Get rid of unstable
This commit is contained in:
parent
63d00a1492
commit
0ed27480b5
@ -35,8 +35,8 @@ Notes:
|
|||||||
cp secrets.nix.example secrets.nix
|
cp secrets.nix.example secrets.nix
|
||||||
nano secrets.nix
|
nano secrets.nix
|
||||||
|
|
||||||
nix-channel --add https://nixos.org/channels/nixos-unstable unstable
|
nix-channel --add https://nixos.org/channels/nixos-20.09 nixos
|
||||||
nix-channel --add https://nixos.org/channels/nixos-20.03-small nixos-small
|
nix-channel --add https://nixos.org/channels/nixos-20.09-small nixos-small
|
||||||
nix-channel --update
|
nix-channel --update
|
||||||
|
|
||||||
nixos-generate-config --root /mnt
|
nixos-generate-config --root /mnt
|
||||||
@ -48,6 +48,6 @@ Notes:
|
|||||||
|
|
||||||
Initial password for `user` is `user`.
|
Initial password for `user` is `user`.
|
||||||
|
|
||||||
sudo nix-channel --add https://nixos.org/channels/nixos-unstable unstable
|
sudo nix-channel --add https://nixos.org/channels/nixos-20.09 nixos
|
||||||
sudo nix-channel --add https://nixos.org/channels/nixos-20.03-small nixos-small
|
sudo nix-channel --add https://nixos.org/channels/nixos-20.09-small nixos-small
|
||||||
sudo nix-channel --update
|
sudo nix-channel --update
|
||||||
|
@ -1,12 +1,10 @@
|
|||||||
# nix-channel --add https://nixos.org/channels/nixos-20.03 nixos
|
# nix-channel --add https://nixos.org/channels/nixos-20.09 nixos
|
||||||
# nix-channel --add https://nixos.org/channels/nixos-20.03-small nixos-small
|
# nix-channel --add https://nixos.org/channels/nixos-20.09-small nixos-small
|
||||||
# nix-channel --add https://nixos.org/channels/nixos-unstable unstable
|
|
||||||
# nix-channel --update
|
# nix-channel --update
|
||||||
#
|
#
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
unstable = import <unstable> {};
|
|
||||||
nixos-small = import <nixos-small> {};
|
nixos-small = import <nixos-small> {};
|
||||||
in {
|
in {
|
||||||
imports =
|
imports =
|
||||||
@ -55,7 +53,7 @@ in {
|
|||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
boot.tmpOnTmpfs = true;
|
boot.tmpOnTmpfs = true;
|
||||||
|
|
||||||
system.stateVersion = "20.03";
|
system.stateVersion = "20.09";
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
trustedUsers = [ "root" "user" ];
|
trustedUsers = [ "root" "user" ];
|
||||||
|
@ -1,7 +1,6 @@
|
|||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
unstable = import <unstable> {};
|
|
||||||
home-manager = builtins.fetchGit {
|
home-manager = builtins.fetchGit {
|
||||||
url = "https://github.com/rycee/home-manager.git";
|
url = "https://github.com/rycee/home-manager.git";
|
||||||
rev = "7b6ebf2785cfc9dd6fc2b101cbbb2152eb68d45c"; # Updated 17 Nov 2020
|
rev = "7b6ebf2785cfc9dd6fc2b101cbbb2152eb68d45c"; # Updated 17 Nov 2020
|
||||||
@ -133,7 +132,7 @@ in {
|
|||||||
ln -fs /tmp/chromium .config/
|
ln -fs /tmp/chromium .config/
|
||||||
ln -fs /tmp/chromium .cache/
|
ln -fs /tmp/chromium .cache/
|
||||||
|
|
||||||
ln -fs ${unstable.gtk3}/share/gsettings-schemas/gtk+3-*/glib-2.0 .local/share/
|
ln -fs ${pkgs.gtk3}/share/gsettings-schemas/gtk+3-*/glib-2.0 .local/share/
|
||||||
|
|
||||||
kitty --class=viewShiftW3 &
|
kitty --class=viewShiftW3 &
|
||||||
emacs &
|
emacs &
|
||||||
|
16
packages.nix
16
packages.nix
@ -2,8 +2,6 @@
|
|||||||
|
|
||||||
let
|
let
|
||||||
nonfree = import <nixos> { config.allowUnfree = true; };
|
nonfree = import <nixos> { config.allowUnfree = true; };
|
||||||
unstable = import <unstable> {};
|
|
||||||
unstable-nonfree = import <unstable> { config.allowUnfree = true; };
|
|
||||||
in {
|
in {
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
programs.browserpass.enable = true;
|
programs.browserpass.enable = true;
|
||||||
@ -29,7 +27,7 @@ in {
|
|||||||
services.tor.client.enable = true;
|
services.tor.client.enable = true;
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
unstable-nonfree.codeql
|
nonfree.codeql
|
||||||
|
|
||||||
# utils
|
# utils
|
||||||
wget tmux zsh vim htop acpi bc p7zip mpv
|
wget tmux zsh vim htop acpi bc p7zip mpv
|
||||||
@ -43,7 +41,7 @@ in {
|
|||||||
