johno/nixos-configs
1
0
Fork 0
Code Issues 3 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

Compare commits

base: johno:53504ffde3ef8a34778a8b3d83bc5d8bb9c5673f
Branches Tags
johno:main johno:beads-sync johno:bead/nixos-configs-vru johno:bead/nixos-configs-2mk johno:bead/nixos-configs-tcu johno:bead/nixos-configs-pea johno:bead/nixos-configs-ek5 johno:bead/nixos-configs-bli johno:bead/nixos-configs-fkt johno:bead/nixos-configs-u81 johno:bead/nixos-configs-tdf johno:bead/nixos-configs-2hq johno:bead/nixos-configs-85h johno:bead/nixos-configs-7hd johno:bead/nixos-configs-is4 johno:bead/nixos-configs-0ov johno:bead/nixos-configs-v2v johno:bead/nixos-configs-0vf johno:feat/prebuilt-doom-usb-nixos-configs-1wd johno:feat/starship-prompt-nixos-configs-uji johno:fix/mu4e-email-body-nixos-configs-9l8 johno:feature/sendspin-cli-package johno:25.11 johno:nix-deck-setup johno:boxy-app-launcher johno:btrfs-role johno:convert-nixbook-to-btrfs johno:add-liveusb johno:shared-steam-library johno:add-steam-streaming-sleep-inhibitor johno:kodi-add-kdeconnect johno:kodi-updates johno:kodi-hdr johno:spotifyd johno:plasma-manager johno:fix-kodi-wayland johno:k3s johno:sway johno:kodi-to-wayland johno:home-manager-as-nixos-module
..
compare: johno:convert-nixbook-to-btrfs
Branches Tags
johno:beads-sync johno:main johno:bead/nixos-configs-vru johno:bead/nixos-configs-2mk johno:bead/nixos-configs-tcu johno:bead/nixos-configs-pea johno:bead/nixos-configs-ek5 johno:bead/nixos-configs-bli johno:bead/nixos-configs-fkt johno:bead/nixos-configs-u81 johno:bead/nixos-configs-tdf johno:bead/nixos-configs-2hq johno:bead/nixos-configs-85h johno:bead/nixos-configs-7hd johno:bead/nixos-configs-is4 johno:bead/nixos-configs-0ov johno:bead/nixos-configs-v2v johno:bead/nixos-configs-0vf johno:feat/prebuilt-doom-usb-nixos-configs-1wd johno:feat/starship-prompt-nixos-configs-uji johno:fix/mu4e-email-body-nixos-configs-9l8 johno:feature/sendspin-cli-package johno:25.11 johno:nix-deck-setup johno:boxy-app-launcher johno:btrfs-role johno:convert-nixbook-to-btrfs johno:add-liveusb johno:shared-steam-library johno:add-steam-streaming-sleep-inhibitor johno:kodi-add-kdeconnect johno:kodi-updates johno:kodi-hdr johno:spotifyd johno:plasma-manager johno:fix-kodi-wayland johno:k3s johno:sway johno:kodi-to-wayland johno:home-manager-as-nixos-module

4 Commits
53504ffde3 ... convert-ni

Author SHA1 Message Date
John Ogle
52a32d896b [nix-book] Update drive UUID 2025-07-29 15:47:34 -07:00
John Ogle
24eb221555 [nix-book] Add beesd 2025-07-29 11:51:52 -07:00
John Ogle
3a54975858 [nix-book] Update file system type to btrfs 2025-07-29 11:51:38 -07:00
John Ogle
4fc70faf05 [nix-book] Add btrfs migration plan 2025-07-29 11:32:01 -07:00
16 changed files with 52 additions and 768 deletions
Expand all files Collapse all files

19
build-liveusb.sh
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
# Build Live USB ISO from flake configuration
# Creates an uncompressed ISO suitable for Ventoy and other USB boot tools
set -e
echo "Building Live USB ISO..."
nix build .#nixosConfigurations.live-usb.config.system.build.isoImage --show-trace
if [ -f "./result/iso/"*.iso ]; then
iso_file=$(ls ./result/iso/*.iso)
echo "✅ Build complete!"
echo "📁 ISO location: $iso_file"
echo "💾 Ready for Ventoy or dd to USB"
else
echo "❌ Build failed - no ISO file found"
exit 1
fi

