diff --git a/README.md b/README.md
index 052e13c..5029979 100644
--- a/README.md
+++ b/README.md
@@ -130,6 +130,15 @@ works:
This structured approach to Nix configuration makes it easier to manage and
customize your Nix environment while maintaining flexibility and modularity.
+## Screenshots
+
+My NixOS KDE Plasma 6 environment looks like this.
+
+
+
+
+
+
## Resources
Other configurations from where I learned and copied:
diff --git a/docs/docs/images/home.png b/docs/docs/images/home.png
new file mode 100644
index 0000000..cdc2405
Binary files /dev/null and b/docs/docs/images/home.png differ
diff --git a/docs/docs/images/launcher.png b/docs/docs/images/launcher.png
new file mode 100644
index 0000000..4619244
Binary files /dev/null and b/docs/docs/images/launcher.png differ
diff --git a/docs/docs/images/neofetch.png b/docs/docs/images/neofetch.png
new file mode 100644
index 0000000..c0fd325
Binary files /dev/null and b/docs/docs/images/neofetch.png differ
diff --git a/docs/docs/images/sddm.png b/docs/docs/images/sddm.png
new file mode 100644
index 0000000..12ec9b2
Binary files /dev/null and b/docs/docs/images/sddm.png differ
diff --git a/docs/docs/screenshots.md b/docs/docs/screenshots.md
new file mode 100644
index 0000000..8bfc59b
--- /dev/null
+++ b/docs/docs/screenshots.md
@@ -0,0 +1,8 @@
+# Screenshots
+
+My NixOS KDE Plasma 6 environment looks like this.
+
+
+
+
+
diff --git a/docs/docs/tasks.md b/docs/docs/tasks.md
index 2b415e6..7d0d8a2 100644
--- a/docs/docs/tasks.md
+++ b/docs/docs/tasks.md
@@ -5,4 +5,5 @@ Here are a non-exhaustive list of tasks.
- [x] Use [nixcord](https://github.com/KaylorBen/nixcord) to entirely manage Discord with Nix declarations
- [x] Add a working GNOME desktop environment
- [x] Fix `gpg-agent` not finding a pinetry binary
+- [x] Support multi-user on my user nixos module
- [ ] Better email accounts management
\ No newline at end of file
diff --git a/docs/mkdocs.yml b/docs/mkdocs.yml
index 5948dc2..24f9d11 100644
--- a/docs/mkdocs.yml
+++ b/docs/mkdocs.yml
@@ -11,6 +11,7 @@ nav:
- Features: features.md
- Customization: customization.md
- Resources: resources.md
+ - Screenshots: screenshots.md
- Tasks: tasks.md
plugins:
diff --git a/flake.nix b/flake.nix
index 4aca858..22bb7a7 100644
--- a/flake.nix
+++ b/flake.nix
@@ -101,7 +101,6 @@
stylix.nixosModules.stylix
home-manager.nixosModules.home-manager
disko.nixosModules.disko
- sops-nix.nixosModules.sops
];
};
};
diff --git a/homes/x86_64-linux/nagi@vm/default.nix b/homes/x86_64-linux/nagi@vm/default.nix
new file mode 100644
index 0000000..e976cdc
--- /dev/null
+++ b/homes/x86_64-linux/nagi@vm/default.nix
@@ -0,0 +1,20 @@
+{ lib, namespace, ... }:
+let
+ inherit (lib.${namespace}) enabled;
+in
+{
+ theobori-nix = {
+ roles = {
+ desktop = enabled;
+ };
+
+ user = {
+ enable = true;
+ name = "nagi";
+ };
+
+ desktops.addons.plasma6 = enabled;
+ };
+
+ home.stateVersion = "24.11";
+}
diff --git a/homes/x86_64-linux/theobori@laptop/default.nix b/homes/x86_64-linux/theobori@laptop/default.nix
index 086750f..943c72e 100644
--- a/homes/x86_64-linux/theobori@laptop/default.nix
+++ b/homes/x86_64-linux/theobori@laptop/default.nix
@@ -18,7 +18,6 @@ in
cli.programs = {
ssh.useSops = true;
gpg.useSops = true;
- age.useSops = true;
};
services = {
diff --git a/modules/home/cli/programs/age/default.nix b/modules/home/cli/programs/age/default.nix
index 6b61f2f..67c614b 100644
--- a/modules/home/cli/programs/age/default.nix
+++ b/modules/home/cli/programs/age/default.nix
@@ -3,30 +3,18 @@
config,
lib,
namespace,
- host,
...