pdftk vnstat dunst ghostscript graphicsmagick
|
pdftk vnstat dunst ghostscript graphicsmagick
|
||||||
browsh texlive.combined.scheme-full rubber pandoc
|
browsh texlive.combined.scheme-full rubber pandoc
|
||||||
jq socat ffmpeg-full exiftool apktool mdl wine zstd
|
jq socat ffmpeg-full exiftool apktool mdl wine zstd
|
||||||
unstable.cointop unstable.tesseract dislocker
|
cointop tesseract dislocker
|
||||||
|
|
||||||
# gpg-related
|
# gpg-related
|
||||||
gnupg yubikey-manager yubikey-personalization
|
gnupg yubikey-manager yubikey-personalization
|
||||||
@ -64,7 +62,7 @@ in {
|
|||||||
binwalk
|
binwalk
|
||||||
]))
|
]))
|
||||||
|
|
||||||
(unstable.emacsWithPackages(epkgs:
|
(emacsWithPackages(epkgs:
|
||||||
# MELPA (Milkypostman’s Emacs Lisp Package Archive)
|
# MELPA (Milkypostman’s Emacs Lisp Package Archive)
|
||||||
(with epkgs.melpaPackages; [
|
(with epkgs.melpaPackages; [
|
||||||
# Programming languages modes
|
# Programming languages modes
|
||||||
@ -105,21 +103,21 @@ in {
|
|||||||
gnome3.gnome-font-viewer
|
gnome3.gnome-font-viewer
|
||||||
|
|
||||||
# base x
|
# base x
|
||||||
rofi xlibs.xmodmap xsecurelock unstable.kitty
|
rofi xlibs.xmodmap xsecurelock kitty
|
||||||
libnotify gtk_engines x2x evtest
|
libnotify gtk_engines x2x evtest
|
||||||
pulsemixer arc-theme xclip
|
pulsemixer arc-theme xclip
|
||||||
gnome3.dconf gnome3.dconf-editor gsettings-desktop-schemas gsettings-qt
|
gnome3.dconf gnome3.dconf-editor gsettings-desktop-schemas gsettings-qt
|
||||||
xorg.xcursorthemes capitaine-cursors gnome3.cheese
|
xorg.xcursorthemes capitaine-cursors gnome3.cheese
|
||||||
|
|
||||||
# x apps
|
# x apps
|
||||||
escrotum unstable.wire-desktop evince gimp gnome3.gnome-maps
|
escrotum wire-desktop evince gimp gnome3.gnome-maps
|
||||||
android-file-transfer libreoffice electrum gnome3.nautilus
|
android-file-transfer libreoffice electrum gnome3.nautilus
|
||||||
unstable.signal-desktop
|
signal-desktop
|
||||||
|
|
||||||
(writeShellScriptBin "git-get" "${git}/bin/git clone https://$1 $GOPATH/src/$1")
|
(writeShellScriptBin "git-get" "${git}/bin/git clone https://$1 $GOPATH/src/$1")
|
||||||
|
|
||||||
(writeShellScriptBin "chromium" ''
|
(writeShellScriptBin "chromium" ''
|
||||||
${unstable.chromium}/bin/chromium --force-dark-mode \
|
${chromium}/bin/chromium --force-dark-mode \
|
||||||
--start-maximized \
|
--start-maximized \
|
||||||
$@
|
$@
|
||||||
'')
|
'')
|
||||||
|
@ -1,7 +1,6 @@
|
|||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
unstable = import <unstable> {};
|
|
||||||
fhs = pkgs.writeShellScriptBin "fhs"
|
fhs = pkgs.writeShellScriptBin "fhs"
|
||||||
("${pkgs.docker}/bin/docker run -v /home/user:/home/user -v /nix:/nix "+
|
("${pkgs.docker}/bin/docker run -v /home/user:/home/user -v /nix:/nix "+
|
||||||
"-e \"HOST_PWD=$PWD\" -it fhs");
|
"-e \"HOST_PWD=$PWD\" -it fhs");
|
||||||
@ -47,7 +46,7 @@ in {
|
|||||||
%wheel ALL=(ALL:ALL) NOPASSWD: ${pkgs.light}/bin/light
|
%wheel ALL=(ALL:ALL) NOPASSWD: ${pkgs.light}/bin/light
|
||||||
%wheel ALL=(captive) NOPASSWD: ${pkgs.firefox}/bin/firefox
|
%wheel ALL=(captive) NOPASSWD: ${pkgs.firefox}/bin/firefox
|
||||||
%wheel ALL=(root) NOPASSWD: ${fhs}/bin/fhs
|
%wheel ALL=(root) NOPASSWD: ${fhs}/bin/fhs
|
||||||
%wheel ALL=(out-of-tree) NOPASSWD: ${unstable.out-of-tree}/bin/out-of-tree
|
%wheel ALL=(out-of-tree) NOPASSWD: ${pkgs.out-of-tree}/bin/out-of-tree
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -65,7 +64,7 @@ in {
|
|||||||
"--cap-add=SYS_PTRACE --security-opt seccomp=unconfined" +
|
"--cap-add=SYS_PTRACE --security-opt seccomp=unconfined" +
|
||||||
" -e \"HOST_PWD=$PWD\" -v /nix=/nix -it fhs"))
|
" -e \"HOST_PWD=$PWD\" -v /nix=/nix -it fhs"))
|
||||||
(writeShellScriptBin "out-of-tree"
|
(writeShellScriptBin "out-of-tree"
|
||||||
"sudo -H -u out-of-tree ${unstable.out-of-tree}/bin/out-of-tree $@")
|
"sudo -H -u out-of-tree ${pkgs.out-of-tree}/bin/out-of-tree $@")
|
||||||
];
|
];
|
||||||
|
|
||||||
security.wrappers = {
|
security.wrappers = {
|
||||||
|
Loading…
Reference in New Issue
Block a user