From 877b8fbb352e225d6c72fbeb41ce6a3e5eb7ef0d Mon Sep 17 00:00:00 2001 From: Jonas Hahn Date: Sun, 2 Nov 2025 00:24:15 +0100 Subject: [PATCH] auto up 00:24:13 up 0:32, 2 users, load average: 0.84, 0.77, 0.74 auto up 01:08:17 up 6:30, 2 users, load average: 0.62, 0.57, 0.51 auto up 01:59:20 up 7:21, 2 users, load average: 0.17, 0.29, 0.37 auto up 02:38:43 up 0:05, 3 users, load average: 0.52, 0.53, 0.25 auto up 10:53:19 up 0:00, 2 users, load average: 1.01, 0.25, 0.08 auto up 11:12:59 up 0:20, 2 users, load average: 0.61, 0.62, 0.36 auto up 16:24:24 up 1:02, 2 users, load average: 0.54, 0.27, 0.10 auto up 23:01:45 up 8:51, 2 users, load average: 0.57, 0.67, 0.74 auto up 15:03:56 up 0:02, 2 users, load average: 0.32, 0.20, 0.09 auto up 11:49:23 up 0:19, 2 users, load average: 0.09, 0.27, 0.37 --- hosts/minoxy-workstation/configuration.nix | 1 + .../hardware-configuration.nix | 2 +- hosts/nixyos-asus/hardware-configuration.nix | 2 +- hosts/thinix-thinkpad/configuration.nix | 6 +++++ .../hardware-configuration.nix | 1 + modules/essential.nix | 24 ++++++++++++++----- user/packages.nix | 11 +++++++++ 7 files changed, 39 insertions(+), 8 deletions(-) diff --git a/hosts/minoxy-workstation/configuration.nix b/hosts/minoxy-workstation/configuration.nix index 2c8120c..8777f7d 100644 --- a/hosts/minoxy-workstation/configuration.nix +++ b/hosts/minoxy-workstation/configuration.nix @@ -30,6 +30,7 @@ SUBSYSTEM=="block", ENV{ID_FS_UUID}=="A09C8D5E9C8D2FB8", ENV{UDISKS_IGNORE}="1" ''; + # TODO: Make all your working systems go to ext4 on the full disk for ease of use and storage virtualisation.docker.storageDriver = "btrfs"; diff --git a/hosts/minoxy-workstation/hardware-configuration.nix b/hosts/minoxy-workstation/hardware-configuration.nix index 7d4f17d..f525d2c 100644 --- a/hosts/minoxy-workstation/hardware-configuration.nix +++ b/hosts/minoxy-workstation/hardware-configuration.nix @@ -9,7 +9,7 @@ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" "sr_mod" ]; boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; + boot.kernelModules = [ "kvm-intel" "ecryptfs" ]; boot.extraModulePackages = [ ]; fileSystems."/shared" = { diff --git a/hosts/nixyos-asus/hardware-configuration.nix b/hosts/nixyos-asus/hardware-configuration.nix index 0909083..1f3aec7 100644 --- a/hosts/nixyos-asus/hardware-configuration.nix +++ b/hosts/nixyos-asus/hardware-configuration.nix @@ -9,7 +9,7 @@ ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ]; - boot.kernelModules = [ "kvm-intel" ]; + boot.kernelModules = [ "kvm-intel" "ecryptfs" ]; fileSystems."/" = { device = "/dev/disk/by-uuid/881615c5-5c12-46c5-8bd2-1959f9347980"; diff --git a/hosts/thinix-thinkpad/configuration.nix b/hosts/thinix-thinkpad/configuration.nix index b6b9119..a9b1169 100644 --- a/hosts/thinix-thinkpad/configuration.nix +++ b/hosts/thinix-thinkpad/configuration.nix @@ -28,5 +28,11 @@ size = 4096; }]; + services.xserver.xkb = { + layout = "us"; # or "us" or whatever base + variant = "neo"; # for Neo2 + }; + console.useXkbConfig = true; # to make it apply on TTY too + system.stateVersion = "24.11"; # Dont change this } diff --git a/hosts/thinix-thinkpad/hardware-configuration.nix b/hosts/thinix-thinkpad/hardware-configuration.nix index 74ac402..66665a5 100644 --- a/hosts/thinix-thinkpad/hardware-configuration.nix +++ b/hosts/thinix-thinkpad/hardware-configuration.nix @@ -8,6 +8,7 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; + #boot.kernelModules = [ "ecryptfs" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" ]; fileSystems = { diff --git a/modules/essential.nix b/modules/essential.nix index 301c1e3..1732b3c 100644 --- a/modules/essential.nix +++ b/modules/essential.nix @@ -15,6 +15,16 @@ security.polkit.enable = true; security.pam.services.login.enableGnomeKeyring = true; services.gnome.gnome-keyring.enable = true; + #security.pam.enableEcryptfs = true; + + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if (action.id == "org.freedesktop.udisks2.filesystem-mount-system" && + subject.isInGroup("wheel")) { + return polkit.Result.YES; + } + }); + ''; # Nix fun nixpkgs.config.allowUnfree = true; @@ -34,7 +44,7 @@ services.avahi.nssmdns4 = true; environment = { - systemPackages = with pkgs; [ yazi tmux git starship zoxide rsync rclone neovim alacritty gtk4.dev ]; + systemPackages = with pkgs; [ yazi tmux git starship zoxide rsync xorg.libX11.dev rclone neovim alacritty gtk4.dev ]; }; nix.optimise.automatic = true; @@ -42,16 +52,16 @@ nix.gc = { automatic = true; dates = "weekly"; - options = "--delete-older-than 7d"; # Two weeks cache then forget + options = "--delete-older-than 14d"; # Two weeks cache then forget }; networking = { networkmanager = { enable = true; }; }; i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "Lat2-Terminus16"; - keyMap = "us"; - }; + #console = { + # font = "Lat2-Terminus16"; + # keyMap = "us"; + #}; programs.zsh = { enable = true; @@ -62,4 +72,6 @@ [ "history-substring-search" "git" "zoxide" "vi-mode" "systemadmin" ]; }; }; + + programs.ydotool.enable = true; } diff --git a/user/packages.nix b/user/packages.nix index 94d2804..6351522 100644 --- a/user/packages.nix +++ b/user/packages.nix @@ -67,6 +67,7 @@ bat vim unstable.neovim + emacs inotify-tools stow wl-clipboard @@ -80,6 +81,7 @@ # --- System & Network --- btop + iotop fastfetch acpi brightnessctl @@ -93,6 +95,7 @@ curl wget libinput + mtr gdu timer @@ -107,10 +110,17 @@ imagemagick immich-cli parted + lsof + tt bitwarden-cli lazydocker + poppler_utils + prismlauncher + entr + yq lazygit gitui + tokei dig unstable.yazi @@ -138,6 +148,7 @@ git-lfs sops age + ecryptfs ansible android-tools sdkmanager