├── LICENSE ├── README.md ├── assets ├── RedNixOS-wallpaper-between.png ├── RedNixOSWallpaper.png ├── RedNixOSWallpaperAscii.png ├── logoTransparentBg.png ├── rednixWallpaperDarker.png └── screenshot.png ├── flake.lock ├── flake.nix ├── gnome.nix ├── graphical.nix ├── home ├── .config │ ├── gtk-3.0 │ │ ├── colors.css │ │ ├── gtk.css │ │ └── settings.ini │ ├── gtk-4.0 │ │ └── settings.ini │ ├── user-dirs.dirs │ └── user-dirs.locale ├── RedNixOSWallpaper.png └── Rednix-logo-transparent-background.png ├── rednixos-iso.nix └── wallpapers.nix /LICENSE: -------------------------------------------------------------------------------- 1 | ISC License 2 | 3 | Copyright 2022 Red Code Labs 4 | 5 | Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. 6 | 7 | THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 8 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 |

RedNixOS


NixOS 'distro' for security enthusiasts
2 | 3 | [Wiki](https://github.com/redcode-labs/RedNixOS/wiki) | [Releases](https://github.com/redcode-labs/RedNixOS/releases) 4 | 5 |
6 | -------------------------------------------------------------------------------- /assets/RedNixOS-wallpaper-between.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/RedNixOS/bb9b9650a84df3bf40e635cd0bac41502778e46a/assets/RedNixOS-wallpaper-between.png -------------------------------------------------------------------------------- /assets/RedNixOSWallpaper.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/RedNixOS/bb9b9650a84df3bf40e635cd0bac41502778e46a/assets/RedNixOSWallpaper.png -------------------------------------------------------------------------------- /assets/RedNixOSWallpaperAscii.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/RedNixOS/bb9b9650a84df3bf40e635cd0bac41502778e46a/assets/RedNixOSWallpaperAscii.png -------------------------------------------------------------------------------- /assets/logoTransparentBg.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/RedNixOS/bb9b9650a84df3bf40e635cd0bac41502778e46a/assets/logoTransparentBg.png -------------------------------------------------------------------------------- /assets/rednixWallpaperDarker.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/RedNixOS/bb9b9650a84df3bf40e635cd0bac41502778e46a/assets/rednixWallpaperDarker.png -------------------------------------------------------------------------------- /assets/screenshot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/RedNixOS/bb9b9650a84df3bf40e635cd0bac41502778e46a/assets/screenshot.png -------------------------------------------------------------------------------- /flake.lock: -------------------------------------------------------------------------------- 1 | { 2 | "nodes": { 3 | "chainsaw": { 4 | "inputs": { 5 | "nixpkgs": [ 6 | "rednix", 7 | "nixpkgs" 8 | ] 9 | }, 10 | "locked": { 11 | "lastModified": 1732230398, 12 | "narHash": "sha256-HJTWOdOMZ0HE3eiIrKMg2F/rM4WbnFT2crQ60S9DlJU=", 13 | "owner": "WithSecureLabs", 14 | "repo": "chainsaw", 15 | "rev": "3a08847f8d57859fb527397c8176249e7f4a7320", 16 | "type": "github" 17 | }, 18 | "original": { 19 | "owner": "WithSecureLabs", 20 | "repo": "chainsaw", 21 | "type": "github" 22 | } 23 | }, 24 | "hackpkgs": { 25 | "inputs": { 26 | "flake-utils": [ 27 | "rednix", 28 | "utils" 29 | ], 30 | "nixpkgs": [ 31 | "rednix", 32 | "nixpkgs" 33 | ] 34 | }, 35 | "locked": { 36 | "lastModified": 1658745217, 37 | "narHash": "sha256-VyP2WOYmMZG5zmysQWDAXri8H1KwIQ0c+YU9eRiKjc0=", 