From 172d68ebde790caf939a6f9dd7ea43c891c8efff Mon Sep 17 00:00:00 2001 From: Aaron Honeycutt Date: Wed, 31 Jan 2024 08:00:36 -0700 Subject: [PATCH] add: hosts folder --- hosts/aarch64/jaal/pbp.nix | 7 + hosts/aarch64/jaal/pinebook-pro.nix | 136 ++++++++++++++++++ hosts/aarch64/peebee/pinephone.nix | 90 ++++++++++++ hosts/aarch64/vetra/configuration.nix | 91 ++++++++++++ hosts/aarch64/vetra/flake.nix | 111 +++++++++++++++ hosts/aarch64/vetra/rpi4-example.nix | 56 ++++++++ hosts/flake.nix | 88 ++++++++++++ hosts/vm.nix | 8 ++ hosts/x86_64/darp9.nix | 9 ++ hosts/x86_64/galp4.nix | 9 ++ hosts/x86_64/garrus/configuration.nix | 9 ++ hosts/x86_64/gaze16-3050.nix | 17 +++ hosts/x86_64/harbinger.nix | 129 +++++++++++++++++ hosts/x86_64/harbinger/.gitkeep | 0 hosts/x86_64/harbinger/configuration.nix | 123 ++++++++++++++++ hosts/x86_64/harbinger/flake.nix | 99 +++++++++++++ hosts/x86_64/hp-omen.nix | 24 ++++ hosts/x86_64/joker/flake.nix | 143 +++++++++++++++++++ hosts/x86_64/lemp12.nix | 9 ++ hosts/x86_64/linode.nix | 173 +++++++++++++++++++++++ hosts/x86_64/oryp6.nix | 17 +++ hosts/x86_64/shepard/.gitkeep | 0 hosts/x86_64/shepard/configuration.nix | 18 +++ hosts/x86_64/shepard/flake.nix | 129 +++++++++++++++++ hosts/x86_64/sovereign.nix | 122 ++++++++++++++++ hosts/x86_64/sovereign/.gitkeep | 0 hosts/x86_64/sovereign/configuration.nix | 123 ++++++++++++++++ hosts/x86_64/sovereign/flake.nix | 111 +++++++++++++++ hosts/x86_64/thelio-nvidia.nix | 17 +++ hosts/x86_64/vm/.gitkeep | 0 hosts/x86_64/vm/flake.nix | 140 ++++++++++++++++++ 31 files changed, 2008 insertions(+) create mode 100644 hosts/aarch64/jaal/pbp.nix create mode 100644 hosts/aarch64/jaal/pinebook-pro.nix create mode 100644 hosts/aarch64/peebee/pinephone.nix create mode 100644 hosts/aarch64/vetra/configuration.nix create mode 100644 hosts/aarch64/vetra/flake.nix create mode 100644 hosts/aarch64/vetra/rpi4-example.nix create mode 100644 hosts/flake.nix create mode 100644 hosts/vm.nix create mode 100644 hosts/x86_64/darp9.nix create mode 100644 hosts/x86_64/galp4.nix create mode 100644 hosts/x86_64/garrus/configuration.nix create mode 100644 hosts/x86_64/gaze16-3050.nix create mode 100644 hosts/x86_64/harbinger.nix create mode 100644 hosts/x86_64/harbinger/.gitkeep create mode 100644 hosts/x86_64/harbinger/configuration.nix create mode 100644 hosts/x86_64/harbinger/flake.nix create mode 100644 hosts/x86_64/hp-omen.nix create mode 100644 hosts/x86_64/joker/flake.nix create mode 100644 hosts/x86_64/lemp12.nix create mode 100644 hosts/x86_64/linode.nix create mode 100644 hosts/x86_64/oryp6.nix create mode 100644 hosts/x86_64/shepard/.gitkeep create mode 100644 hosts/x86_64/shepard/configuration.nix create mode 100644 hosts/x86_64/shepard/flake.nix create mode 100644 hosts/x86_64/sovereign.nix create mode 100644 hosts/x86_64/sovereign/.gitkeep create mode 100644 hosts/x86_64/sovereign/configuration.nix create mode 100644 hosts/x86_64/sovereign/flake.nix create mode 100644 hosts/x86_64/thelio-nvidia.nix create mode 100644 hosts/x86_64/vm/.gitkeep create mode 100644 hosts/x86_64/vm/flake.nix diff --git a/hosts/aarch64/jaal/pbp.nix b/hosts/aarch64/jaal/pbp.nix new file mode 100644 index 0000000..d4f4b62 --- /dev/null +++ b/hosts/aarch64/jaal/pbp.nix @@ -0,0 +1,7 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "jaal"; + +} diff --git a/hosts/aarch64/jaal/pinebook-pro.nix b/hosts/aarch64/jaal/pinebook-pro.nix new file mode 100644 index 0000000..a078a47 --- /dev/null +++ b/hosts/aarch64/jaal/pinebook-pro.nix @@ -0,0 +1,136 @@ +{ config, pkgs, lib, ... }: + +{ + imports = + [ +# + ./hardware-configuration.nix +# ./programs.nix + ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelParams = [ "console=tty0" ]; + + boot.loader = { + efi = { + canTouchEfiVariables = false; + }; + + grub = { + enable = true; + efiInstallAsRemovable = true; + efiSupport = true; + version = 2; + device = "nodev"; + }; + }; + + boot.initrd.luks.devices = { + root = { + device = "/dev/sda"; + preLVM = true; + }; + }; + + boot.initrd.kernelModules = [ + # Rockchip modules + "rockchip_rga" + "rockchip_saradc" + "rockchip_thermal" + "rockchipdrm" + + # GPU/Display modules + "analogix_dp" + "cec" + "drm" + "drm_kms_helper" + "dw_hdmi" + "dw_mipi_dsi" + "gpu_sched" + "panel_edp" + "panel_simple" + "panfrost" + "pwm_bl" + + # USB / Type-C related modules + "fusb302" + "tcpm" + "typec" + + # Misc. modules + "cw2015_battery" + "gpio_charger" + "rtc_rk808" + ]; + + nix.settings.auto-optimise-store = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + networking = { + hostName = "jaal"; + networkmanager.enable = true; + }; + + # Set your time zone. + time.timeZone = "America/Denver"; + + environment.systemPackages = + with pkgs; + [ + firefox + git + git-lfs + neofetch + unzip + wget + ]; + + # Define user accounts + users.users.aaronh = { + description = "Aaron Honeycutt"; + home = "/home/aaronh"; + extraGroups = [ "wheel" "networkmanager" "adm"]; + isNormalUser = true; + hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx."; + + packages = with pkgs; [ + fish + ]; + + shell = pkgs.fish; + }; + + # Enable Pipewire + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + # Turn off PulseAudio + hardware.pulseaudio.enable = false; + + # Enable Bluetooth + hardware.bluetooth.enable = true; + + # Enable the OpenSSH daemon + services.openssh.enable = true; + + # Enable CUPS + services.printing.enable = true; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; + + # System + system.stateVersion = "23.11"; + system.autoUpgrade.enable = true; + +} diff --git a/hosts/aarch64/peebee/pinephone.nix b/hosts/aarch64/peebee/pinephone.nix new file mode 100644 index 0000000..6bb0749 --- /dev/null +++ b/hosts/aarch64/peebee/pinephone.nix @@ -0,0 +1,90 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + (import { device = "pine64-pinephone"; }) + ./hardware-configuration.nix + + ]; + + fileSystems."/mnt/ExtraDrive" = + { device = "/dev/disk/by-uuid/631d2b85-2e0b-4740-8b45-6147cf15193f"; + fsType = "ext4"; + }; + + # Kernel changes + # boot.kernelPackages = pkgs.linuxPackages_latest; + + nix.settings.auto-optimise-store = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + # NetworkManager + networking.wireless.enable = false; + networking.networkmanager.enable = true; + networking.hostName = "peebee"; + + # SSH + services.openssh = { + enable = true; + }; + + # Use PulseAudio + hardware.pulseaudio.enable = true; + + # Enable Bluetooth + hardware.bluetooth.enable = true; + + # Bluetooth audio + hardware.pulseaudio.package = pkgs.pulseaudioFull; + + # Enable power management options + powerManagement.enable = true; + + # It's recommended to keep enabled on these constrained devices + zramSwap.enable = true; + + # Auto-login for phosh + services.xserver.desktopManager.phosh = { + user = "aaronh"; + }; + + time.timeZone = "America/Denver"; + + users.users."aaronh" = { + isNormalUser = true; + description = "Aaron Honeycutt"; + hashedPassword = "$6$zOZeSMch129yV5i1$9E0sFdMo4qIBUZgPKgl5AXKlYNku12gv2owPy7FSpC2W4qMofTzoX2KFLmGxERdI8A7n0kyJElcUFQGIS940j1"; + extraGroups = [ + "dialout" + "feedbackd" + "networkmanager" + "video" + "wheel" + ]; + + # GUI + packages = with pkgs; [ + portfolio-filemanager + + # CLI + grim + ]; + }; + + # Remove GNOME packages + environment.gnome.excludePackages = (with pkgs; [ + gnome-photos + gnome-tour + ]); + + environment.systemPackages = (with pkgs; [ + # rest of your packages + ]); + + system.stateVersion = "23.11"; diff --git a/hosts/aarch64/vetra/configuration.nix b/hosts/aarch64/vetra/configuration.nix new file mode 100644 index 0000000..3e83893 --- /dev/null +++ b/hosts/aarch64/vetra/configuration.nix @@ -0,0 +1,91 @@ +{ config, pkgs, lib, ... }: + +{ + imports = [ +# + ./home-assistant.nix +# ./gnome.nix +# ./programs.nix + ]; + +# boot.kernelPackages = pkgs.linuxPackages_latest; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + fileSystems = { + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + options = [ "noatime" ]; + }; + }; + + networking = { + hostName = "vetra"; + networkmanager.enable = true; + }; + + # Set your time zone. + time.timeZone = "America/Denver"; + + environment.systemPackages = + with pkgs; + [ + fish + git + neofetch + restic + wget + ]; + + # Define user accounts + users.users.aaronh = { + description = "Aaron Honeycutt"; + home = "/home/aaronh"; + extraGroups = [ "wheel" "networkmanager" "adm"]; + isNormalUser = true; + shell = pkgs.fish; + hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx."; + }; + + programs.fish.enable = true; + + # Enable Pipewire + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + # Turn off PulseAudio + hardware.pulseaudio.enable = false; + + # Enable Bluetooth + hardware.bluetooth.enable = true; + + # Enable SSH + services.openssh.enable = true; + + # Enable CUPS + services.printing.enable = true; + + # Enable GPU acceleration + hardware.raspberry-pi."4".fkms-3d.enable = true; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; + + services.hydra = { + enable = false; + hydraURL = "http://localhost:3000"; + notificationSender = "hydra@localhost"; + buildMachinesFiles = []; + useSubstitutes = true; + }; + + # System + system.stateVersion = "22.11"; + system.autoUpgrade.enable = true; +} diff --git a/hosts/aarch64/vetra/flake.nix b/hosts/aarch64/vetra/flake.nix new file mode 100644 index 0000000..0764a0d --- /dev/null +++ b/hosts/aarch64/vetra/flake.nix @@ -0,0 +1,111 @@ +{ + description = "Vetra"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/release-23.05"; + home-manager = { + url = "github:nix-community/home-manager/release-22.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + }; + + outputs = { self, nixpkgs, nixos-hardware, ... }@inputs: { + nixosConfigurations = { + "vetra" = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here + nixos-hardware.nixosModules.raspberry-pi-4 +# ./configuration.nix + + ({config, pkgs, ...}: { + fileSystems = { + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + options = [ "noatime" ]; + }; + + "/mnt/ExtraDrive" = { + device = "/dev/disk/by-uuid/72315f9e-ceda-4152-8e8d-09590affba28"; + fsType = "ext4"; + }; + }; + + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + networking = { + hostName = "vetra"; + networkmanager.enable = true; + }; + + time.timeZone = "America/Denver"; + + environment.systemPackages = with pkgs; [ + fish + git + neofetch + restic + wget + ]; + + users.users.aaronh = { + description = "Aaron Honeycutt"; + home = "/home/aaronh"; + extraGroups = [ "wheel" "networkmanager" "adm" ]; + isNormalUser = true; + shell = pkgs.fish; + hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx."; + }; + + programs.fish.enable = true; + + # Enable Pipewire + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + # Turn off PulseAudio + hardware.pulseaudio.enable = false; + + # Enable Bluetooth + hardware.bluetooth.enable = true; + + # Enable SSH + services.openssh.enable = true; + + # Enable CUPS + services.printing.enable = true; + + # Enable GPU Acceleration + hardware.raspberry-pi."4".fkms-3d.enable = true; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; + + # System + system = { + stateVersion = "23.05"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} diff --git a/hosts/aarch64/vetra/rpi4-example.nix b/hosts/aarch64/vetra/rpi4-example.nix new file mode 100644 index 0000000..1903f87 --- /dev/null +++ b/hosts/aarch64/vetra/rpi4-example.nix @@ -0,0 +1,56 @@ +{ config, pkgs, lib, ... }: + +let + SSID = "Honeycutt-5G"; + SSIDpassword = "Frappe92"; + interface = "wlan0"; + hostname = "NixOS"; +in { + imports = ["${fetchTarball "https://github.com/NixOS/nixos-hardware/archive/936e4649098d6a5e0762058cb7687be1b2d90550.tar.gz" }/raspberry-pi/4"]; + + fileSystems = { + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + options = [ "noatime" ]; + }; + }; + + networking = { + hostName = "NixOS"; + networkmanager.enable = true; + + wireless = { + enable = true; + networks."