Skip to content

Instantly share code, notes, and snippets.

@mitchellh

mitchellh/configuration.nix Secret

Last active February 16, 2024 06:27
Show Gist options
  • Star 33 You must be signed in to star a gist
  • Fork 10 You must be signed in to fork a gist
  • Save mitchellh/8aa0b76d42e6f6f12ffe34914e7efe4d to your computer and use it in GitHub Desktop.
Save mitchellh/8aa0b76d42e6f6f12ffe34914e7efe4d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
configuration.nix
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).
{ config, pkgs, ... }:
let
inputs = import ../inputs.nix;
# The list of paths for user imports to setup
userImports = map (n: ../users + "/${n}") inputs.users;
# The first user
firstUser = builtins.head inputs.users;
in {
imports =
[ # Include the results of the hardware scan.
/etc/nixos/hardware-configuration.nix
<home-manager/nixos>
] ++ userImports;
# We expect to run the VM on hidpi machines.
hardware.video.hidpi.enable = true;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Define your hostname.
networking.hostName = "dev";
# Set your time zone.
time.timeZone = "America/Los_Angeles";
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
networking.useDHCP = false;
networking.interfaces.ens33.useDHCP = true;
# Don't require password for sudo
security.sudo.wheelNeedsPassword = false;
# Virtualization settings
virtualisation.docker.enable = true;
virtualisation.vmware.guest.enable = true;
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
# setup the shared folder we'll have with the host
fileSystems."/host" = {
fsType = "fuse./run/current-system/sw/bin/vmhgfs-fuse";
device = ".host:/";
options = [
"umask=22"
"uid=1000"
"gid=1000"
"allow_other"
"auto_unmount"
"defaults"
];
};
# setup windowing environment
services.xserver = {
enable = true;
layout = "us";
dpi = 220;
desktopManager = {
xterm.enable = false;
wallpaper.mode = "scale";
};
displayManager = {
defaultSession = "none+i3";
lightdm.enable = true;
sessionCommands = ''
${pkgs.xlibs.xset}/bin/xset r rate 200 40
'';
};
windowManager = {
i3.enable = true;
};
};
# Define a user account. Don't forget to set a password with ‘passwd’.
users.mutableUsers = false;
# Manage fonts. We pull these from a secret directory since most of these
# fonts require a purchase.
fonts = {
enableFontDir = true;
fonts = [
(builtins.path {
name = "custom-fonts";
path = ../secret/fonts;
recursive = true;
})
];
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
gnumake
killall
niv
rxvt_unicode
xclip
# This is needed for the vmware user tools clipboard to work.
# You can test if you don't need this by deleting this and seeing
# if the clipboard sill works.
gtkmm3
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# Enable the OpenSSH daemon.
services.openssh.enable = true;
services.openssh.passwordAuthentication = false;
services.openssh.permitRootLogin = "no";
# Disable the firewall since we're in a VM and we want to make it
# easy to visit stuff in here. We only use NAT networking anyways.
networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It‘s perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.09"; # Did you read the comment?
}
Raw
mitchellh.nix
{ config, inputs, lib, pkgs, ... }:
let sources = import ../../nix/sources.nix; in {
# system user
users.users.mitchellh = {
isNormalUser = true;
home = "/home/mitchellh";
extraGroups = [ "docker" "wheel" ];
shell = pkgs.fish;
hashedPassword = "abcd1234";
openssh.authorizedKeys.keys = [
"ssh-ed25519 abcd1234 mitchellh"
];
};
# My user configuration
home-manager.useUserPackages = true;
home-manager.users.mitchellh = { pkgs, ... }: {
nixpkgs.overlays = import ../../lib/overlays.nix ++ [
(import ./vim.nix)
];
xdg.enable = true;
#---------------------------------------------------------------------
# Packages
#---------------------------------------------------------------------
home.packages = [
pkgs.fzf
pkgs.htop
pkgs.jq
pkgs.tree
pkgs.watch
];
#---------------------------------------------------------------------
# Env vars and dotfiles
#---------------------------------------------------------------------
home.sessionVariables = {
LANG = "en_US.UTF-8";
LC_CTYPE = "en_US.UTF-8";
LC_ALL = "en_US.UTF-8";
EDITOR = "vim";
PAGER = "less -FirSwX";
MANPAGER = "less -FirSwX";
};
home.file.".inputrc".source = ./inputrc;
xdg.configFile."i3/config".text = builtins.readFile ./i3;
#---------------------------------------------------------------------