38 | "owner": "applePrincess", 39 | "repo": "hackpkgs", 40 | "rev": "dd31e977fb99a6f7226954d2cb1d6f48869d8a55", 41 | "type": "github" 42 | }, 43 | "original": { 44 | "owner": "applePrincess", 45 | "repo": "hackpkgs", 46 | "type": "github" 47 | } 48 | }, 49 | "nixpkgs": { 50 | "locked": { 51 | "lastModified": 1732014248, 52 | "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", 53 | "owner": "NixOS", 54 | "repo": "nixpkgs", 55 | "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", 56 | "type": "github" 57 | }, 58 | "original": { 59 | "owner": "NixOS", 60 | "ref": "nixos-unstable", 61 | "repo": "nixpkgs", 62 | "type": "github" 63 | } 64 | }, 65 | "rednix": { 66 | "inputs": { 67 | "chainsaw": "chainsaw", 68 | "hackpkgs": "hackpkgs", 69 | "nixpkgs": [ 70 | "nixpkgs" 71 | ], 72 | "utils": "utils" 73 | }, 74 | "locked": { 75 | "lastModified": 1732506125, 76 | "narHash": "sha256-0TuccueIwBB1lo8ehJt3YgTs+99qefqcBhYZ5hkYMGA=", 77 | "owner": "redcode-labs", 78 | "repo": "RedNix", 79 | "rev": "8f30c105d065b0174d756a921649a874f5c85445", 80 | "type": "github" 81 | }, 82 | "original": { 83 | "owner": "redcode-labs", 84 | "repo": "RedNix", 85 | "type": "github" 86 | } 87 | }, 88 | "root": { 89 | "inputs": { 90 | "nixpkgs": "nixpkgs", 91 | "rednix": "rednix" 92 | } 93 | }, 94 | "systems": { 95 | "locked": { 96 | "lastModified": 1681028828, 97 | "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 98 | "owner": "nix-systems", 99 | "repo": "default", 100 | "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 101 | "type": "github" 102 | }, 103 | "original": { 104 | "owner": "nix-systems", 105 | "repo": "default", 106 | "type": "github" 107 | } 108 | }, 109 | "utils": { 110 | "inputs": { 111 | "systems": "systems" 112 | }, 113 | "locked": { 114 | "lastModified": 1731533236, 115 | "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", 116 | "owner": "numtide", 117 | "repo": "flake-utils", 118 | "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", 119 | "type": "github" 120 | }, 121 | "original": { 122 | "owner": "numtide", 123 | "repo": "flake-utils", 124 | "type": "github" 125 | } 126 | } 127 | }, 128 | "root": "root", 129 | "version": 7 130 | } 131 | -------------------------------------------------------------------------------- /flake.nix: -------------------------------------------------------------------------------- 1 | { 2 | inputs = { 3 | nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; 4 | 5 | rednix = { 6 | url = "github:redcode-labs/RedNix"; 7 | inputs.nixpkgs.follows = "nixpkgs"; 8 | }; 9 | }; 10 | 11 | outputs = inputs @ { 12 | self, 13 | nixpkgs, 14 | ... 15 | }: let 16 | modulesPath = "${nixpkgs}/nixos/modules"; 17 | 18 | mkSystem = extraModules: 19 | nixpkgs.lib.nixosSystem { 20 | system = "x86_64-linux"; 21 | 22 | specialArgs = {inherit inputs self;}; 23 | 24 | modules = [./rednixos-iso.nix] ++ extraModules; 25 | }; 26 | in { 27 | nixosConfigurations = let 28 | packages = {pkgs, ...}: {environment.systemPackages = nixpkgs.lib.attrValues inputs.rednix.packages.