-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcustom_machine.example.nix
More file actions
208 lines (181 loc) · 12 KB
/
custom_machine.example.nix
File metadata and controls
208 lines (181 loc) · 12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
{ config, lib, pkgs, modulesPath, ... }:
let
vars = import ./custom_vars.nix;
in
{
imports = [
# ---- Hardware (generated by nixos-generate-config) ----------------------
./hardware-configuration.nix
# =========================================================================
# POLICIES (Essential Structural Choices - Choose ONE per category)
# =========================================================================
# ---- Bootloader ---------------------------------------------------------
./genoc/policies/boot/grub.nix # Standard GRUB2 bootloader
# ./genoc/policies/boot/systemd-boot.nix # Modern systemd-boot (UEFI only)
# ./genoc/policies/boot/grub-dualboot-efi.nix # GRUB with Windows dual-boot support
./genoc/policies/boot/plymouth.nix # Modern boot splash screen (visual boot)
# ---- Desktop Environment (Main Graphical Interface) ---------------------
./genoc/policies/desktop/kde/plasma.nix # KDE Plasma 6 Desktop Environment
# ./genoc/policies/desktop/gnome/shell.nix # GNOME Desktop Environment
# ./genoc/policies/desktop/tilling/hyprland.nix # Hyprland (Wayland compositor)
# ./genoc/policies/desktop/tilling/sway.nix # Sway (Wayland i3-compatible)
# ./genoc/policies/desktop/tilling/i3.nix # i3 Window Manager (X11)
# ./genoc/policies/desktop/hybrid/rich-kde-primary.nix # KDE + GNOME (KDE primary)
# ./genoc/policies/desktop/hybrid/lightweight-xfce-primary.nix # XFCE + others
# ---- Power Management ---------------------------------------------------
./genoc/policies/power/cpu/balance.nix # Balanced CPU power/performance policy
# ./genoc/policies/power/cpu/performance.nix # Maximum CPU performance (fixed high freq)
# ./genoc/policies/power/cpu/eco-ultra.nix # Extreme energy saving for battery longevity
# ---- Networking & Firewall ----------------------------------------------
./genoc/policies/networking/firewall/base.nix # Standard protective firewall (enabled)
# ./genoc/policies/networking/firewall/stealth.nix # Stealth firewall (drops ICMP/pings)
# ./genoc/policies/networking/firewall/open.nix # Completely open firewall (risky!)
# ---- Firewall Port Openers (Expose services to network) -----------------
# ./genoc/policies/networking/firewall/open-web.nix # Open HTTP/HTTPS (80/443)
# ./genoc/policies/networking/firewall/open-p2p-crypto.nix # Open Bitcoin/Elements (8333/17041)
# ./genoc/policies/networking/firewall/open-syncthing.nix # Open Syncthing (22000/21027)
# ./genoc/policies/networking/firewall/open-i2p.nix # Open I2P (45678)
# ./genoc/policies/networking/firewall/open-home-automation.nix # Open HA/Zigbee ports
# ./genoc/policies/networking/firewall/open-ai-ollama.nix # Open Ollama API (11434)
# ./genoc/policies/networking/firewall/open-gaming.nix # Open Minecraft (25565)
# ---- SSH Access ---------------------------------------------------------
./genoc/policies/networking/ssh/hardened.nix # Public Key ONLY (Secure standard)
# ./genoc/policies/networking/ssh/base.nix # Password and Key (Balanced)
# ./genoc/policies/networking/ssh/paranoid.nix # Requires BOTH Key and Password (MFA)
# ---- System Behavior & Policies -----------------------------------------
./genoc/policies/security/sudo/wheel-no-password.nix # Allow sudo without password
./genoc/modules/security/polkit/base.nix # Basic GUI authorization support
./genoc/policies/security/gpg/agent.nix # GPG agent with SSH support
./genoc/policies/system/shells/zsh.nix # Zsh shell with modern defaults