30
flake.lock generated
View File

@@ -43,11 +43,11 @@
]
},
"locked": {
"lastModified": 1755914636,
"narHash": "sha256-VJ+Gm6YsHlPfUCpmRQxvdiZW7H3YPSrdVOewQHAhZN8=",
"lastModified": 1752402455,
"narHash": "sha256-mCHfZhQKdTj2JhCFcqfOfa3uKZbwUkPQbd0/zPnhOE8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "8b55a6ac58b678199e5bba701aaff69e2b3281c0",
"rev": "bf893ad4cbf46610dd1b620c974f824e266cd1df",
"type": "github"
},
"original": {
@@ -62,11 +62,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1755261305,
"narHash": "sha256-EOqCupB5X5WoGVHVcfOZcqy0SbKWNuY3kq+lj1wHdu8=",
"lastModified": 1752199438,
"narHash": "sha256-xSBMmGtq8K4Qv80TMqREmESCAsRLJRHAbFH2T/2Bf1Y=",
"owner": "nix-community",
"repo": "NixOS-WSL",
"rev": "203a7b463f307c60026136dd1191d9001c43457f",
"rev": "d34d9412556d3a896e294534ccd25f53b6822e80",
"type": "github"
},
"original": {
@@ -78,11 +78,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1754725699,
"narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=",
"lastModified": 1751792365,
"narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054",
"rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb",
"type": "github"
},
"original": {
@@ -94,11 +94,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1755615617,
"narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
"lastModified": 1751984180,
"narHash": "sha256-LwWRsENAZJKUdD3SpLluwDmdXY9F45ZEgCb0X+xgOL0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "20075955deac2583bb12f07151c2df830ef346b4",
"rev": "9807714d6944a957c2e036f84b0ff8caf9930bc0",
"type": "github"
},
"original": {
@@ -118,11 +118,11 @@
]
},
"locked": {
"lastModified": 1754501628,
"narHash": "sha256-FExJ54tVB5iu7Dh2tLcyCSWpaV+lmUzzWKZUkemwXvo=",
"lastModified": 1748196248,
"narHash": "sha256-1iHjsH6/5UOerJEoZKE+Gx1BgAoge/YcnUsOA4wQ/BU=",
"owner": "nix-community",
"repo": "plasma-manager",
"rev": "cca090f8115c4172b9aef6c5299ae784bdd5e133",
"rev": "b7697abe89967839b273a863a3805345ea54ab56",
"type": "github"
},
"original": {

28
flake.nix
View File

@@ -74,34 +74,6 @@
];
};
nixosConfigurations.zix790prors = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = baseModules ++ [
./machines/zix790prors/configuration.nix
inputs.home-manager.nixosModules.home-manager
{
home-manager.users.johno = import ./home/home.nix;
home-manager.extraSpecialArgs = { inherit system; };
}
];
};
# Live USB ISO configuration
nixosConfigurations.live-usb = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = baseModules ++ [
./machines/live-usb/configuration.nix
{
home-manager.users.nixos = { ... }: {
imports = [ ./home/home.nix ];
home.username = nixpkgs.lib.mkForce "nixos";
home.homeDirectory = nixpkgs.lib.mkForce "/home/nixos";
};
home-manager.extraSpecialArgs = { inherit system; };
}
];
};
homeConfigurations."johno" = inputs.home-manager.lib.homeManagerConfiguration {
pkgs = inputs.nixpkgs.legacyPackages."x86_64-linux";
modules = [

