches or []) + ++ [ + inputs.self.patches.squeekboard-layer-overlay + ]; + }); + + kodi-wayland = pkgs.kodi-wayland.withPackages (ps: [ + pkgs.kodi-wayland.pythonPackages.pillow + ]); + in { + imports = [ + inputs.disko.nixosModules.default + inputs.impermenance.nixosModules.impermanence + ./nixpkgs.nix + ./users.nix + ../../common/remote_access.nix + ./disko.nix + ]; + + security.rtkit.enable = true; + services.pipewire = { + enable = true; + + wireplumber.enable = true; + + alsa.enable = true; + alsa.support32Bit = true; + jack.enable = true; + pulse.enable = true; + }; + + programs.river = { + enable = true; + package = river-gtk; + }; + services.greetd = { + enable = true; + settings = { + default_session = { + command = "${lib.getExe pkgs.cage} -s -- ${lib.getExe pkgs.greetd.regreet}"; + }; + }; + }; + + xdg.portal = { + config.common.default = [ + "gtk" + ]; + enable = true; + xdgOpenUsePortal = true; + extraPortals = singleton pkgs.xdg-desktop-portal-gtk; + }; + + environment.persistence."/persist" = { + hideMounts = true; + directories = [ + "/var/log" + "/var/lib/nixos" + ]; + files = [ + "/etc/ssh/ssh_host_rsa_key" + "/etc/ssh/ssh_host_rsa_key.pub" + "/etc/ssh/ssh_host_ed25519_key" + "/etc/ssh/ssh_host_ed25519_key.pub" + ]; + users.main = { + directories = [ + ".kodi" + ]; + }; + }; + + home-manager.users.main = { + home.file.".config/river/init".executable = true; + home.file.".config/river/init".text = '' + # riverctl default-layout rivercarro + # ${lib.getExe pkgs.rivercarro} -outer-gaps 0 & + # riverctl send-layout-cmd rivercarro "main-location monocle" + # riverctl spawn ${lib.getExe squeekboard} + riverctl spawn ${lib.getExe kodi-wayland} + ''; + home.file.".config/lavalauncher/active.conf".text = let + launch = { + jellyfin = pkgs.writeShellScript "launch-jellyfin" '' + ${lib.getExe pkgs.librewolf} http://jellyfin.in.redalder.org --kiosk + ''; + pavucontrol = pkgs.writeShellScript "launch-pavucontrol" '' + ${lib.getExe pkgs.pavucontrol} & disown + sleep 0.1 + riverctl toggle-fullscreen + ''; + next = pkgs.writeShellScript "show-next" '' + riverctl toggle-fullscreen + riverctl focus-view next + riverctl toggle-fullscreen + ''; + }; + in '' + global-settings + { + watch-config-file = true; + } + + bar { + exclusive-zone = off; + alignment = center; + position = right; + layer = overlay; + + + button { + command = ${launch.jellyfin}; + } + + button { + command = ${launch.pavucontrol}; + } + + button { + command = ${launch.next}; + } + } + ''; + }; + + # xdg.portal.config.common = { + # # Use xdg-desktop-portal-gtk for every portal interface... + # default = "gtk"; + # # ... except for the ScreenCast, Screenshot and Secret + # "org.freedesktop.impl.portal.ScreenCast" = "wlr"; + # "org.freedesktop.impl.portal.Screenshot" = "wlr"; + # # ignore inhibit bc gtk portal always returns as success, + # # despite sway/the wlr portal not having an implementation, + # # stopping firefox from using wayland idle-inhibit + # "org.freedesktop.impl.portal.Inhibit" = "none"; + # }; + + # services.cage.program = "${lib.getExe pkgs.ungoogled-chromium} --kiosk --new-window --noerrdialogs --disable-infobars http://jellyfin.in.redalder.org"; + + boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_6; + time.timeZone = "Europe/Amsterdam"; + system.stateVersion = "24.05"; + }); + }; +} diff --git a/nixos/systems/saw/disko.nix b/nixos/systems/saw/disko.nix new file mode 100644 index 0000000..bf4ad89 --- /dev/null +++ b/nixos/systems/saw/disko.nix @@ -0,0 +1,94 @@ +{ + lib, + config, + ... +}: { + boot.initrd.systemd.enable = true; + boot.loader.efi = { + efiSysMountPoint = "/boot"; + }; + boot.loader.grub = { + devices = ["nodev"]; + efiInstallAsRemovable = true; + efiSupport = true; + }; + + fileSystems = { + "/persist".neededForBoot = true; + "/nix" = lib.mapAttrs (_: lib.mkForce) { + fsType = "auto"; + device = "/persist/nix"; + options = ["x-initrd.mount" "bind"]; + neededForBoot = true; + }; + }; + + disko.devices = { + nodev."/tmp" = { + fsType = "tmpfs"; + mountOptions = [ + "size=256M" + "mode=755" + "noexec" + ]; + }; + + nodev."/" = { + fsType = "tmpfs"; + mountOptions = [ + "size=128M" + "mode=755" + "noexec" + ]; + }; + + nodev."/nix" = { + fsType = "ext4"; + device = "/dev/disk/by-id/ata-SK_hynix_SC311_SATA_128GB_MJ88N52701150940J-part3"; + mountOptions = [ + "X-mount.subdir=nix" + ]; + preMountHook = '' + tmpdir=$(mktemp -d) + + mount /dev/disk/by-id/ata-SK_hynix_SC311_SATA_128GB_MJ88N52701150940J-part3 $tmpdir + mkdir $tmpdir/nix + umount $tmpdir + ''; + }; + + disk.ssd = { + device = "/dev/disk/by-id/ata-SK_hynix_SC311_SATA_128GB_MJ88N52701150940J"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + ESP = { + type = "EF00"; + size = "2048M"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = ["umask=0077"]; + }; + }; + + swap = { + size = "8192M"; + content.type = "swap"; + }; + + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/persist"; + }; + }; + }; + }; + }; + }; +} diff --git a/nixos/systems/saw/nixpkgs.nix b/nixos/systems/saw/nixpkgs.nix new file mode 100644 index 0000000..72fa45d --- /dev/null +++ b/nixos/systems/saw/nixpkgs.nix @@ -0,0 +1,10 @@ +{ + inputs', + config', + lib, + ... +}: { + imports = [ + ../../common/nixpkgs.nix + ]; +} diff --git a/nixos/systems/saw/users.nix b/nixos/systems/saw/users.nix new file mode 100644 index 0000000..14e8b67 --- /dev/null +++ b/nixos/systems/saw/users.nix @@ -0,0 +1,24 @@ +{ + inputs', + config', + secret, + lib, + ... +}: { + imports = [ + inputs'.home-manager-stable.nixosModules.default + ../../common/users.nix + ]; + + home-manager.useGlobalPkgs = true; + home-manager.extraSpecialArgs = { + config' = config'; + inputs' = inputs'; + secret = secret; + }; + home-manager.users.main = { + imports = [(inputs'.self + "/home-manager/modules/profiles/server.nix")]; + + home.stateVersion = "24.05"; + }; +} diff --git a/patches/squeekboard-layer-overlay.patch b/patches/squeekboard-layer-overlay.patch new file mode 100644 index 0000000..f24af74 --- /dev/null +++ b/patches/squeekboard-layer-overlay.patch @@ -0,0 +1,13 @@ +diff --git a/src/panel.c b/src/panel.c +index a9942c8..63ade5c 100644 +--- a/src/panel.c ++++ b/src/panel.c +@@ -79,7 +79,7 @@ panel_manager_request_widget (struct panel_manager *self, struct wl_output *outp + "anchor", ZWLR_LAYER_SURFACE_V1_ANCHOR_BOTTOM + | ZWLR_LAYER_SURFACE_V1_ANCHOR_LEFT + | ZWLR_LAYER_SURFACE_V1_ANCHOR_RIGHT, +- "layer", ZWLR_LAYER_SHELL_V1_LAYER_TOP, ++ "layer", ZWLR_LAYER_SHELL_V1_LAYER_OVER, + "kbd-interactivity", FALSE, + "exclusive-zone", height, + "namespace", "osk",