# ./genoc/policies/system/shells/bash.nix # Classic Bash shell
# ./genoc/policies/system/behavior/prevent-sleep.nix # Disables automatic sleep
# ./genoc/policies/system/behavior/prevent-hibernation.nix # Disables hibernation
# ./genoc/policies/system/behavior/seamless-switch.nix # Prevent service restart on switch
# ./genoc/policies/system/behavior/server-uptime.nix # Optimized for long uptime
# =========================================================================
# PROFILES (Mixins - Add as many as you want)
# =========================================================================
# ---- Development Profiles -----------------------------------------------
# ./genoc/profiles/development/backend-go-legend.nix # The ultimate Go/Crypto backend stack
# ./genoc/profiles/development/fullstack-overlord.nix # Fullstack development environment
# ./genoc/profiles/development/dev-hacker.nix # Minimalist hacker-oriented tools
# ./genoc/profiles/development/backend-rust.nix # Rust developer environment
# ./genoc/profiles/development/backend-go.nix # Standard Go developer environment
# ./genoc/profiles/development/web-frontend.nix # Modern web frontend tools
# ./genoc/profiles/development/data-scientist.nix # Data science and ML stack
# ./genoc/profiles/development/dev-newbie.nix # Beginner-friendly dev tools
# ./genoc/profiles/development/devops-engineer.nix # Infrastructure and DevOps tools
# ./genoc/profiles/development/game-engine-dev.nix # Game engine development stack
# ./genoc/profiles/development/mobile-app-dev.nix # Android and Flutter development
# ./genoc/profiles/development/embedded-engineer.nix # Embedded systems and firmware tools
# ./genoc/profiles/development/dev-testing.nix # Playwright + testing tools
# ---- Business & Office --------------------------------------------------
# ./genoc/profiles/business/office-maniac.nix # The ultimate LaTeX and bibliography stack
# ./genoc/profiles/business/office-rat.nix # Standard office productivity suite
# ./genoc/profiles/business/office-light-eco.nix # Minimalist and efficient office tools
# ./genoc/profiles/business/academic-researcher.nix # Academic research and writing tools
# ./genoc/profiles/business/doc-hacker.nix # LaTeX and advanced document tools
# ./genoc/profiles/business/finance-guru.nix # Advanced finance and analysis tools
# ./genoc/profiles/business/finance-retail.nix # Basic finance and banking tools
# ./genoc/profiles/business/legal-prof.nix # Tools for legal professionals
# ./genoc/profiles/business/student.nix # Essential tools for students
# ./genoc/profiles/business/trader-pro.nix # Professional trading and market analysis
# ---- Security & Privacy -------------------------------------------------
# ./genoc/profiles/security/crypto-anarchist.nix # Bitcoin, Liquid, I2P and privacy tools
# ./genoc/profiles/security/privacy-paranoid.nix # Maximum privacy and anonymity tools
# ./genoc/profiles/security/red-team.nix # Pentesting and offensive security
# ./genoc/profiles/security/forensic-analyst.nix # Digital forensics and investigation
# ./genoc/profiles/security/osint-investigator.nix # Open-source intelligence tools
# ---- Creative & Multimedia ----------------------------------------------
# ./genoc/profiles/creative/digital-artist.nix # 2D/3D digital art and illustration
# ./genoc/profiles/creative/music-producer.nix # Digital audio workstation tools
# ./genoc/profiles/creative/photographer.nix # Photography and editing workflow
# ./genoc/profiles/creative/streamer.nix # Live streaming and content creation
# ./genoc/profiles/creative/vector-designer.nix # Vector graphics and design tools
# ./genoc/profiles/creative/vfx-astronaut.nix # Visual effects and 3D animation
# ./genoc/profiles/creative/ricing-obsessed.nix # Deep system UI customization tools
# ---- Gaming -------------------------------------------------------------
# ./genoc/profiles/gaming/steam-heavy.nix # Optimized Steam gaming environment
