From a98b53de9991167471e840ae3c18798c8d9fc1b7 Mon Sep 17 00:00:00 2001
From: andromeda <andromeda@lenovo>
Date: Fri, 1 May 2026 13:37:31 +0200
Subject: new conf

---
 nix/configuration.nix | 245 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 245 insertions(+)
 create mode 100644 nix/configuration.nix

(limited to 'nix/configuration.nix')

diff --git a/nix/configuration.nix b/nix/configuration.nix
new file mode 100644
index 0000000..ec160fc
--- /dev/null
+++ b/nix/configuration.nix
@@ -0,0 +1,245 @@
+{config, ...}: let
+  sources = import ./npins;
+  pkgs = import sources.nixpkgs {};
+in {
+  boot = {
+    initrd = {
+      availableKernelModules = ["xhci_pci" "nvme" "sdhci_pci"];
+      systemd = {
+        services.impermanent-btrfs = {
+          description = "saves old root and makes new one";
+          unitConfig.DefaultDependencies = false;
+          serviceConfig = {
+            Type = "oneshot";
+            StandardOutput = "journal+console";
+            StandardError = "journal+console";
+          };
+          requiredBy = [
+            "initrd.target"
+          ];
+          before = [
+            "sysroot.mount"
+          ];
+          requires = [
+            "initrd-root-device.target"
+          ];
+          after = [
+            "initrd-root-device.target"
+            "local-fs-pre.target"
+          ];
+          script = ''
+            mkdir /btrfs_tmp
+            mount ${config.fileSystems."/".device} /btrfs_tmp
+            if [[ -e /btrfs_tmp/root ]]; then
+              mkdir -p /btrfs_tmp/old_roots
+              timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:$M:%S")
+              mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
+            fi
+
+            delete_subvolume_recursively() {
+              IFS=$'\n'
+              for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+                delete_subvolume_recursively "/btrfs_tmp/$i"
+              done
+              btrfs subvolume delete "$1"
+            }
+
+            for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
+              delete_subvolume_recursively "$i"
+            done
+
+            btrfs subvolume create /btrfs_tmp/root
+            mkdir /btrfs_tmp/root/persist
+            mkdir /btrfs_tmp/root/etc
+            mount ${config.fileSystems."/persist".device} /btrfs_tmp/root/persist -o subvol=persist
+            cp /btrfs_tmp/root/persist/etc/ssh /btrfs_tmp/root/etc/ssh -r
+            umount /btrfs_tmp/root/persist
+            rm -r /btrfs_tmp/root/persist
+            umount /btrfs_tmp
+          '';
+        };
+        extraBin = {
+          "mkdir" = "${pkgs.coreutils}/bin/mkdir";
+          "date" = "${pkgs.coreutils}/bin/date";
+          "stat" = "${pkgs.coreutils}/bin/stat";
+          "mv" = "${pkgs.coreutils}/bin/mv";
+          "cp" = "${pkgs.coreutils}/bin/cp";
+          "rm" = "${pkgs.coreutils}/bin/rm";
+          "btrfs" = "${pkgs.btrfs-progs}/bin/btrfs";
+        };
+      };
+    };
+    kernelPackages = pkgs.linuxPackages_latest;
+    kernelModules = ["kvm-intel"];
+    loader = {
+      efi.canTouchEfiVariables = true;
+      grub = {
+        device = "nodev";
+        efiSupport = true;
+        enable = true;
+        extraEntries = ''
+          menuentry "Guix" {
+            search --set=drive1 --fs-uuid F425-55BA
+            chainloader ($drive1)//EFI/Guix/grubx64.efi
+          }
+        '';
+      };
+    };
+    tmp.cleanOnBoot = true;
+  };
+  documentation = {
+    dev.enable = true;
+    nixos.includeAllModules = true;
+  };
+  environment.persistence."/persist" = {
+    directories = [
+      "/etc/ly/custom-sessions"
+      "/etc/NetworkManager/system-connections"
+      "/etc/ssh"
+      "/gnu"
+      "/var/guix"
+      "/var/log"
+      "/var/lib/bluetooth"
