chandlerswift/machine-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
machine-config/oscar/configuration.nix
Chandler Swift 862c5d6785
oscar, sam: Make git.signing.format explicit 
b92cad188c

    git: warn on signing format default change
    The default value for programs.git.signing.format changed in 25.05
    from an implicit "openpgp" to null. Keep the existing gated
    mkOptionDefault behavior so the signing block only materializes when
    other signing settings are in use, but route the versioned value and
    static docs text through the shared state-version helper.

    Add a focused current-state-version test that covers a non-empty
    signing configuration with no explicit format, alongside the existing
    legacy implicit-openpgp and explicit-format tests.
2026-03-24 14:20:22 -05:00

400 lines
10 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, ... }:
{
imports =
[
<nixos-hardware/framework/13-inch/7040-amd>
./hardware-configuration.nix
<home-manager/nixos>
];
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"steam"
"steam-original"
"steam-run"
"steam-unwrapped"
];
# https://discourse.nixos.org/t/github-strategies-for-configuration-nix/1983/14
nix.nixPath = [
"nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos"
"nixos-config=/home/chandler/projects/machine-config/${config.networking.hostName}/configuration.nix"
"/nix/var/nix/profiles/per-user/root/channels"
];
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.plymouth.enable = true;
boot.plymouth.theme = "breeze";
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
boot.binfmt.preferStaticEmulators = true;
boot.initrd.luks.devices."luks-ca2fdf0b-d385-498c-9f7d-f58368a65fd4".device = "/dev/disk/by-uuid/ca2fdf0b-d385-498c-9f7d-f58368a65fd4";
networking.hostName = "oscar"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Enable networking
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "America/Chicago";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
# Enable the KDE Plasma Desktop Environment.
services.displayManager.sddm.enable = true;
services.displayManager.sddm.wayland.enable = true;
services.desktopManager.plasma6.enable = true;
# Configure keymap in X11
services.xserver.xkb = {
layout = "us";
variant = "";
};
services.fwupd.enable = true;
# Enable CUPS to print documents.
services.printing.enable = true;
services.atd.enable = true;
services.hardware.bolt.enable = true;
virtualisation.docker.enable = true;
hardware.bluetooth.enable = true;
hardware.keyboard.qmk.enable = true;
# Enable sound with pipewire.
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
environment.sessionVariables = {
BUILDKIT_PROGRESS = "plain";
};
# Define a user account. Don't forget to set a password with passwd.
users.users.chandler.isNormalUser = true;
users.users.chandler.description = "Chandler Swift";
users.users.chandler.extraGroups = [ "networkmanager" "wheel" "dialout" "cdrom" "plugdev" "adbusers" "libvirtd" "docker" ];
home-manager.backupFileExtension = "backup";
home-manager.users.chandler = { pkgs, ... }: {
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"android-studio"
"discord"
"factorio-space-age"
];
home.packages = with pkgs; [
# applications
android-studio
blender
freecad
frescobaldi
gimp3
gnome-sound-recorder
inkscape
josm
kdePackages.kate
(kdePackages.spectacle.override { tesseractLanguages = [ "eng" ]; })
krita
kicad
libreoffice-qt
mumble
musescore
prusa-slicer
qgis
solvespace
supersonic
tenacity
zed-editor
# games
bolt-launcher
prismlauncher
scummvm
# runelite
# command line applications
iperf
units
yt-dlp
# command line utilities
alsa-utils
android-tools
dig
file
ffmpeg
git-absorb
imagemagick
jujutsu
killall
pv
scrcpy
unzip
wl-clipboard
# ✨ AI ✨
llama-cpp-vulkan
# compilers/language utils
cargo
rustc
clang
go
delve
go-tools
gopls
# audio tools
jacktrip
qjackctl
qsynth
# Unfree:
discord
factorio-space-age
];
programs.thunderbird.enable = true;
programs.bash = {
enable = true;
historyControl = [ "ignoredups" "ignorespace" ];
};
programs.direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
};
programs.emacs = {
enable = true;
package = pkgs.emacs-gtk;
extraPackages = epkgs: [
epkgs.nix-mode
epkgs.magit
epkgs.rust-mode
];
};
programs.vscode = let
extensionrepo =
(import (builtins.fetchGit {
url = "https://github.com/nix-community/nix-vscode-extensions";
ref = "refs/heads/master";
})).extensions.${builtins.currentSystem};
in {
enable = true;
package = pkgs.vscodium;
mutableExtensionsDir = false;
extensions = with extensionrepo.open-vsx; [ # TODO: -release ?
eamodio.gitlens
editorconfig.editorconfig
golang.go
jeandeaual.lilypond-syntax
jeandeaual.scheme
jeanp413.open-remote-ssh
jnoortheen.nix-ide
llvm-vs-code-extensions.vscode-clangd
ms-azuretools.vscode-docker
ms-python.debugpy
ms-python.python
rust-lang.rust-analyzer
stkb.rewrap
xaver.clang-format
];
userSettings = {
"files.autoSave" = "afterDelay";
"editor.renderWhitespace" = "boundary";
"files.insertFinalNewline" = true;
"files.trimFinalNewlines" = true;
"editor.rulers" = [80 120];
"[git-commit]" = {
"editor.inlineSuggest.enabled" = false;
};
};
};
programs.git = {
enable = true;
lfs.enable = true;
signing.format = "openpgp";
# TODO: delta or diff-so-fancy or difftastic
settings = {
user.name = "Chandler Swift";
user.email = "chandler@chandlerswift.com";
init.defaultBranch = "main";
pull.ff = "only";
#init.templatedir = "~/.git-template"; # unsure what this was intended to do -- default hooks, maybe?
#TODO: smtp gives some error. Why? Also, do I need a password?
# smtpserver = "smtp.migadu.com";
# smtpuser = "chandler@chandlerswift.com";
# smtpencryption = "tls";
# smtpserverport = 587;
url."https://aur.archlinux.org/".insteadOf = "aur:";
url."ssh://aur@aur.archlinux.org/".pushInsteadOf = "aur:";
url."ssh://git@github.com/ChandlerSwift/".insteadOf = "gh:";
url."ssh://forgejo@bert/chandlerswift/".insteadOf = "forgejo:";
push.autoSetupRemote = true;
rebase.autosquash = true;
rebase.autostash = true;
fetch.parallel = 0; # "some reasonable default"
};
ignores = [
"*.kate-swp"
"*.swp"
"*~"
"\\#*\\#"
"venv"
".direnv"
];
hooks = {
pre-commit = ../git-pre-commit-hook;
};
signing.signByDefault = true;
signing.key = null; # "let GnuPG decide what signing key to use depending on commit's author"
};
programs.ssh = {
enable = true;
matchBlocks."*".addKeysToAgent = "yes";
matchBlocks = {
bert = {
user = "root";
};
bigbird = {
user = "root";
};
};
includes = [
"config.d/*"
];
};
programs.firefox = {
enable = true;
# profiles = {
# default = {
# id = 0;
# name = "default";
# isDefault = true;
# search.default = "DuckDuckGo";
# };
# };
};
programs.beets = {
enable = true;
settings = {
directory = "~/nas/chandler/public/media/music";
library = "~/nas/chandler/public/media/music/beets.db";
plugins = [
"fetchart"
# "lyrics"
# "subsonicupdate" # TODO
"musicbrainz"
"mbsubmit"
"edit"
];
};
};
programs.chromium = {
enable = true;
extensions = [
{ id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; } # ublock origin
];
};
programs.atuin = {
enable = true;
flags = [
"--disable-up-arrow"
];
};
services.kdeconnect.enable = true;
home.stateVersion = "23.11";
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
power-profiles-daemon
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
# enableSSHSupport = true;
};
programs.ssh.startAgent = true;
programs.steam.enable = true;
# List services that you want to enable:
services.fprintd.enable = true;
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = false;
# Car Thing
services.udev.extraRules = ''
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTR{idVendor}=="1b8e", ATTR{idProduct}=="c003", MODE="0660", GROUP="plugdev"
'';
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
}
Reference in a new issue View git blame Copy permalink