12
home/home.nix
View File

@@ -57,7 +57,6 @@ in
pkgs.ncdu
pkgs.nextcloud-talk-desktop
pkgs.openscad-unstable
pkgs.syncthingtray
pkgs.pandoc
#pkgs.pinentry-qt
#pkgs.pytest
@@ -69,7 +68,9 @@ in
pkgs.wofi
pkgs.vlc
## Kubernetes cluster management handled by kubectl-secure module
## Kubernetes cluster management
pkgs.kubectl
pkgs.kubernetes-helm
globalInputs.google-cookie-retrieval.packages.${system}.default
];
@@ -116,7 +117,6 @@ in
imports = [
./modules/emacs
./modules/i3+sway
./modules/kubectl
./modules/plasma-manager
./modules/tmux
];
@@ -152,7 +152,7 @@ in
programs.jq.enable = true;
programs.kubectl-secure.enable = true;
programs.k9s.enable = true;
programs.neovim = {
enable = true;
@@ -194,6 +194,10 @@ in
services.syncthing = {
enable = true;
tray = {
enable = true;
command = "syncthingtray --wait";
};
};
xdg.enable = true;

249
home/modules/kubectl/default.nix
View File

@@ -1,249 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.programs.kubectl-secure;
in
{
options.programs.kubectl-secure = {
enable = mkEnableOption "secure kubectl configuration with Bitwarden integration";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
kubectl
kubernetes-helm
];
programs.k9s.enable = true;
programs.bash.initExtra = mkAfter ''
# Kubectl secure session management
export KUBECTL_SESSION_DIR="/dev/shm/kubectl-$$"
kube-select() {
if [[ $# -ne 1 ]]; then
echo "Usage: kube-select <context-name>"
echo "Available contexts: $(kube-list)"
return 1
fi
local context="$1"
# Clean up any existing session first
kube-clear 2>/dev/null
# Create new session directory
mkdir -p "$KUBECTL_SESSION_DIR"
chmod 700 "$KUBECTL_SESSION_DIR"
# Set cleanup trap for this shell session
trap "rm -rf '$KUBECTL_SESSION_DIR' 2>/dev/null" EXIT
# Set KUBECONFIG for this session
export KUBECONFIG="$KUBECTL_SESSION_DIR/config"
# Load config from Bitwarden secure notes
if ! rbw get "kubectl-$context" > "$KUBECONFIG" 2>/dev/null; then
echo "Error: Could not retrieve kubectl-$context from Bitwarden"
echo "Make sure the entry exists with name: kubectl-$context"
kube-clear
return 1
fi
# Verify the kubeconfig is valid
if ! kubectl config view >/dev/null 2>&1; then
echo "Error: Invalid kubeconfig retrieved from Bitwarden"
kube-clear
return 1
fi
echo " Loaded kubectl context: $context (session: $$)"
echo " Config location: $KUBECONFIG"
}
kube-list() {
echo "Available kubectl contexts in Bitwarden:"
rbw search kubectl- 2>/dev/null | grep "^kubectl-" | sed 's/^kubectl-/ - /' || echo " (none found or rbw not accessible)"
}
kube-clear() {
if [[ -n "$KUBECTL_TIMEOUT_PID" ]]; then
kill "$KUBECTL_TIMEOUT_PID" 2>/dev/null
unset KUBECTL_TIMEOUT_PID
fi
if [[ -d "$KUBECTL_SESSION_DIR" ]]; then
rm -rf "$KUBECTL_SESSION_DIR"
echo "Cleared kubectl session ($$)"
fi
unset KUBECONFIG
}
kube-status() {
if [[ -f "$KUBECONFIG" ]]; then
local current_context
current_context=$(kubectl config current-context 2>/dev/null)
if [[ -n "$current_context" ]]; then
echo "Active kubectl context: $current_context"
echo "Session: $$ | Config: $KUBECONFIG"
# Show cluster info
local cluster_server
cluster_server=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}' 2>/dev/null)
if [[ -n "$cluster_server" ]]; then
echo "Cluster: $cluster_server"
fi
else
echo "No active context in current session"
fi
else
echo "No kubectl session active in this shell"
echo "Use 'kube-select <context>' to start a session"
fi
}
# Helper function to show available commands
kube-help() {
echo "Secure kubectl session management commands:"
echo ""
echo "Session management:"
echo " kube-select <context> - Load kubeconfig from Bitwarden"
echo " kube-status - Show current session status"