}:
let
inherit (lib) mkIf;
inherit (lib.${namespace}) mkBoolOpt;
- inherit (config.${namespace}) user;
cfg = config.${namespace}.cli.programs.age;
in
{
options.${namespace}.cli.programs.age = {
enable = mkBoolOpt false "Whether or not to enable age.";
- useSops = mkBoolOpt false "Whether or not to use SOPS.";
};
- config = mkIf cfg.enable {
- home.packages = with pkgs; [ age ];
-
- sops.secrets = mkIf (config."${namespace}".services.sops.enable && cfg.useSops) {
- age_keys = {
- sopsFile = lib.snowfall.fs.get-file "secrets/${host}/${user.name}/secrets.yaml";
- path = "${config.home.homeDirectory}/sops/age/keys.txt";
- };
- };
- };
+ config = mkIf cfg.enable { home.packages = with pkgs; [ age ]; };
}
diff --git a/modules/home/messages/discord/default.nix b/modules/home/messages/discord/default.nix
index 1094d76..4136384 100644
--- a/modules/home/messages/discord/default.nix
+++ b/modules/home/messages/discord/default.nix
@@ -51,7 +51,7 @@ in
programs.nixcord = {
enable = true;
discord = disabled;
- vesktop.enable = true;
+ vesktop = enabled;
inherit (cfg) config quickCss;
};
diff --git a/modules/nixos/cli/programs/nh/default.nix b/modules/nixos/cli/programs/nh/default.nix
index fa35825..bde4428 100644
--- a/modules/nixos/cli/programs/nh/default.nix
+++ b/modules/nixos/cli/programs/nh/default.nix
@@ -5,15 +5,15 @@
...
}:
let
- inherit (lib) mkIf;
- inherit (lib.${namespace}) mkBoolOpt;
+ inherit (lib) mkIf types;
+ inherit (lib.${namespace}) mkOpt mkBoolOpt;
cfg = config.${namespace}.cli.programs.nh;
- userName = config.${namespace}.user.name;
in
{
- options.${namespace}.cli.programs.nh = {
+ options.${namespace}.cli.programs.nh = with types; {
enable = mkBoolOpt false "Whether or not to enable nh.";
+ flake = mkOpt str "/etc/nixos/${namespace}" "NixOS flake configuration path";
};
config = mkIf cfg.enable {
@@ -21,7 +21,7 @@ in
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
- flake = "/home/${userName}/${namespace}";
+ inherit (cfg) flake;
};
};
}
diff --git a/modules/nixos/security/doas/default.nix b/modules/nixos/security/doas/default.nix
index ef676a9..8ad95bd 100644
--- a/modules/nixos/security/doas/default.nix
+++ b/modules/nixos/security/doas/default.nix
@@ -24,7 +24,7 @@ in
enable = true;
extraRules = [
{
- users = [ config.${namespace}.user.name ];
+ users = builtins.attrNames config.${namespace}.user.users;
noPass = false;
keepEnv = true;
}
diff --git a/modules/nixos/security/sops/default.nix b/modules/nixos/security/sops/default.nix
deleted file mode 100644
index 7b13b74..0000000
--- a/modules/nixos/security/sops/default.nix
+++ /dev/null
@@ -1,30 +0,0 @@
-{
- config,
- lib,
- namespace,
- ...
-}:
-let
- inherit (lib.${namespace}) mkBoolOpt mkOpt;
-
- cfg = config.${namespace}.security.sops;
-in
-{
- options.${namespace}.security.sops = with lib.types; {
- enable = mkBoolOpt false "Whether to enable sops.";
- defaultSopsFile = mkOpt path null "Default sops file.";
- sshKeyPaths = mkOpt (listOf path) [ ] "SSH Key paths to use.";
- };
-
- config = lib.mkIf cfg.enable {
- sops = {
- inherit (cfg) defaultSopsFile;
-
- age = {
- inherit (cfg) sshKeyPaths;
-
- keyFile = "${config.users.users.${config.${namespace}.user.name}.home}/.config/sops/age/keys.txt";
- };
- };
- };
-}
diff --git a/modules/nixos/user/default.nix b/modules/nixos/user/default.nix
index 1b6d3fa..98acc4e 100644
--- a/modules/nixos/user/default.nix
+++ b/modules/nixos/user/default.nix
@@ -6,44 +6,55 @@
...