# ./genoc/profiles/gaming/retro-maniac.nix # Emulators and retro gaming tools
# ./genoc/profiles/gaming/simulation-rig.nix # Optimized for heavy simulation games
# ./genoc/profiles/gaming/minecraft-server.nix # Local Minecraft server setup
# ---- Power Management Profiles ------------------------------------------
# ./genoc/profiles/power/balanced.nix # Preset for balanced usage
# ./genoc/profiles/power/performance.nix # Preset for high performance
# ./genoc/profiles/power/endurance.nix # Preset for long battery life
# ---- Social & Communication ---------------------------------------------
# ./genoc/profiles/social/chatterbox-maniac.nix # All major communication apps
# ./genoc/profiles/social/irc-veteran.nix # IRC clients and classic chat tools
# ./genoc/profiles/social/minimalist.nix # Minimalist communication tools
# ---- Web Browsing -------------------------------------------------------
# ./genoc/profiles/web/hacker.nix # Hardened and dev-oriented browsers
# ./genoc/profiles/web/hoarder.nix # Web archiving and heavy browsing
# ./genoc/profiles/web/surfer-light.nix # Lightweight and fast browsing
# ./genoc/profiles/web/surfer-maniac.nix # All-in browser stack
# ---- System Configuration -----------------------------------------------
# ./genoc/profiles/system/minimal-server.nix # Minimal server configuration
# ./genoc/profiles/system/kiosk-mode.nix # Full-screen kiosk for public displays
# ./genoc/profiles/system/parental-control.nix # Content filtering and restrictions
];
# =========================================================================
# SPECIALISATIONS (Switch contexts on the fly at boot or via switch)
# =========================================================================
specialisation = {
# ---- REGULAR DEV: The God Stack with full networking --------------------
dev.configuration = {
system.nixos.tags = [ "backend-go-legend" ];
imports = [
./genoc/profiles/development/backend-go-legend.nix
./genoc/modules/infrastructure/networking/syncthing.nix
./genoc/policies/networking/firewall/open-p2p-crypto.nix
./genoc/policies/networking/firewall/open-syncthing.nix
];
};
# ---- TEXT MODE GOD: No GUI, All CLI Tools and Zsh -----------------------
headless.configuration = {
system.nixos.tags = [ "terminal-only" ];
imports = [
./genoc/profiles/system/minimal-server.nix
./genoc/profiles/development/dev-hacker.nix
./genoc/profiles/power/endurance.nix
./genoc/policies/system/shells/zsh.nix
];
services.xserver.enable = lib.mkForce false;
services.displayManager.sddm.enable = lib.mkForce false;
};
# ---- OFFICE MANIAC: LaTeX God and heavy document tools ------------------
office.configuration = {
system.nixos.tags = [ "office-maniac" ];
imports = [
./genoc/profiles/business/office-maniac.nix
];
};
# ---- THEATER MODE: Multimedia focus, stay awake -------------------------
theater.configuration = {
system.nixos.tags = [ "theater-mode" ];
imports = [
./genoc/policies/system/behavior/prevent-sleep.nix
./genoc/modules/domains/multimedia/base.nix
./genoc/modules/domains/multimedia/streaming.nix
];
};
# ---- SHOPPING EMERGENCY: Max battery, Nvidia OFF, Eco CPU ---------------
shopping.configuration = {
system.nixos.tags = [ "shopping-emergency" ];
imports = [
./genoc/profiles/power/endurance.nix
./genoc/profiles/business/office-light-eco.nix
];
networking.networkmanager.wifi.powersave = lib.mkForce true;
};
};
# =========================================================================
# EXTRA PACKAGES
# =========================================================================
environment.systemPackages = with pkgs; [
# IMPORTANT: Avoid adding packages directly here.
# Try to find/create a Profile or Module instead for better organization.
];
# ---- System Version (DO NOT CHANGE) ---------------------------------------
system.stateVersion = vars.installationNixOSVersion;
}