echo " kube-clear - Clear current session"
echo ""
echo "Configuration management:"
echo " kube-list - List available contexts in Bitwarden"
echo ""
echo "Help:"
echo " kube-help - Show this help"
echo ""
echo "Examples:"
echo " kube-select prod # Loads from secure note"
echo " kubectl get pods"
echo " kube-clear"
echo ""
echo "Note: Kubeconfigs are stored as secure notes in Bitwarden"
}
'';
programs.zsh.initExtra = mkAfter ''
# Kubectl secure session management (zsh)
export KUBECTL_SESSION_DIR="/dev/shm/kubectl-$$"
kube-select() {
if [[ $# -ne 1 ]]; then
echo "Usage: kube-select <context-name>"
echo "Available contexts: $(kube-list)"
return 1
fi
local context="$1"
# Clean up any existing session first
kube-clear 2>/dev/null
# Create new session directory
mkdir -p "$KUBECTL_SESSION_DIR"
chmod 700 "$KUBECTL_SESSION_DIR"
# Set cleanup trap for this shell session
trap "rm -rf '$KUBECTL_SESSION_DIR' 2>/dev/null" EXIT
# Set KUBECONFIG for this session
export KUBECONFIG="$KUBECTL_SESSION_DIR/config"
# Load config from Bitwarden secure notes
if ! rbw get "kubectl-$context" > "$KUBECONFIG" 2>/dev/null; then
echo "Error: Could not retrieve kubectl-$context from Bitwarden"
echo "Make sure the entry exists with name: kubectl-$context"
kube-clear
return 1
fi
# Verify the kubeconfig is valid
if ! kubectl config view >/dev/null 2>&1; then
echo "Error: Invalid kubeconfig retrieved from Bitwarden"
kube-clear
return 1
fi
echo " Loaded kubectl context: $context (session: $$)"
echo " Config location: $KUBECONFIG"
# Optional: Set timeout cleanup
if [[ ${toString cfg.sessionTimeout} -gt 0 ]]; then
(sleep ${toString cfg.sessionTimeout}; kube-clear 2>/dev/null) &
export KUBECTL_TIMEOUT_PID=$!
fi
}
kube-list() {
echo "Available kubectl contexts in Bitwarden:"
rbw search kubectl- 2>/dev/null | grep "^kubectl-" | sed 's/^kubectl-/ - /' || echo " (none found or rbw not accessible)"
}
kube-clear() {
if [[ -n "$KUBECTL_TIMEOUT_PID" ]]; then
kill "$KUBECTL_TIMEOUT_PID" 2>/dev/null
unset KUBECTL_TIMEOUT_PID
fi
if [[ -d "$KUBECTL_SESSION_DIR" ]]; then
rm -rf "$KUBECTL_SESSION_DIR"
echo "Cleared kubectl session ($$)"
fi
unset KUBECONFIG
}
kube-status() {
if [[ -f "$KUBECONFIG" ]]; then
local current_context
current_context=$(kubectl config current-context 2>/dev/null)
if [[ -n "$current_context" ]]; then
echo "Active kubectl context: $current_context"
echo "Session: $$ | Config: $KUBECONFIG"
# Show cluster info
local cluster_server
cluster_server=$(kubectl config view --minify -o jsonpath='{.clusters[0].cluster.server}' 2>/dev/null)
if [[ -n "$cluster_server" ]]; then
echo "Cluster: $cluster_server"
fi
else
echo "No active context in current session"
fi
else
echo "No kubectl session active in this shell"
echo "Use 'kube-select <context>' to start a session"
fi
}
# Helper function to show available commands
kube-help() {
echo "Secure kubectl session management commands:"
echo ""
echo "Session management:"
echo " kube-select <context> - Load kubeconfig from Bitwarden"
echo " kube-status - Show current session status"
echo " kube-clear - Clear current session"
echo ""
echo "Configuration management:"
echo " kube-list - List available contexts in Bitwarden"
echo ""
echo "Help:"
echo " kube-help - Show this help"
echo ""
echo "Examples:"
echo " kube-select prod # Loads from secure note"
echo " kubectl get pods"
echo " kube-clear"
echo ""
echo "Note: Kubeconfigs are stored as secure notes in Bitwarden"
}
'';
};
}

2
machines/boxy/configuration.nix
View File

@@ -17,7 +17,7 @@ with lib;
bluetooth.enable = true;
desktop = {
enable = true;
gaming.enable = true;
gaming = true;
kde = true;
sddm = true;
wayland = true;