}:
let
- inherit (lib) types;
+ inherit (lib) types mapAttrs;
inherit (lib.${namespace}) mkOpt enabled;
cfg = config.${namespace}.user;
+
+ userModule = types.submodule {
+ options = with types; {
+ extraGroups = mkOpt (listOf str) [ ] "Groups for the user to be assigned.";
+ extraOptions = mkOpt attrs { } "Extra options passed to .";
+ initialPassword = mkOpt str "1" "The initial password to use when the user is first created.";
+ shell = mkOpt package pkgs.fish "Default shell package";
+ };
+ };
in
{
options.${namespace}.user = with types; {
- extraGroups = mkOpt (listOf str) [ ] "Groups for the user to be assigned.";
- extraOptions = mkOpt attrs { } "Extra options passed to .";
- initialPassword = mkOpt str "1" "The initial password to use when the user is first created.";
- name = mkOpt str "theobori" "The name to use for the user account.";
+ users = mkOpt (attrsOf userModule) { } "Attributes set representing every user on the system.";
};
config = {
programs.fish = enabled;
- users.users.${cfg.name} = {
- isNormalUser = true;
- inherit (cfg) name initialPassword;
- home = "/home/${cfg.name}";
- group = "users";
- shell = pkgs.fish;
+ users.users = mapAttrs (
+ name: user:
+ {
+ inherit name;
+ inherit (user) initialPassword shell;
+
+ isNormalUser = true;
+ home = "/home/${name}";
+ group = "users";
- extraGroups = [
- "wheel"
- "audio"
- "sound"
- "video"
- "networkmanager"
- "input"
- "tty"
- "kvm"
- "libvirtd"
- "nix"
- "power"
- "docker"
- ] ++ cfg.extraGroups;
- } // cfg.extraOptions;
+ extraGroups = [
+ "wheel"
+ "audio"
+ "sound"
+ "video"
+ "networkmanager"
+ "input"
+ "tty"
+ "kvm"
+ "libvirtd"
+ "nix"
+ "power"
+ "docker"
+ ] ++ user.extraGroups;
+ }
+ // user.extraOptions
+ ) cfg.users;
home-manager = {
useGlobalPkgs = true;
diff --git a/systems/x86_64-install-iso/minimal/default.nix b/systems/x86_64-install-iso/minimal/default.nix
index 3a0062e..8ce51f7 100644
--- a/systems/x86_64-install-iso/minimal/default.nix
+++ b/systems/x86_64-install-iso/minimal/default.nix
@@ -11,6 +11,8 @@ in
boot.loader.systemd-boot = enabled;
boot.loader.efi.canTouchEfiVariables = true;
+ boot.supportedFilesystems = [ "ntfs" ];
+
networking.wireless.enable = lib.mkForce false;
networking.networkmanager = enabled;
@@ -29,9 +31,10 @@ in
locale = enabled;
};
- user = {
- name = "nixos";
- initialPassword = "1";
+ user.users = {
+ nixos = {
+ initialPassword = "1";
+ };
};
};
diff --git a/systems/x86_64-linux/laptop/default.nix b/systems/x86_64-linux/laptop/default.nix
index e255465..79dc447 100644
--- a/systems/x86_64-linux/laptop/default.nix
+++ b/systems/x86_64-linux/laptop/default.nix
@@ -1,11 +1,18 @@
-{ lib, namespace, ... }:
+{
+ modulesPath,
+ lib,
+ namespace,
+ ...
+}:
let
inherit (lib.${namespace}) enabled;
in
{
imports = [
+ (modulesPath + "/installer/scan/not-detected.nix")
+ (modulesPath + "/profiles/qemu-guest.nix")
./disk-config.nix
- # ./hardware-configuration.nix
+ ./hardware-configuration.nix
];
boot.loader.grub = {
@@ -16,24 +23,24 @@ in
};
${namespace} = {
- security = {
- doas = enabled;
- sops = {
- enable = true;
- };
- };
+ security.doas = enabled;
- desktops = {
- plasma6 = enabled;
- };
+ desktops.plasma6 = enabled;
display-managers.sddm = enabled;
- roles.desktop = enabled;
services.virtualisation = {
kvm = enabled;
docker = enabled;
};
+
+ user.users = {
+ theobori = { };
+ };
+
+ roles.desktop = enabled;
};
+ programs.fuse.userAllowOther = true;
+
system.stateVersion = "24.11";
}
diff --git a/systems/x86_64-linux/laptop/disk-config.nix b/systems/x86_64-linux/laptop/disk-config.nix
index d2ffdb0..0400937 100644
--- a/systems/x86_64-linux/laptop/disk-config.nix
+++ b/systems/x86_64-linux/laptop/disk-config.nix
@@ -1,32 +1,41 @@
-_: {
+{
disko.devices = {
- disk.disk1 = {
- device = "/dev/vda";
- type = "disk";
- content = {
- type = "gpt";
- partitions = {
- boot = {
- name = "boot";
- size = "1M";
- type = "EF02";
- };
- esp = {
- name = "ESP";
- size = "500M";
- type = "EF00";
- content = {
- type = "filesystem";
- format = "vfat";
- mountpoint = "/boot";
+ disk = {
+ main = {
+ type = "disk";
+ device = "/dev/vda";
+ content = {
+ type = "gpt";
+ partitions = {
+ boot = {
+ name = "boot";
+ size = "1M";
+ type = "EF02";
};
- };
- root = {
- name = "root";
- size = "100%";
- content = {
- type = "lvm_pv";
- vg = "pool";
+ esp = {
+ name = "ESP";
+ size = "500M";
+ type = "EF00";
+ content = {
+ type = "filesystem";
+ format = "vfat";
+ mountpoint = "/boot";
+ };
+ };
+ luks = {
+ size = "100%";
+ content = {
+ type = "luks";
+ name = "crypted";
+ extraOpenArgs = [ ];
+ settings = {
+ allowDiscards = true;
+ };
+ content = {
+ type = "lvm_pv";
+ vg = "pool";
+ };
+ };
};
};
};
@@ -37,7 +46,7 @@ _: {
type = "lvm_vg";
lvs = {
root = {
- size = "100%FREE";
+ size = "100%";
content = {
type = "filesystem";
format = "ext4";
diff --git a/systems/x86_64-linux/laptop/hardware-configuration.nix b/systems/x86_64-linux/laptop/hardware-configuration.nix
new file mode 100644
index 0000000..cb317bd
--- /dev/null
+++ b/systems/x86_64-linux/laptop/hardware-configuration.nix
@@ -0,0 +1,28 @@
+# Do not modify this file! It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ lib, modulesPath, ... }:
+
+{
+ imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+
+ boot.initrd.availableKernelModules = [
+ "ahci"
+ "xhci_pci"
+ "virtio_pci"
+ "sr_mod"
+ "virtio_blk"
+ ];
+ boot.initrd.kernelModules = [ ];
+ boot.kernelModules = [ "kvm-intel" ];
+ boot.extraModulePackages = [ ];
+
+ # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+ # (the default) this is the recommended approach. When using systemd-networkd it's
+ # still possible to use this option, but it's recommended to use it in conjunction
+ # with explicit per-interface declarations with `networking.interfaces..useDHCP`.
+ networking.useDHCP = lib.mkDefault true;
+ # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
+
+ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}
diff --git a/systems/x86_64-linux/vm/default.nix b/systems/x86_64-linux/vm/default.nix
index 95478f5..d3d0f47 100644
--- a/systems/x86_64-linux/vm/default.nix
+++ b/systems/x86_64-linux/vm/default.nix
@@ -29,9 +29,6 @@ in
${namespace} = {
security = {
doas = enabled;
- sops = {
- enable = true;
- };
};
desktops = {
@@ -46,6 +43,13 @@ in
kvm = enabled;
docker = enabled;
};
+
+ user.users = {
+ theobori = { };
+ nagi = {
+ initialPassword = "123";
+ };
+ };
};
programs.fuse.userAllowOther = true;