From 3a429b7fe1ad902c35910b031850f96f01d02903 Mon Sep 17 00:00:00 2001 From: ParkerTenBroeck <51721964+ParkerTenBroeck@users.noreply.github.com> Date: Sat, 23 May 2026 23:30:27 -0400 Subject: [PATCH] switch laptop config --- hosts/laptop.nix | 50 ++++++++++++++++++++++++++++++++++-- modules/arduino.nix | 6 +++++ modules/gui.nix | 11 ++++++++ modules/hyprland/default.nix | 7 +---- modules/locale.nix | 4 +-- modules/packages.nix | 1 - modules/saleae-logic.nix | 4 +++ modules/virt.nix | 8 ++++++ modules/wireguard-client.nix | 21 +++++++++++++++ secrets.nix | 20 ++++++++++++--- 10 files changed, 118 insertions(+), 14 deletions(-) create mode 100644 modules/arduino.nix create mode 100644 modules/gui.nix create mode 100644 modules/saleae-logic.nix create mode 100644 modules/virt.nix create mode 100644 modules/wireguard-client.nix diff --git a/hosts/laptop.nix b/hosts/laptop.nix index cdee41c..5e2a462 100644 --- a/hosts/laptop.nix +++ b/hosts/laptop.nix @@ -1,4 +1,4 @@ -{ +{ pkgs, ...}: { imports = [ ./common.nix ../modules/networking.nix @@ -9,12 +9,58 @@ ../modules/packages.nix ../modules/hyprland ../modules/tex.nix + ../modules/virt.nix + ../modules/arduino.nix + ../../perf_mode/perf_mode.nix ]; nixpkgs.config.allowUnfree = true; networking.hostName = "laptop"; - system.stateVersion = "23.11"; + services.logind.settings.Login.HandlePowerKey = "suspend"; + + # stupid ISO keyboards + console.useXkbConfig = true; + services.xserver.xkb = { + variant = ""; + + layout = "us-custom"; + extraLayouts.us-custom = { + description = "My custom US layout"; + languages = [ "eng" ]; + + symbolsFile = pkgs.writeText "xkb-layout" '' + xkb_symbols "us-custom" { + include "us(basic)" + include "level3(ralt_switch)" + key { [ Shift_L ] }; + }; + ''; + }; + }; + + home-manager.users.may.home.packages = with pkgs; [ + intel-gpu-tools + obsidian + chromium + libreoffice + ]; + + networking.firewall = { + allowedTCPPorts = [ + #web + 8000 + 8080 + + 42069 + ]; + + allowedUDPPorts = [ + #spotify google cast + 5353 + ]; + }; + home-manager.users.may.home.stateVersion = "25.11"; } diff --git a/modules/arduino.nix b/modules/arduino.nix new file mode 100644 index 0000000..d287b9a --- /dev/null +++ b/modules/arduino.nix @@ -0,0 +1,6 @@ +{ pkgs, ...}: { + home-manager.users.may.home.packages = with pkgs; [ + arduino + arduino-ide + ]; +} \ No newline at end of file diff --git a/modules/gui.nix b/modules/gui.nix new file mode 100644 index 0000000..8524819 --- /dev/null +++ b/modules/gui.nix @@ -0,0 +1,11 @@ +{ pkgs, ...}: { + home-manager.users.may.home.packages = with pkgs; [ + firefox # browser + nautilus # gui file manager + alacritty # terminal + imv # image viewer + file-roller # archive manager + vscode # text editor + gnome-disk-utility + ]; +} \ No newline at end of file diff --git a/modules/hyprland/default.nix b/modules/hyprland/default.nix index cbee511..23ad0b1 100644 --- a/modules/hyprland/default.nix +++ b/modules/hyprland/default.nix @@ -10,6 +10,7 @@ in { ./nwg-panel-conf.nix # assume any desktop env will have audio ../audio.nix + ../gui.nix ]; @@ -80,12 +81,6 @@ in { }; home.packages = with pkgs; [ - firefox # browser - nautilus # gui file manager - alacritty # terminal - imv # image viewer - file-roller # archive manager - # notifications libnotify dunst diff --git a/modules/locale.nix b/modules/locale.nix index ff1a158..359d8c3 100644 --- a/modules/locale.nix +++ b/modules/locale.nix @@ -1,8 +1,8 @@ -{ +{ lib, ...}: { time.timeZone = "America/Toronto"; i18n.defaultLocale = "en_CA.UTF-8"; - services.xserver.xkb = { + services.xserver.xkb = lib.mkDefault { layout = "us"; variant = ""; }; diff --git a/modules/packages.nix b/modules/packages.nix index 0746372..d20ca7f 100644 --- a/modules/packages.nix +++ b/modules/packages.nix @@ -7,7 +7,6 @@ openjdk21 vlc spotify - vscode jetbrains.idea obs-studio discord diff --git a/modules/saleae-logic.nix b/modules/saleae-logic.nix new file mode 100644 index 0000000..6708ffd --- /dev/null +++ b/modules/saleae-logic.nix @@ -0,0 +1,4 @@ +{ pkgs, ...}: { + services.udev.packages = [ pkgs.saleae-logic-2 ]; + home-manager.users.may.home.packages = [ pkgs.saleae-logic-2 ]; +} \ No newline at end of file diff --git a/modules/virt.nix b/modules/virt.nix new file mode 100644 index 0000000..82381b4 --- /dev/null +++ b/modules/virt.nix @@ -0,0 +1,8 @@ +{ + programs.virt-manager.enable = true; + users.groups.libvirtd.members = ["may"]; + virtualisation = { + libvirtd.enable = true; + spiceUSBRedirection.enable = true; + }; +} \ No newline at end of file diff --git a/modules/wireguard-client.nix b/modules/wireguard-client.nix new file mode 100644 index 0000000..d166c72 --- /dev/null +++ b/modules/wireguard-client.nix @@ -0,0 +1,21 @@ +{ config, pkgs, ... }: +let + +in +{ + networking.firewall = { + # if packets are still dropped, they will show up in dmesg + logReversePathDrops = true; + # wireguard trips rpfilter up + extraCommands = '' + ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN + ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN + ''; + extraStopCommands = '' + ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true + ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true + ''; + + allowedUDPPorts = [ 51820 ]; + }; +} diff --git a/secrets.nix b/secrets.nix index f5d4499..36f81a4 100644 --- a/secrets.nix +++ b/secrets.nix @@ -1,7 +1,21 @@ let - desktop_may = builtins.readFile ./secrets/ssh/desktop_may_pub; - desktop_host = builtins.readFile ./secrets/ssh/desktop_host_pub; - pub_keys = [ desktop_may desktop_host ]; + readFileOrNull = path: + if builtins.pathExists path + then builtins.readFile path + else null; + + desktop_may = readFileOrNull ./secrets/ssh/desktop_may_pub; + desktop_host = readFileOrNull ./secrets/ssh/desktop_host_pub; + + laptop_may = readFileOrNull ./secrets/ssh/laptop_may_pub; + laptop_host = readFileOrNull ./secrets/ssh/laptop_host_pub; + + pub_keys = builtins.filter builtins.isString [ + desktop_may desktop_host + laptop_may laptop_host + ]; + + _ = if builtins.length pub_keys == 0 then abort "pub_keys must have at least one key" else null; in { "secrets/wireguard/server_priv.age".publicKeys = pub_keys; "secrets/wireguard/home_psk.age".publicKeys = pub_keys;