${pkgs.system};}; 29 | in { 30 | RedNixOS = mkSystem [ 31 | ./gnome.nix 32 | ./graphical.nix 33 | packages 34 | "${modulesPath}/installer/cd-dvd/installation-cd-graphical-gnome.nix" 35 | ]; 36 | RedNixOS-light = mkSystem [ 37 | ./gnome.nix 38 | ./graphical.nix 39 | "${modulesPath}/installer/cd-dvd/installation-cd-graphical-gnome.nix" 40 | ]; 41 | RedNixOS-headless = mkSystem [ 42 | packages 43 | "${modulesPath}/installer/cd-dvd/installation-cd-base.nix" 44 | ]; 45 | }; 46 | 47 | packages.x86_64-linux = 48 | (builtins.mapAttrs (n: v: v.config.system.build.isoImage) self.nixosConfigurations) 49 | // { 50 | default = self.packages.x86_64-linux.RedNixOS; 51 | }; 52 | }; 53 | } 54 | -------------------------------------------------------------------------------- /gnome.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | self, 4 | lib, 5 | ... 6 | }: let 7 | # generate wallpaper entry (copied from pkgs.nixos-artwork) 8 | rednixos-wallpaper = import ./wallpapers.nix { 9 | inherit (pkgs) stdenv; 10 | inherit lib self; 11 | }; 12 | 13 | # force custom wallpaper 14 | nixos-gsettings-desktop-schemas = pkgs.gnome.nixos-gsettings-overrides.override { 15 | nixos-background-dark = rednixos-wallpaper; 16 | nixos-background-light = rednixos-wallpaper; 17 | }; 18 | 19 | # custom wallpaper 20 | background-info = pkgs.writeTextFile { 21 | name = "rednixos-background-info"; 22 | text = '' 23 | 24 | 25 | 26 | 27 | RedNixOS 28 | ${self}/home/RedNixOSWallpaper.png 29 | ${self}/home/RedNixOSWallpaper.png 30 | zoom 31 | solid 32 | #3a4ba0 33 | #2f302f 34 | 35 | 36 | ''; 37 | destination = "/share/gnome-background-properties/rednixos.xml"; 38 | }; 39 | in { 40 | environment = { 41 | systemPackages = with pkgs; [ 42 | background-info 43 | 44 | libsForQt5.kpmcore 45 | calamares-nixos 46 | calamares-nixos-extensions 47 | # Get list of locales 48 | glibcLocales 49 | ]; 50 | 51 | variables = { 52 | # Override GSettings schemas 53 | NIX_GSETTINGS_OVERRIDES_DIR = lib.mkForce "${nixos-gsettings-desktop-schemas}/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas"; 54 | # Fix scaling for calamares on wayland 55 | QT_QPA_PLATFORM = "$([[ $XDG_SESSION_TYPE = \"wayland\" ]] && echo \"wayland\")"; 56 | }; 57 | }; 58 | 59 | isoImage.edition = "gnome"; 60 | 61 | # Theme calamares with GNOME theme 62 | qt = { 63 | enable = true; 64 | platformTheme = "gnome"; 65 | style = "adwaita-dark"; 66 | }; 67 | 68 | services.xserver.desktopManager.gnome = { 69 | enable = true; 70 | 71 | # Add Firefox and other tools useful for installation to the launcher 72 | favoriteAppsOverride = lib.mkForce '' 73 | [org.gnome.shell] 74 | favorite-apps=[ 'firefox.desktop', 'nixos-manual.desktop', 'org.gnome.Console.desktop', 'org.gnome.Nautilus.desktop', 'gparted.desktop', 'io.calamares.calamares.desktop' ] 75 | ''; 76 | 77 | # Override GNOME defaults to disable GNOME tour and disable suspend 78 | extraGSettingsOverrides = '' 79 | [org.gnome.shell] 80 | welcome-dialog-last-shown-version='9999999999' 81 | [org.gnome.desktop.session] 82 | idle-delay=0 83 | [org.gnome.settings-daemon.plugins.power] 84 | sleep-inactive-ac-type='nothing' 85 | sleep-inactive-battery-type='nothing' 86 | ''; 87 | 88 | extraGSettingsOverridePackages = [pkgs.gnome-settings-daemon]; 89 | }; 90 | } 91 | -------------------------------------------------------------------------------- /graphical.nix: -------------------------------------------------------------------------------- 1 | {lib, ...}: { 2 | boot.plymouth.enable = true; 3 | 4 | hardware = { 5 | graphics.enable = true; 6 | # disable pulse since we're using pipewire 7 | pulseaudio.enable = lib.mkForce false; 8 | }; 9 | 10 | services = { 11 | pipewire = { 12 | enable = true; 13 | pulse.enable = true; 14 | }; 15 | 16 | printing.enable = true; 17 | 18 | libinput.enable = true; 19 | 20 | xserver = { 21 | enable = true; 22 | xkb = { 23 | layout = "us"; 24 | variant = ""; 25 | }; 26 | }; 27 | }; 28 | } 29 | -------------------------------------------------------------------------------- /home/.config/gtk-3.0/colors.css: -------------------------------------------------------------------------------- 1 | @define-color borders #5f6265; 2 | @define-color content_view_bg #1b1e20; 3 | @define-color error_color_backdrop #da4453; 4 | @define-color error_color #da4453; 5 | @define-color error_color_insensitive_backdrop #592930; 6 | @define-color error_color_insensitive #592930; 7 | @define-color insensitive_base_color #1a1d1f; 8 | @define-color insensitive_base_fg_color #656768; 9 | @define-color insensitive_bg_color #282c30; 10 | @define-color insensitive_borders #3a3d41; 11 | @define-color insensitive_fg_color #6e7173; 12 | @define-color insensitive_selected_bg_color #282c30; 13 | @define-color insensitive_selected_fg_color #6e7173; 14 | @define-color insensitive_unfocused_bg_color #282c30; 15 | @define-color insensitive_unfocused_fg_color #6e7173; 16 | @define-color insensitive_unfocused_selected_bg_color #282c30; 17 | @define-color insensitive_unfocused_selected_fg_color #6e7173; 18 | @define-color link_color #e93d58; 19 | @define-color link_visited_color #9b59b6; 20 | @define-color success_color_backdrop #27ae60; 21 | @define-color success_color #27ae60; 22 | @define-color success_color_insensitive_backdrop #1e4d34; 23 | @define-color success_color_insensitive #1e4d34; 24 | @define-color theme_base_color #1b1e20; 25 | @define-color theme_bg_color #2a2e32; 26 | @define-color theme_button_background_backdrop #31363b; 27 | @define-color theme_button_background_backdrop_insensitive #2f3338; 28 | @define-color theme_button_background_insensitive #2f3338; 29 | @define-color theme_button_background_normal #31363b; 30 | @define-color theme_button_decoration_focus_backdrop #e93d58; 31 | @define-color theme_button_decoration_focus_backdrop_insensitive #6c3642; 32 | @define-color theme_button_decoration_focus #e93d58; 33 | @define-color theme_button_decoration_focus_insensitive #6c3642; 34 | @define-color theme_button_decoration_hover_backdrop #e93d58; 35 | @define-color theme_button_decoration_hover_backdrop_insensitive #6c3642; 36 | @define-color theme_button_decoration_hover #e93d58; 37 | @define-color theme_button_decoration_hover_insensitive #6c3642; 38 | @define-color theme_button_foreground_active_backdrop #fcfcfc; 39 | @define-color theme_button_foreground_active_backdrop_insensitive #6e7173; 40 | @define-color theme_button_foreground_active #ffffff; 41 | @define-color theme_button_foreground_active_insensitive #6e7173; 42 | @define-color theme_button_foreground_backdrop #fcfcfc; 43 | @define-color theme_button_foreground_backdrop_insensitive #727679; 44 | @define-color theme_button_foreground_insensitive #727679; 45 | @define-color theme_button_foreground_normal #fcfcfc; 46 | @define-color theme_fg_color #fcfcfc; 47 | @define-color theme_header_background_backdrop #2a2e32; 48 | @define-color theme_header_background #31363b; 49 | @define-color theme_header_background_light #2a2e32; 50 | @define-color theme_header_foreground_backdrop #fcfcfc; 51 | @define-color theme_header_foreground #fcfcfc; 52 | @define-color theme_header_foreground_insensitive_backdrop #fcfcfc; 53 | @define-color theme_header_foreground_insensitive #fcfcfc; 54 | @define-color theme_hovering_selected_bg_color #e93d58; 55 | @define-color theme_selected_bg_color #ab3347; 56 | @define-color theme_selected_fg_color #ffffff; 57 | @define-color theme_text_color #fcfcfc; 58 | @define-color theme_titlebar_background_backdrop #2a2e32; 59 | @define-color theme_titlebar_background #31363b; 60 | @define-color theme_titlebar_background_light #2a2e32; 61 | @define-color theme_titlebar_foreground_backdrop #fcfcfc; 62 | @define-color theme_titlebar_foreground #fcfcfc; 63 | @define-color theme_titlebar_foreground_insensitive_backdrop #fcfcfc; 64 | @define-color theme_titlebar_foreground_insensitive #fcfcfc; 65 | @define-color theme_unfocused_base_color #1b1e20; 66 | @define-color theme_unfocused_bg_color #2a2e32; 67 | @define-color theme_unfocused_fg_color #fcfcfc; 68 | @define-color theme_unfocused_selected_bg_color_alt #622530; 69 | @define-color theme_unfocused_selected_bg_color #622530; 70 | @define-color theme_unfocused_selected_fg_color #fcfcfc; 71 | @define-color theme_unfocused_text_color #fcfcfc; 72 | @define-color theme_unfocused_view_bg_color #1a1d1f; 73 | @define-color theme_unfocused_view_text_color #656768; 74 | @define-color theme_view_active_decoration_color #e93d58; 75 | @define-color theme_view_hover_decoration_color #e93d58; 76 | @define-color tooltip_background #31363b; 77 | @define-color tooltip_border #64686b; 78 | @define-color tooltip_text #fcfcfc; 79 | @define-color unfocused_borders #5f6265; 80 | @define-color unfocused_insensitive_borders #3a3d41; 81 | @define-color warning_color_backdrop #f67400; 82 | @define-color warning_color #f67400; 83 | @define-color warning_color_insensitive_backdrop #633914; 84 | @define-color warning_color_insensitive #633914; 85 | -------------------------------------------------------------------------------- /home/.config/gtk-3.0/gtk.css: -------------------------------------------------------------------------------- 1 | @import 'colors.css'; -------------------------------------------------------------------------------- /home/.config/gtk-3.0/settings.ini: -------------------------------------------------------------------------------- 1 | [Settings] 2 | gtk-application-prefer-dark-theme=true 3 | gtk-button-images=true 4 | gtk-cursor-theme-name=breeze_cursors 5 | gtk-cursor-theme-size=24 6 | gtk-decoration-layout=icon:minimize,maximize,close 7 | gtk-enable-animations=true 8 | gtk-font-name=Noto Sans, 10 9 | gtk-icon-theme-name=breeze 10 | gtk-menu-images=true 11 | gtk-modules=colorreload-gtk-module 12 | gtk-primary-button-warps-slider=false 13 | gtk-toolbar-style=3 14 | -------------------------------------------------------------------------------- /home/.config/gtk-4.0/settings.ini: -------------------------------------------------------------------------------- 1 | [Settings] 2 | gtk-application-prefer-dark-theme=true 3 | gtk-cursor-theme-name=breeze_cursors 4 | gtk-cursor-theme-size=24 5 | gtk-decoration-layout=icon:minimize,maximize,close 6 | gtk-enable-animations=true 7 | gtk-font-name=Noto Sans, 10 8 | gtk-icon-theme-name=breeze 9 | gtk-primary-button-warps-slider=false 10 | -------------------------------------------------------------------------------- /home/.config/user-dirs.dirs: -------------------------------------------------------------------------------- 1 | # This file is written by xdg-user-dirs-update 2 | # If you want to change or add directories, just edit the line you're 3 | # interested in. All local changes will be retained on the next run. 4 | # Format is XDG_xxx_DIR="$HOME/yyy", where yyy is a shell-escaped 5 | # homedir-relative path, or XDG_xxx_DIR="/yyy", where /yyy is an 6 | # absolute path. No other format is supported. 7 | # 8 | XDG_DESKTOP_DIR="$HOME/Desktop" 9 | XDG_DOWNLOAD_DIR="$HOME/Downloads" 10 | XDG_TEMPLATES_DIR="$HOME/Templates" 11 | XDG_PUBLICSHARE_DIR="$HOME/Public" 12 | XDG_DOCUMENTS_DIR="$HOME/Documents" 13 | XDG_MUSIC_DIR="$HOME/Music" 14 | XDG_PICTURES_DIR="$HOME/Pictures" 15 | XDG_VIDEOS_DIR="$HOME/Videos" 16 | -------------------------------------------------------------------------------- /home/.config/user-dirs.locale: -------------------------------------------------------------------------------- 1 | en_GB -------------------------------------------------------------------------------- /home/RedNixOSWallpaper.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/RedNixOS/bb9b9650a84df3bf40e635cd0bac41502778e46a/home/RedNixOSWallpaper.png -------------------------------------------------------------------------------- /home/Rednix-logo-transparent-background.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/RedNixOS/bb9b9650a84df3bf40e635cd0bac41502778e46a/home/Rednix-logo-transparent-background.png -------------------------------------------------------------------------------- /rednixos-iso.nix: -------------------------------------------------------------------------------- 1 | { 2 | pkgs, 3 | lib, 4 | ... 5 | }: { 6 | # use soystemd-boot EFI boot loader 7 | boot.loader = { 8 | systemd-boot.enable = true; 9 | efi.canTouchEfiVariables = true; 10 | }; 11 | 12 | hardware.bluetooth.enable = true; 13 | 14 | services = { 15 | timesyncd = { 16 | # feel free to change to sth around your location 17 | # servers = ["pl.pool.ntp.org"]; 18 | }; 19 | 20 | openssh = { 21 | enable = true; 22 | allowSFTP = true; 23 | settings = { 24 | AllowAgentForwarding = false; 25 | AllowStreamLocalForwarding = false; 26 | AllowTcpForwarding = true; 27 | AuthenticationMethods = "publickey"; 28 | KbdInteractiveAuthentication = false; 29 | PasswordAuthentication = false; 30 | X11Forwarding = false; 31 | }; 32 | }; 33 | 34 | avahi = { 35 | enable = true; 36 | browseDomains = []; 37 | wideArea = false; 38 | nssmdns4 = true; 39 | }; 40 | 41 | unbound = { 42 | enable = true; 43 | settings.server = { 44 | access-control = []; 45 | interface = []; 46 | }; 47 | }; 48 | 49 | # using VPN is generally a good idea 50 | # use Mullvad btw 51 | # mullvad-vpn.enable = true; 52 | 53 | hardware.bolt.enable = true; 54 | 55 | spice-vdagentd.enable = true; 56 | qemuGuest.enable = true; 57 | }; 58 | 59 | virtualisation = { 60 | docker.enable = true; 61 | hypervGuest.enable = true; 62 | virtualbox.guest.enable = false; 63 | vmware.guest.enable = true; 64 | }; 65 | 66 | # networking better than on LinkedIn 67 | networking = { 68 | hostName = "RedNixOS"; 69 | proxy = { 70 | # default = "http://user:password@proxy:port/"; 71 | # noProxy = "127.0.0.1,localhost,internal.domain"; 72 | }; 73 | wireless.enable = lib.mkForce false; 74 | networkmanager.enable = true; 75 | firewall = { 76 | allowedTCPPorts = [22 80]; 77 | allowPing = false; 78 | checkReversePath = "loose"; 79 | logReversePathDrops = true; 80 | autoLoadConntrackHelpers = false; 81 | connectionTrackingModules = [ 82 | "ftp" 83 | "irc" 84 | "sane" 85 | "sip" 86 | "tftp" 87 | "amanda" 88 | "h323" 89 | "netbios_sn" 90 | "pptp" 91 | "snmp" 92 | ]; 93 | # trustedInterfaces = [ "" ]; 94 | }; 95 | }; 96 | 97 | security = { 98 | # if you want, you can disable sudo and use doas 99 | sudo = { 100 | enable = true; 101 | wheelNeedsPassword = true; 102 | execWheelOnly = true; 103 | }; 104 | # apparmor.enable = true; 105 | # lockKernelModules = true; 106 | auditd.enable = true; 107 | audit = { 108 | enable = true; 109 | rules = ["-a exit, always -F arch=b64 -s execve"]; 110 | }; 111 | }; 112 | 113 | # default user config 114 | users.users.red = { 115 | isNormalUser = true; 116 | description = "Red"; 117 | initialPassword = "rednixos"; 118 | extraGroups = [ 119 | "wheel" 120 | "networkmanager" 121 | "audio" 122 | "video" 123 | "input" 124 | "docker" 125 | ]; 126 | }; 127 | 128 | # nix config 129 | nix = { 130 | package = pkgs.nixVersions.git; 131 | settings = { 132 | extra-experimental-features = [ 133 | "nix-command" 134 | "flakes" 135 | ]; 136 | allowed-users = ["@wheel"]; # locks down access to nix-daemon 137 | }; 138 | }; 139 | 140 | # nixpkgs config 141 | nixpkgs.config = { 142 | allowUnfree = true; 143 | allowInsecurePredicate = p: true; 144 | segger-jlink.acceptLicense = true; 145 | }; 146 | 147 | # the system state version of NixOS. database schemas and other settings will 148 | # depend on this. do NOT change unless you know what you're doing. 149 | system.stateVersion = "unstable"; 150 | } 151 | -------------------------------------------------------------------------------- /wallpapers.nix: -------------------------------------------------------------------------------- 1 | # generate wallpaper entries (copied from pkgs.nixos-artwork) 2 | { 3 | lib, 4 | stdenv, 5 | self, 6 | }: let 7 | mkNixBackground = { 8 | name, 9 | src, 10 | description, 11 | }: let 12 | pkg = stdenv.mkDerivation { 13 | inherit name src; 14 | 15 | dontUnpack = true; 16 | 17 | installPhase = '' 18 | # GNOME 19 | mkdir -p $out/share/backgrounds/nixos 20 | ln -s $src $out/share/backgrounds/nixos/${src.name} 21 | 22 | mkdir -p $out/share/gnome-background-properties/ 23 | cat < $out/share/gnome-background-properties/${name}.xml 24 | 25 | 26 | 27 | 28 | ${name} 29 | ${src} 30 | zoom 31 | solid 32 | #ffffff 33 | #000000 34 | 35 | 36 | EOF 37 | 38 | # TODO: is this path still needed? 39 | mkdir -p $out/share/artwork/gnome 40 | ln -s $src $out/share/artwork/gnome/${src.name} 41 | 42 | # KDE 43 | mkdir -p $out/share/wallpapers/${name}/contents/images 44 | ln -s $src $out/share/wallpapers/${name}/contents/images/${src.name} 45 | cat >>$out/share/wallpapers/${name}/metadata.desktop <<_EOF 46 | [Desktop Entry] 47 | Name=${name} 48 | X-KDE-PluginInfo-Name=${name} 49 | _EOF 50 | ''; 51 | 52 | passthru = { 53 | gnomeFilePath = "${pkg}/share/backgrounds/nixos/${src.name}"; 54 | kdeFilePath = "${pkg}/share/wallpapers/${name}/contents/images/${src.name}"; 55 | }; 56 | 57 | meta = with lib; { 58 | inherit description; 59 | homepage = "https://github.com/NixOS/nixos-artwork"; 60 | license = licenses.free; 61 | platforms = platforms.all; 62 | }; 63 | }; 64 | in 65 | pkg; 66 | in 67 | mkNixBackground { 68 | name = "rednixos"; 69 | description = "RedNixOS Wallpaper"; 70 | src = stdenv.mkDerivation { 71 | name = "rednixos.png"; 72 | buildCommand = '' 73 | mkdir -p $out 74 | cp ${self}/home/RedNixOSWallpaper.png $out/ 75 | ''; 76 | }; 77 | } 78 | --------------------------------------------------------------------------------