# Programs
#---------------------------------------------------------------------
programs.gpg.enable = true;
programs.bash = {
enable = true;
shellOptions = [];
historyControl = [ "ignoredups" "ignorespace" ];
initExtra = builtins.readFile ./bashrc;
shellAliases = {
ga = "git add";
gc = "git commit";
gco = "git checkout";
gcp = "git cherry-pick";
gdiff = "git diff";
gl = "git prettylog";
gp = "git push";
gs = "git status";
gt = "git tag";
};
};
programs.direnv= {
enable = true;
config = {
whitelist = {
prefix= [
"$HOME/code/go/src/github.com/hashicorp"
"$HOME/code/go/src/github.com/mitchellh"
];
exact = ["$HOME/.envrc"];
};
};
};
programs.fish = {
enable = true;
interactiveShellInit = lib.strings.concatStrings (lib.strings.intersperse "\n" [
"source ${sources.theme-bobthefish}/fish_prompt.fish"
"source ${sources.theme-bobthefish}/fish_right_prompt.fish"
"source ${sources.theme-bobthefish}/fish_title.fish"
(builtins.readFile ./config.fish)
"set -g SHELL ${pkgs.fish}/bin/fish"
]);
shellInit = ''
function __nix_darwin_fish_macos_fix_path -d "reorder path prioritizing darwin-nix paths"
fenv source ${config.system.build.setEnvironment}
end
'';
shellAliases = {
ga = "git add";
gc = "git commit";
gco = "git checkout";
gcp = "git cherry-pick";
gdiff = "git diff";
gl = "git prettylog";
gp = "git push";
gs = "git status";
gt = "git tag";
};
plugins = map (n: {
name = n;
src = sources.${n};
}) [
"fish-fzf"
"fish-foreign-env"
"theme-bobthefish"
];
};
programs.git = {
enable = true;
userName = "Mitchell Hashimoto";
userEmail = "mitchell.hashimoto@gmail.com";
signing = {
key = "523D5DC389D273BC";
signByDefault = true;
};
aliases = {
prettylog = "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit --date=relative";
};
extraConfig = {
branch.autosetuprebase = "always";
color.ui = true;
core.askPass = ""; # needs to be empty to use terminal for ask pass
credential.helper = "store"; # want to make this more secure
github.user = "mitchellh";
push.default = "tracking";
};
};
programs.go = {
enable = true;
goPath = "code/go";
goPrivate = [ "github.com/mitchellh" "github.com/hashicorp" ];
};
programs.tmux = {
enable = true;
terminal = "xterm-256color";
shortcut = "l";
secureSocket = false;
extraConfig = ''
set -ga terminal-overrides ",*256col*:Tc"
set -g @dracula-show-battery false
set -g @dracula-show-network false
set -g @dracula-show-weather false
bind -n C-k send-keys "clear"\; send-keys "Enter"
run-shell ${sources.tmux-pain-control}/pain_control.tmux
run-shell ${sources.tmux-dracula}/dracula.tmux
'';
};
programs.alacritty = {
enable = true;
settings = {
env.TERM = "xterm-256color";
key_bindings = [
{ key = "K"; mods = "Command"; chars = "ClearHistory"; }
{ key = "V"; mods = "Command"; action = "Paste"; }
{ key = "C"; mods = "Command"; action = "Copy"; }
{ key = "Key0"; mods = "Command"; action = "ResetFontSize"; }
{ key = "Equals"; mods = "Command"; action = "IncreaseFontSize"; }
{ key = "Subtract"; mods = "Command"; action = "DecreaseFontSize"; }
];
};
};
programs.kitty = {
enable = true;
extraConfig = builtins.readFile ./kitty;
};
programs.i3status = {
enable = true;
general = {
colors = true;
color_good = "#8C9440";
color_bad = "#A54242";
color_degraded = "#DE935F";
};
modules = {
ipv6.enable = false;
"wireless _first_".enable = false;
"battery all".enable = false;
};
};
programs.vim = {
enable = true;
# vim plugins. To find new ones: nix-env -f '<nixpkgs>' -qaP -A vimPlugins
# If it isn't available then add it to customVia vim.nix in this directory.
plugins = with pkgs; [
customVim.vim-fish
customVim.vim-misc
customVim.dracula
customVim.pigeon
customVim.AfterColors
vimPlugins.ctrlp
vimPlugins.vim-airline
vimPlugins.vim-airline-themes
vimPlugins.vim-eunuch
vimPlugins.vim-fugitive
vimPlugins.vim-gitgutter
vimPlugins.vim-go
vimPlugins.vim-markdown
vimPlugins.vim-nix
vimPlugins.typescript-vim
];
extraConfig = ''
let g:vim_home_path = "~/.vim"
let vim_misc_path = split(&packpath, ",")[0] . "/pack/home-manager/start/vim-misc/vimrc.vim"
if filereadable(vim_misc_path)
execute "source " . vim_misc_path
endif
'';
};
services.gpg-agent = {
enable = true;
pinentryFlavor = "tty";
# cache the keys forever so we don't get asked for a password
defaultCacheTtl = 31536000;
maxCacheTtl = 31536000;
};
xresources.extraConfig = builtins.readFile ./Xresources;
# Make sursor not tiny on HiDPI screens
xsession.pointerCursor = {
name = "Vanilla-DMZ";
package = pkgs.vanilla-dmz;
size = 128;
};
};
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment