Initial commit
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..1cd7de3
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1 @@
+secrets/** filter=git-crypt diff=git-crypt
diff --git a/home b/home
new file mode 120000
index 0000000..7ce0149
--- /dev/null
+++ b/home
@@ -0,0 +1 @@
+users/minion/
\ No newline at end of file
diff --git a/scripts/update-home b/scripts/update-home
new file mode 100755
index 0000000..71d853a
--- /dev/null
+++ b/scripts/update-home
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+cd "$(dirname ${BASH_SOURCE[0]})/.."
+
+home-manager switch -f ./users/minion/home.nix
diff --git a/scripts/update-nix b/scripts/update-nix
new file mode 100755
index 0000000..7ea7705
--- /dev/null
+++ b/scripts/update-nix
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+cd "$(dirname ${BASH_SOURCE[0]})/.."
+
+sudo nixos-rebuild switch -I nixos-config=./system/configuration.nix
diff --git a/scripts/upgrade-home b/scripts/upgrade-home
new file mode 100755
index 0000000..2b74d7e
--- /dev/null
+++ b/scripts/upgrade-home
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+cd "$(dirname ${BASH_SOURCE[0]})/.."
+nix-channel --update
+home-manager switch -f ./users/minion/home.nix
diff --git a/scripts/upgrade-nix b/scripts/upgrade-nix
new file mode 100755
index 0000000..ff73187
--- /dev/null
+++ b/scripts/upgrade-nix
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+cd "$(dirname ${BASH_SOURCE[0]})/.."
+sudo nix-channel --update
+sudo scripts/update-nix
diff --git a/secrets/networking-configuration.nix b/secrets/networking-configuration.nix
new file mode 100644
index 0000000..746756d
--- /dev/null
+++ b/secrets/networking-configuration.nix
Binary files differ
diff --git a/system/configuration.nix b/system/configuration.nix
new file mode 100644
index 0000000..3f54043
--- /dev/null
+++ b/system/configuration.nix
@@ -0,0 +1,170 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, lib, ... }:
+
+{
+ imports =
+ [ # Include the results of the hardware scan.
+ ./hardware-configuration.nix
+ ./networking-configuration.nix
+ ./packaging-configuration.nix
+# ./eduroam.nix
+ ];
+
+ # Use the systemd-boot EFI boot loader.
+ boot.loader.systemd-boot.enable = true;
+ boot.loader.efi.canTouchEfiVariables = true;
+ boot.loader.grub.useOSProber = true;
+
+ # Enable apparmor
+ security.apparmor.enable = true;
+ security.apparmor.killUnconfinedConfinables = true;
+
+ # Set your time zone.
+ time.timeZone = "Europe/London";
+
+ # Select internationalisation properties.
+ i18n.defaultLocale = "en_US.UTF-8";
+ console = {
+ font = "Lat2-Terminus16";
+ keyMap = "uk";
+ };
+
+ # Enable the X11 windowing system.
+ services.xserver = {
+ enable = true;
+ desktopManager = {
+ xterm.enable = false;
+ # xfce.enable = true;
+ };
+ displayManager.sddm.enable = true;
+ };
+
+ # And wayland
+ programs.sway = {
+ enable = true;
+ wrapperFeatures.gtk = true; # so that gtk works properly
+ extraPackages = with pkgs; [
+ swaylock
+ swayidle
+ wl-clipboard
+ mako # notification daemon
+ alacritty # Alacritty is the default terminal in the config
+ dmenu # Dmenu is the default in the config but i recommend wofi since its wayland native
+ ];
+ };
+
+ # Get screensharing to work
+ xdg = {
+ portal = {
+ enable = true;
+ extraPortals = with pkgs; [
+ xdg-desktop-portal-wlr
+ xdg-desktop-portal-gtk
+ ];
+ gtkUsePortal = true;
+ };
+ };
+
+ # Configure keymap in X11
+ services.xserver.layout = "gb";
+ # services.xserver.xkbOptions = "eurosign:e";
+
+
+ # Permit and install steam
+ nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+ "steam"
+ "steam-original"
+ "steam-runtime"
+ ];
+
+ programs.steam.enable = true;
+
+
+ # Enable CUPS to print documents.
+ services.printing.enable = true;
+
+ # Enable sound.
+ sound.enable = true;
+ hardware.pulseaudio.enable = false;
+ services.pipewire = {
+ enable = true;
+ alsa = {
+ enable = true;
+ support32Bit = true;
+ };
+ pulse.enable = true;
+ };
+
+ # Enable touchpad support (enabled default in most desktopManager).
+ services.xserver.libinput.enable = true;
+
+ # Define a user account. Don't forget to set a password with ‘passwd’.
+ users.users.minion = {
+ isNormalUser = true;
+ extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+ };
+
+ # List packages installed in system profile. To search, run:
+ # $ nix search wget
+ environment.systemPackages = with pkgs; [
+ vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+ ((emacsPackagesNgGen emacs).emacsWithPackages (epkgs: [
+ epkgs.vterm
+ epkgs.emacsql-sqlite
+ ])) # Emacs + vterm-module (needed for vterm)
+ wget
+ firefox
+ chromium # Install chromium if needed
+ texlive.combined.scheme-full
+ keybase # Install keybase
+ keybase-gui
+ kbfs
+ ];
+
+# environment.systemPackages = [
+# import /scripts/jetbrains.rider.nix
+# ];
+
+ fonts.fonts = with pkgs; [
+ nerdfonts
+ noto-fonts
+ noto-fonts-cjk
+ noto-fonts-emoji
+ liberation_ttf
+ fira-code
+ fira-code-symbols
+ mplus-outline-fonts
+ dina-font
+ proggyfonts
+ roboto
+ ];
+
+ # Some programs need SUID wrappers, can be configured further or are
+ # started in user sessions.
+ programs.mtr.enable = true;
+ programs.gnupg.agent = {
+ enable = true;
+ enableSSHSupport = true;
+ };
+
+ # List services that you want to enable:
+
+ # Enable the OpenSSH daemon.
+ services.openssh.enable = true;
+ services.keybase.enable = true;
+ services.gnome.gnome-keyring.enable = true;
+ services.i2p.enable = true;
+
+ # This value determines the NixOS release from which the default
+ # settings for stateful data, like file locations and database versions
+ # on your system were taken. It‘s perfectly fine and recommended to leave
+ # this value at the release version of the first install of this system.
+ # Before changing this value read the documentation for this option
+ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+ system.stateVersion = "21.11"; # Did you read the comment?
+
+}
+
diff --git a/system/hardware-configuration.nix b/system/hardware-configuration.nix
new file mode 100644
index 0000000..e880c67
--- /dev/null
+++ b/system/hardware-configuration.nix
@@ -0,0 +1,32 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+ imports =
+ [ (modulesPath + "/installer/scan/not-detected.nix")
+ ];
+
+ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "sd_mod" ];
+ boot.initrd.kernelModules = [ ];
+ boot.kernelModules = [ "kvm-intel" ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "/dev/disk/by-label/nixos";
+ fsType = "ext4";
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/disk/by-label/boot";
+ fsType = "vfat";
+ };
+
+ swapDevices =
+ [ { device = "/dev/disk/by-label/swap"; }
+ ];
+
+ powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+ hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/system/networking/eduroam.cert b/system/networking/eduroam.cert
new file mode 100644
index 0000000..d123edb
--- /dev/null
+++ b/system/networking/eduroam.cert
@@ -0,0 +1,69 @@
+-----BEGIN CERTIFICATE-----
+MIIFMDCCAxigAwIBAgIQEAqsl0MxuKtBuQsPCsogATANBgkqhkiG9w0BAQsFADAX
+MRUwEwYDVQQDEwxIUlNGQy1Sb290Q0EwHhcNMjAxMTI2MDgyNTQ3WhcNMzAxMTI3
+MDgzNTQ0WjAXMRUwEwYDVQQDEwxIUlNGQy1Sb290Q0EwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQC8I1QGmVL5AwEZ8WP9GG79Uh/iI1mTbXzXgV/U9avZ
+mNz75MysrQOE02N2Ru0zndJCnxyQXEeU53Ke9ULAvkwAx2SzCUZVW+wAi3u8KfdR
+o5gqgJvv5PtjGl4mchwHQwtDfXVEtFZNW1QO7X+lYtO2bRj6UWUeS7EztfCLoI82
+ns3nQchfS9dVEaiCssAAb6HlLgcEXpHlnh6HtPyJY2JgK71gBVDS6O+0/X7yNmhZ
+L6qUDc0KMyqPTtPaJ+aaFL0mL1klCLdUHmZUU5XRSF7VUWk9bKr+OdktXi+DzDl0
+Y+vDn/6PIXsmBbCRaT5W9eltpVXduw0Hz2XPy1pZsJe58nR/mTiuqtnUDMCWfrkQ
+g4Fqpq/4uMZJAh4cgBxINRokbT6IQxN0AQKYuLIRUD5HHvpZx6e5EZzBC0k8OCSh
+Q09FYtnAM+PhPYQdWTbJtXeGLVP4+qaU4gzG9vSL5O6FhHQPkoTHCE6XMPp/eOoZ
+Jc02HzNkyMKJdir5MKMkfeo1sokWd+r8m/OtLLbL6nt9Vui2EHfg3rASDRaCMg/8
+EsnDWBV99c0uCHPYKz7rJWhokYaTAfJYawMaAWGjg4P4FGxDKBT/Y/KWVDOtUGwv
+Do7xgMT0O4D478vQzlAwsIduPpd01jrX8IzlWYzSSOPB2sNJpvP6gwqWDXsHttqT
+XwIDAQABo3gwdjALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
+FgQU/UEos9yTNCaPwsmwjAUl/rOilbwwEgYJKwYBBAGCNxUBBAUCAwMAAzAjBgkr
+BgEEAYI3FQIEFgQUR5E2/ASzTprFTTFdSabkYg1gwOEwDQYJKoZIhvcNAQELBQAD
+ggIBAJfpRRynnv1cp1BpwRA5nBrQ9DAl8uT8WBrQ/LTlKlJzgN9fPo1d5rnkstud
+qdLKasJ7BkFthaFpsOtX5aAt/srqREKBKKxHiC3C//dgIyKRaoEJ5B+q2fBoAibj
+iPdNW08jGtjAtQ4MyqpeaY35+LXe5Co+erbE/g4WivYbv0dJPOLi9sRL4QvqXigD
+FqZEFFd6Fs4QU6H/aVTxP/FAz4XGCFgyeP7OcyWZLRj1ixAMYSyMXfgHQ8dGQ5dC
+RNqMtbih2SOMgI6dD6i4XJc/FBSbJkxL08ZlzY/qZ7tFT7DNXPC8M4jlYFPP6bWr
+LnYsQtI72m79bSQjGkEwJNo+V33PZ8ufufHf6THY/UXzu2u0KWkb1DWtFpkPlHdk
+b70PvFe0ZnHPYlZckiHaiR4rUatozkCzD2SmeQEqizE6QIqNp7hlmJIw4t4duDAH
+zZvf9OYt+QWpI+Sw5IZEDO1B1zB/UmxeVv0745x0ayqdvFzCx+PGGJxehXp5YM2r
+v9p/3ocmlhbUHy953+ZUSkP/AvpYpk4wdG6jRKJWEpNlCkedurOWnkWmWo+oQewT
+wHDigtKfE+Z42CfTzmHo36cIGzTx14SR/iXAyxCV7nzXnw7/5LwPzbANKqmIAQ8T
+AT21Vbp7usaBybWavmR5pr0QT+FsJpAknY133qjDYgdM8aFw
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG5TCCBM2gAwIBAgITKwAAAA2gPAg6oMbubAADAAAADTANBgkqhkiG9w0BAQsF
+ADAXMRUwEwYDVQQDEwxIUlNGQy1Sb290Q0EwHhcNMjAxMTI2MDkyMDI3WhcNMjUx
+MTI2MDkzMDI3WjBVMRIwEAYKCZImiZPyLGQBGRYCdWsxEjAQBgoJkiaJk/IsZAEZ
+FgJhYzEVMBMGCgmSJomT8ixkARkWBWhyc2ZjMRQwEgYDVQQDEwtIUlNGQy1TdWJD
+QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMP9WRS/ubE7B85JGmPE
+I3m1gpN3IgoNPF85R12N8JwA/Iv1SGJCEc+zFV8HbVZmjlzkK8TORS5Evea0AKLH
+wH1tz2O+0VryobiXbsePIt5/NqD0AdkqOjjqdEPvJ/DfzJFo1w/kZ61BQDeYYjSA
+WrjBik/B+t0V3kmgydfLc6gCXgRCTyALidIfl+MRQv4LjsGbS4wsFIbfA+0t6j8o
+cbIZVc5tLTRmlkFc82DtiuiF4UbenUjprIS5Eh8eHCuoxeQ/2PLSiNYyj2pR/Ffw
+RNvIiLrEKPeNTmCXjsPrvu30DXfRQiPsXrCTNzVkIgZ2ij4YETpv5Xhb4+sgXskg
+HMECAwEAAaOCAuowggLmMBIGCSsGAQQBgjcVAQQFAgMEAAQwIwYJKwYBBAGCNxUC
+BBYEFJEQQO1OoJb3BHU8hNYM7T6ys7u8MB0GA1UdDgQWBBQx57P8PUqJzCZ/w3KZ
+kv78NulVBzARBgNVHSAECjAIMAYGBFUdIAAwGQYJKwYBBAGCNxQCBAweCgBTAHUA
+YgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU
+/UEos9yTNCaPwsmwjAUl/rOilbwwggEKBgNVHR8EggEBMIH+MIH7oIH4oIH1hoG7
+bGRhcDovLy9DTj1IUlNGQy1Sb290Q0EoMyksQ049SFItUm9vdENBLENOPUNEUCxD
+Tj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1
+cmF0aW9uLERDPWhyc2ZjLERDPWFjLERDPXVrP2NlcnRpZmljYXRlUmV2b2NhdGlv
+bkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIY1aHR0
+cDovL2hyLWFwcGxpY2F0aW9ucy9DZXJ0RW5yb2xsL0hSU0ZDLVJvb3RDQSgzKS5j
+cmwwggEPBggrBgEFBQcBAQSCAQEwgf4wga4GCCsGAQUFBzAChoGhbGRhcDovLy9D
+Tj1IUlNGQy1Sb290Q0EsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2Vz
+LENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9aHJzZmMsREM9YWMsREM9
+dWs/Y0FDZXJ0aWZpY2F0ZT9iYXNlP29iamVjdENsYXNzPWNlcnRpZmljYXRpb25B
+dXRob3JpdHkwSwYIKwYBBQUHMAKGP2h0dHA6Ly9oci1hcHBsaWNhdGlvbnMvQ2Vy
+dEVucm9sbC9IUi1Sb290Q0FfSFJTRkMtUm9vdENBKDMpLmNydDANBgkqhkiG9w0B
+AQsFAAOCAgEACutwRp9MOFElg0p5DhsrAWSzAYQx1IW0BR1uFB5ED8myUvj0tVK2
+yNFhm6Ei+rVmQa+9yOdHZUd1F6QU+CgG64WMJAJu9PI30HswBzPfqHW8fqEbc46o
+KKN0bOx40KchiqYE7gTdAI6h4xcJ4Fm5cqAQ2x/yWLbGSctobMiQ8enB60F2P6h5
+LgU7x6RHT/qrFhUnbS/9z5e2R3StPsAerP9s1rqqNe1URhoitn/KkhKjYVTu5cdm
+1jvssTO+Ao+Q2nJhNKViOE4YJ8tK+aFZWRylcwLFywovc5ig0Fv0pr3yjIX4Udqj
+2K/QcB4FwSdSZL2YOXL6aeLYritYNzOmqqPA8gzaEQbdYgjtShql6G1CLbOtdJsg
+ax9ZpVKbI44ehvw00bX3BzD3u+XJhrLzu9LnmsYavXvs1CkQedMeI5XvNNtjetDZ
+8hGgmiBMZW2OYGoixEMHEnOOO8uUe3GmvwjRO3BiwPJsJIidzw8QuHVaECefMxrW