89
machines/live-usb/configuration.nix
View File

@@ -1,89 +0,0 @@
# Live USB ISO configuration for recovery and installation
{ pkgs, modulesPath, ... }:
{
imports = [
# Use minimal installation CD as base
(modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
];
# Use roles structure for consistent configuration
roles = {
audio.enable = true;
bluetooth.enable = true;
desktop = {
enable = true;
kde = true;
x11 = true;
wayland = true;
sddm = true;
};
};
# Allow unfree packages for broader hardware support
nixpkgs.config.allowUnfree = true;
# Essential packages for system recovery and installation
environment.systemPackages = with pkgs; [
# Text editors
neovim
nano
# System tools
git
curl
wget
htop
tree
lsof
strace
# Filesystem tools
btrfs-progs
e2fsprogs
xfsprogs
ntfs3g
dosfstools
# Network tools
networkmanager
wirelesstools
# Hardware tools
pciutils
usbutils
smartmontools
# Archive tools
unzip
p7zip
# Development tools (for quick fixes)
gcc
binutils
];
# Enable NetworkManager for easy wifi setup
networking.networkmanager.enable = true;
# Enable SSH daemon for remote access
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "yes";
PasswordAuthentication = true;
};
};
# ISO customization
isoImage = {
volumeID = "NIXOS-LIVE";
};
# Enable some useful services
services.udisks2.enable = true; # For mounting USB drives
# Hardware support
hardware.enableAllFirmware = true;
hardware.enableRedistributableFirmware = true;
}

10
machines/nix-book/configuration.nix
View File

@@ -15,7 +15,7 @@
desktop = {
enable = true;
wayland = true;
gaming.enable = false;
gaming = false;
kde = true;
sddm = true;
};
@@ -39,6 +39,14 @@
boot.kernelPackages = pkgs.linuxPackages_latest;
# Btrfs deduplication service
services.beesd.filesystems = {
root = {
spec = "/";
hashTableSizeMB = 32; # 128MB per TB recommended, ~225GB = ~32MB
verbosity = "err"; # Only show actual problems
};
};
# Enable networking
networking.networkmanager.enable = true;

26
machines/nix-book/hardware-configuration.nix
View File

@@ -10,28 +10,20 @@
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.initrd.luks.devices."luks-4126fbd4-bd09-4ece-af0d-6fff414c21b3".device = "/dev/disk/by-uuid/4126fbd4-bd09-4ece-af0d-6fff414c21b3";
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
roles.btrfs = {
enable = true;
filesystems."/dev/disk/by-uuid/223a44e5-91e2-4272-830e-129166042a1d" = {
mountpoints = {
"/" = {
compression = "zstd";
extraOptions = [ "noatime" ];
};
};
scrub.enable = true;
deduplication = {
enable = true;
hashTableSizeMB = 32;
verbosity = "err";
};
};
fileSystems."/" =
{ device = "/dev/disk/by-uuid/223a44e5-91e2-4272-830e-129166042a1d";
fsType = "btrfs";
options = [
"compress=zstd" # Enable zstd compression for space savings
"noatime" # Don't update access times for performance
];
};
boot.initrd.luks.devices."luks-4126fbd4-bd09-4ece-af0d-6fff414c21b3".device = "/dev/disk/by-uuid/4126fbd4-bd09-4ece-af0d-6fff414c21b3";
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/7A0B-CF88";
fsType = "vfat";

92
machines/zix790prors/configuration.nix
View File

@@ -1,92 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ lib, pkgs, ... }:
with lib;
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
roles = {
audio.enable = true;
bluetooth.enable = true;
desktop = {
enable = true;
gaming = {
enable = true;
emulation = true;
};
kde = true;
sddm = true;
wayland = true;
};
nfs-mounts.enable = true;
printing.enable = true;
users.enable = true;
virtualisation.enable = true;
};
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.configurationLimit = 2; # Reduced to save /boot space (TODO Increase /boot partition size)
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.timeout = 10;
networking.hostName = "zix790prors"; # Define your hostname.
# Enable networking
networking.networkmanager.enable = true;
# Fix dual boot clock sync - tell Linux to use local time for hardware clock
time.hardwareClockInLocalTime = true;
# NVIDIA Graphics configuration
services.xserver.videoDrivers = [ "nvidia" ];
hardware.graphics.enable = true;
hardware.graphics.enable32Bit = true;
hardware.nvidia = {
# Modesetting is required.
modesetting.enable = true;
# Enable the Nvidia settings menu,
# accessible via `nvidia-settings`.
nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU.
package = pkgs.linuxPackages.nvidiaPackages.stable;
# Use open source kernel modules (recommended for RTX/GTX 16xx and newer)
# Set to false if you have an older GPU
open = true;
# For gaming performance
powerManagement.enable = false;
powerManagement.finegrained = false;
};
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "25.11"; # Did you read the comment?
}

57
machines/zix790prors/hardware-configuration.nix
View File

@@ -1,57 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/76B0-738E";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
roles.btrfs = {
enable = true;
filesystems."/dev/disk/by-uuid/ec22734b-d1a3-4c99-8c6f-86f6a8d79007" = {
mountpoints = {
"/" = {
compression = "zstd";
extraOptions = [ "noatime" ];
};
};
scrub.enable = true;
deduplication = {
enable = true;
hashTableSizeMB = 128;
verbosity = "err";
};
};
filesystems."/dev/disk/by-uuid/4f9844ac-c1ad-4426-8eb3-21f2306345fb" = {
mountpoints = {
"/games" = {
extraOptions = [ "noatime" ];
};
};
scrub.enable = true;
deduplication = {
enable = true;
hashTableSizeMB = 256;
verbosity = "err";
};
};
};
swapDevices = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

173
roles/btrfs/default.nix
View File

@@ -1,173 +0,0 @@
{ lib, config, pkgs, ... }:
with lib;
let
cfg = config.roles.btrfs;
in
{
options.roles.btrfs = {
enable = mkEnableOption "Enable btrfs filesystem management";
filesystems = mkOption {
type = types.attrsOf (types.submodule {
options = {
# Filesystem-level maintenance options
scrub = {
enable = mkOption {
type = types.bool;
default = true;
description = "Enable automatic scrubbing for this filesystem";
};
interval = mkOption {
type = types.str;
default = "weekly";
description = "Scrub interval (systemd timer format)";
};
};
deduplication = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable beesd deduplication for this filesystem";
};
hashTableSizeMB = mkOption {
type = types.int;
default = 1024;
description = "Hash table size in MB (should be multiple of 16)";
};
verbosity = mkOption {
type = types.str;
default = "info";
description = "Logging verbosity level";
};
};
balance = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable periodic balance operations";
};
interval = mkOption {
type = types.str;
default = "monthly";
description = "Balance interval (systemd timer format)";
};
dataUsage = mkOption {
type = types.int;
default = 50;
description = "Data usage threshold for balance";
};
metadataUsage = mkOption {
type = types.int;
default = 50;
description = "Metadata usage threshold for balance";
};
};
# Mountpoint-based configuration
mountpoints = mkOption {
type = types.attrsOf (types.submodule {
options = {
subvolume = mkOption {
type = types.nullOr types.str;
default = null;
description = "Subvolume name. If null, uses default subvolume.";
};
compression = mkOption {
type = types.str;
default = "zstd";
description = "Compression algorithm (zstd, lzo, lz4, none)";
};
autodefrag = mkOption {
type = types.bool;
default = false;
description = "Enable automatic defragmentation";
};
extraOptions = mkOption {
type = types.listOf types.str;
default = [];
description = "Additional mount options";
};
};
});
default = {};
description = "Mountpoint configurations for this filesystem";
};
};
});
default = {};
description = "Btrfs filesystems configuration";
};
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
btrfs-progs
compsize
];
# Generate fileSystems configuration from mountpoints
fileSystems = mkMerge (flatten (mapAttrsToList (device: fsCfg:
mapAttrsToList (mountpoint: mountCfg:
{
${mountpoint} = {
device = device;
fsType = "btrfs";
options =
(optional (mountCfg.subvolume != null) "subvol=${mountCfg.subvolume}") ++
[ "compress=${mountCfg.compression}" ] ++
(optional mountCfg.autodefrag "autodefrag") ++
mountCfg.extraOptions;
};
}
) fsCfg.mountpoints
) cfg.filesystems));
# Configure scrub service using NixOS built-in
services.btrfs.autoScrub = mkIf (any (fs: fs.scrub.enable) (attrValues cfg.filesystems)) {
enable = true;
interval = "weekly"; # TODO: Make this configurable per filesystem
fileSystems = attrNames (filterAttrs (_: fs: fs.scrub.enable) cfg.filesystems);
};
# Configure beesd for filesystems with deduplication enabled
services.beesd.filesystems = mapAttrs' (device: fsCfg:
nameValuePair (replaceStrings ["/"] ["_"] (replaceStrings ["-"] ["_"] device)) {
spec = device;
hashTableSizeMB = fsCfg.deduplication.hashTableSizeMB;
verbosity = fsCfg.deduplication.verbosity;
}
) (filterAttrs (_: fs: fs.deduplication.enable) cfg.filesystems);
# Custom balance services for filesystems with balance enabled
systemd.services = mkMerge (mapAttrsToList (device: fsCfg: mkIf fsCfg.balance.enable {
"btrfs-balance-${replaceStrings ["/"] ["-"] (replaceStrings ["-"] ["_"] device)}" = {
description = "Balance btrfs filesystem ${device}";
script = ''
${pkgs.btrfs-progs}/bin/btrfs balance start \
-dusage=${toString fsCfg.balance.dataUsage} \
-musage=${toString fsCfg.balance.metadataUsage} \
${device}
'';
serviceConfig = {
Type = "oneshot";
Nice = 19;
IOSchedulingClass = "idle";
};
};
}) cfg.filesystems);
# Balance timers
systemd.timers = mkMerge (mapAttrsToList (device: fsCfg: mkIf fsCfg.balance.enable {
"btrfs-balance-${replaceStrings ["/"] ["-"] (replaceStrings ["-"] ["_"] device)}" = {
description = "Periodic balance for ${device}";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = fsCfg.balance.interval;
Persistent = true;
};
};
}) cfg.filesystems);
};
}

1
roles/default.nix
View File

@@ -6,7 +6,6 @@ with lib;
imports = [
./audio
./bluetooth
./btrfs
./desktop
./kodi
./nfs-mounts

5
roles/desktop/default.nix
View File

@@ -9,10 +9,7 @@ with lib;
x11 = mkOption { type = types.bool; default = false; description = "Enable X11 support."; };
wayland = mkOption { type = types.bool; default = false; description = "Enable Wayland support."; };
kde = mkOption { type = types.bool; default = false; description = "Enable KDE."; };
gaming = {
enable = mkOption { type = types.bool; default = false; description = "Enable gaming support."; };
emulation = mkOption { type = types.bool; default = false; description = "Enable emulation support."; };
};
gaming = mkOption { type = types.bool; default = false; description = "Enable gaming support."; };
sddm = mkOption { type = types.bool; default = false; description = "Enable SDDM greeter."; };
};

13
roles/desktop/gaming.nix
View File

@@ -6,8 +6,7 @@ let
cfg = config.roles.desktop;
in
{
config = mkMerge [
(mkIf (cfg.enable && cfg.gaming.enable) {
config = mkIf (cfg.enable && cfg.gaming) {
environment.systemPackages = with pkgs; [
steam
lutris
@@ -15,13 +14,5 @@ in
];
# Possibly other gaming specific services or settings
})
(mkIf (cfg.enable && cfg.gaming.emulation) {
environment.systemPackages = with pkgs; [
ryubing
dolphin-emu
];
})
];
};
}

2
roles/printing/default.nix
View File

@@ -22,7 +22,7 @@ in
hardware.printers.ensurePrinters = [{
name = "MFC-L8900CDW_series";
deviceUri = "ipp://brother.oglehome/ipp/print";
deviceUri = "dnssd://Brother%20MFC-L8900CDW%20series._ipp._tcp.local/?uuid=e3248000-80ce-11db-8000-b422006699d8";
model = "everywhere";
}];
hardware.printers.ensureDefaultPrinter = "MFC-L8900CDW_series";