+      "/var/lib/nixos"
+      "/var/lib/systemd/coredump"
+    ];
+    enable = true;
+    files = [
+      "/etc/ly/save.txt"
+      "/etc/machine-id"
+    ];
+    hideMounts = true;
+    users.andromeda = {
+      directories = [
+        ".backups"
+	".cache/guix"
+        ".config/guix"
+        ".gnupg"
+        ".local/share/AAAAXY"
+        ".local/share/Anki2"
+        ".local/share/chat.fluffy.fluffychat"
+        ".local/share/Mindustry"
+        ".local/share/zoxide"
+        ".ssh"
+        "conf"
+        "conf_v1"
+        "Downloads"
+        "pp"
+      ];
+      files = [".bash_history"];
+    };
+  };
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7";
+      fsType = "btrfs";
+      options = ["subvol=root"];
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/F425-55BA";
+      fsType = "vfat";
+      options = ["fmask=0022" "dmask=0022"];
+    };
+    "/nix" = {
+      device = "/dev/disk/by-uuid/0e586651-36f4-42b0-99b3-3f0704a894d6";
+      fsType = "btrfs";
+    };
+    "/persist" = {
+      device = "/dev/disk/by-uuid/5455cfb4-0efd-4f55-b496-d2cab3f419b7";
+      fsType = "btrfs";
+      neededForBoot = true;
+      options = ["subvol=persist"];
+    };
+  };
+  hardware = {
+    bluetooth = {
+      enable = true;
+      powerOnBoot = false;
+    };
+    cpu.intel.updateMicrocode = true;
+    enableRedistributableFirmware = true;
+  };
+  home-manager = {
+    backupFileExtension = "bak";
+    useGlobalPkgs = true;
+    users.andromeda = import ./home.nix;
+  };
+  i18n.defaultLocale = "de_DE.UTF-8";
+  imports = [
+    "${sources.Phoenix {inherit pkgs;}}/nix/module.nix"
+    "${sources.agenix {inherit pkgs;}}/modules/age.nix"
+    "${sources.impermanence {inherit pkgs;}}/nixos.nix"
+    "${sources.home-manager {inherit pkgs;}}/nixos"
+    ./secrets.nix
+  ];
+  networking = {
+    domain = "nixos";
+    hostName = "nixos";
+    firewall.enable = true;
+    networkmanager.enable = true;
+  };
+  nixpkgs = {
+    config.allowUnfree = false;
+    flake.source = sources.nixpkgs;
+    hostPlatform = "x86_64-linux";
+    overlays = [
+      (
+        final: prev: {
+          phoenix = (final.callPackage "${sources.Phoenix {inherit pkgs;}}/nix/package.nix" {}).overrideAttrs {
+            patches = [./patches/change-default-search-engine.patch]; # default search to ddg html
+          };
+
+          withPhoenix = firefoxPackage:
+            firefoxPackage.override {
+              extraPoliciesFiles = ["${final.phoenix}/policies.json"];
+              extraPrefsFiles = ["${final.phoenix}/phoenix.cfg"];
+            };
+        }
+      )
+    ];
+  };
+  nix = {
+    settings = {
+      experimental-features = ["nix-command" "flakes"];
+      substituters = ["https://cache.dataaturservice.se/spectrum/"];
+      trusted-public-keys = [
+        "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+        "spectrum-os.org-2:foQk3r7t2VpRx92CaXb5ROyy/NBdRJQG2uX2XJMYZfU="
+      ];
+      trusted-users = ["@wheel"];
+    };
+    channel.enable = false;
+  };
+  programs.sway.enable = true;
+  services = {
+    blueman.enable = true;
+    displayManager = {
+      enable = true;
+      ly.enable = true;
+    };
+    guix.enable = true;
+    libinput.enable = true;
+    openssh.enable = true;
+    printing.enable = true;
+  };
+  system.stateVersion = "26.05";
+  time.timeZone = "Europe/Berlin";
+  users = {
+    mutableUsers = false;
+    users.andromeda = {
+      isNormalUser = true;
+      hashedPasswordFile = builtins.toString config.age.secrets.andromeda-pw.path;
+      extraGroups = [
+        "networkmanager"
+        "wheel"
+        "dialout"
+      ];
+    };
+  };
+  zramSwap = {
+    enable = true;
+    priority = 100;
+    algorithm = "zstd";
+    memoryPercent = 35;
+  };
+}
-- 
cgit v1.3