+5l6e86ABasq8j5w4av7mcP5xhkq1E9poICfqrONlW/K/SzGohHY84QxafWOCG/x0
+/IgcFcUFVS3qZYweQnRd/CoXPFQTVdL9uOQ+nqrTJnO3cn5KV7Hlf0w3m/NZWifs
+LXR1jQgXyPEddg0cOT4OrrvmTFMGyN9Lnej6z/wxgsL7X9a/fcwbfQM=
+-----END CERTIFICATE-----
diff --git a/system/packaging-configuration.nix b/system/packaging-configuration.nix
new file mode 100644
index 0000000..6ea58ea
--- /dev/null
+++ b/system/packaging-configuration.nix
@@ -0,0 +1,9 @@
+{ config, pkgs, options, ... }: {
+ # Apply custom packaging overlays for compatability
+ nix.nixPath =
+ # Prepend default nixPath values.
+ options.nix.nixPath.default ++
+ # Append our nixpkgs-overlays.
+ [ "nixpkgs-overlays=/etc/nixos/overlays/" ]
+ ;
+}
diff --git a/users/minion/config.nix b/users/minion/config.nix
new file mode 100644
index 0000000..69baf10
--- /dev/null
+++ b/users/minion/config.nix
@@ -0,0 +1 @@
+{ allowUnfree = true; }
diff --git a/users/minion/home.nix b/users/minion/home.nix
new file mode 100644
index 0000000..1c62898
--- /dev/null
+++ b/users/minion/home.nix
@@ -0,0 +1,62 @@
+{ config, pkgs, ... }:
+
+{
+ # Home Manager needs a bit of information about you and the
+ # paths it should manage.
+ home.username = "minion";
+ home.homeDirectory = "/home/minion";
+
+ programs.vscode.enable = true;
+ programs.vscode.package = pkgs.vscode-fhs;
+
+ programs.go.enable = true;
+
+ # programs.steam.enable = true;
+
+ programs.gpg.enable = true;
+ services.gpg-agent = {
+ enable = true;
+ pinentryFlavor = "qt";
+ };
+
+ home.packages = with pkgs; [
+ steam-tui steam-run
+ minecraft
+ git-crypt gnupg pinentry_qt
+ ];
+
+ programs.git = {
+ enable = true;
+
+ userName = "Skyler Turner";
+ userEmail = "skyler@clicksminuteper.net";
+
+ signing = {
+ key = "24D31D3B1B986F33";
+ signByDefault = true;
+ gpgPath = "gpg2";
+ };
+
+ lfs.enable = true;
+ delta.enable = true;
+
+ extraConfig = {
+ init.defaultBranch = "development";
+ color.ui = "auto";
+ core.autocrlf = "input";
+ };
+ };
+
+ # This value determines the Home Manager release that your
+ # configuration is compatible with. This helps avoid breakage
+ # when a new Home Manager release introduces backwards
+ # incompatible changes.
+ #
+ # You can update Home Manager without changing this value. See
+ # the Home Manager release notes for a list of state version
+ # changes in each release.
+ home.stateVersion = "21.11";
+
+ # Let Home Manager install and manage itself.
+ programs.home-manager.enable = true;
+}