${SSID}".psk = SSIDpassword; + interfaces = [ interface ]; + }; + }; + + # Set your time zone. + time.timeZone = "America/Denver"; + + environment.systemPackages = with pkgs; [ vim ]; + + services.openssh.enable = true; + + # Define user accounts + users.extraUsers.aaronh = { + description = "Aaron Honeycutt"; + home = "/home/aaronh"; + extraGroups = [ "wheel" "networkmanager" "adm"]; + isNormalUser = true; + hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx."; + }; + + # Enable GPU acceleration + hardware.raspberry-pi."4".fkms-3d.enable = true; + + services.xserver = { + enable = true; + displayManager.lightdm.enable = true; + desktopManager.xfce.enable = true; + }; + + hardware.pulseaudio.enable = true; +} diff --git a/hosts/flake.nix b/hosts/flake.nix new file mode 100644 index 0000000..9025db0 --- /dev/null +++ b/hosts/flake.nix @@ -0,0 +1,88 @@ +{ + description = "VM"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/release-23.11"; + disko = { + url = github:nix-community/disko; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + + outputs = { self, nixpkgs, disko, ... }@inputs: { + nixosConfigurations = { + "vm" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here +# ./configuration.nix + disko.nixosModules.disko + ./disko-config.nix + { + _module.args.disks = [ "/dev/vda" ]; + } + ./hardware-configuration.nix + + ({config, pkgs, ...}: { + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + }; + + boot = { + kernelPackages = pkgs.linuxPackages_latest; + + loader = { + systemd-boot.enable = true; + systemd-boot.consoleMode = "0"; + }; + + }; + + networking = { + hostName = "vm"; + networkmanager.enable = true; + }; + + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + environment.systemPackages = with pkgs; [ + git + git-lfs + neofetch + tree + wget + ]; + + services.openssh = { + enable = true; + settings.PermitRootLogin = "no"; + }; + + system = { + stateVersion = "23.11"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} + diff --git a/hosts/vm.nix b/hosts/vm.nix new file mode 100644 index 0000000..7d9979c --- /dev/null +++ b/hosts/vm.nix @@ -0,0 +1,8 @@ +{ config, pkgs, ... }: + +{ + # Add kernel parameters for virtual machines + boot.kernelParams = [ "vfio-pci.ids=8086:9b41" "qxl" "bochs_drm"]; + + networking.hostName = "vm"; +} diff --git a/hosts/x86_64/darp9.nix b/hosts/x86_64/darp9.nix new file mode 100644 index 0000000..59cbbd4 --- /dev/null +++ b/hosts/x86_64/darp9.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "darp9"; + + # System76 + hardware.system76.enableAll = true; +} diff --git a/hosts/x86_64/galp4.nix b/hosts/x86_64/galp4.nix new file mode 100644 index 0000000..0203dc3 --- /dev/null +++ b/hosts/x86_64/galp4.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "galp4"; + + # System76 + hardware.system76.enableAll = true; +} diff --git a/hosts/x86_64/garrus/configuration.nix b/hosts/x86_64/garrus/configuration.nix new file mode 100644 index 0000000..37527a8 --- /dev/null +++ b/hosts/x86_64/garrus/configuration.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "garrus"; + + # System76 + hardware.system76.enableAll = true; +} diff --git a/hosts/x86_64/gaze16-3050.nix b/hosts/x86_64/gaze16-3050.nix new file mode 100644 index 0000000..6555676 --- /dev/null +++ b/hosts/x86_64/gaze16-3050.nix @@ -0,0 +1,17 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "gaze16-3050"; + + # System76 + hardware.system76.enableAll = true; + + # NVIDIA + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.opengl.enable = true; + hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; +} diff --git a/hosts/x86_64/harbinger.nix b/hosts/x86_64/harbinger.nix new file mode 100644 index 0000000..6d376dd --- /dev/null +++ b/hosts/x86_64/harbinger.nix @@ -0,0 +1,129 @@ +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix +# ./unstable.nix + ./ahoneybun-net.nix + ./tildecafe-com.nix + ./rockymtnlug-org.nix + ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelParams = [ "console=ttyS0,19200n8" ]; + + nix.settings.auto-optimise-store = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + boot.loader.grub.device = "nodev"; # or "nodev" for efi only + boot.loader.timeout = 10; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + networking.extraHosts = + '' + 23.32.241.51 r3.o.lencr.org + ''; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + networking.hostName = "harbinger"; + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + git-lfs + jekyll + mtr + neofetch + rubyPackages.webrick + rubyPackages.jekyll-feed + rubyPackages.jekyll-redirect-from + sysstat + tree + wget + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + permitRootLogin = "no"; + }; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + networking.usePredictableInterfaceNames = false; + networking.useDHCP = false; + networking.interfaces.eth0.useDHCP = true; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + system.stateVersion = "22.11"; # Did you read the comment? + +} diff --git a/hosts/x86_64/harbinger/.gitkeep b/hosts/x86_64/harbinger/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/hosts/x86_64/harbinger/configuration.nix b/hosts/x86_64/harbinger/configuration.nix new file mode 100644 index 0000000..04a6f1d --- /dev/null +++ b/hosts/x86_64/harbinger/configuration.nix @@ -0,0 +1,123 @@ +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix +# ./unstable.nix + ./ahoneybun-net.nix + ./mc-ahoneybun-net.nix +# ./nextcloud.nix + ./tildecafe-com.nix + ./rockymtnlug-org.nix +# ./chat-rockymtnlug-org.nix + ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelParams = [ "console=ttyS0,19200n8" ]; + + nix.settings.auto-optimise-store = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + boot.loader.grub.device = "nodev"; # or "nodev" for efi only + boot.loader.timeout = 10; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + networking.extraHosts = + '' + 23.32.241.51 r3.o.lencr.org + ''; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + networking.hostName = "harbinger"; + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + git-lfs + mtr + neofetch + sysstat + tree + wget + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + permitRootLogin = "no"; + }; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + networking.usePredictableInterfaceNames = false; + networking.useDHCP = false; + networking.interfaces.eth0.useDHCP = true; + + system.stateVersion = "22.11"; # Did you read the comment? + system.autoUpgrade.enable = true; +} + diff --git a/hosts/x86_64/harbinger/flake.nix b/hosts/x86_64/harbinger/flake.nix new file mode 100644 index 0000000..64dc310 --- /dev/null +++ b/hosts/x86_64/harbinger/flake.nix @@ -0,0 +1,99 @@ +{ + description = "Harbinger"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/release-23.05"; + }; + + outputs = { self, nixpkgs, ... }@inputs: { + nixosConfigurations = { + "harbinger" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here +# ./configuration.nix + ./hardware-configuration.nix + ./ahoneybun-net.nix + ./tildecafe-com.nix + ./rockymtnlug-org.nix + + ({config, pkgs, ...}: { + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + boot = { + kernelPackages = pkgs.linuxPackages_latest; + kernelParams = [ "console=ttyS0,1920n8" ]; + + loader.grub.enable = true; + loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + loader.grub.device = "nodev"; # or "nodev" for efi only + loader.timeout = 10; + }; + + networking = { + hostName = "harbinger"; + + firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + usePredictableInterfaceNames = false; + useDHCP = false; + interfaces.eth0.useDHCP = true; + + }; + + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + git-lfs + mtr + neofetch + sysstat + tree + wget + ]; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + services.openssh = { + enable = true; + settings.PermitRootLogin = "no"; + }; + + system = { + stateVersion = "23.05"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} diff --git a/hosts/x86_64/hp-omen.nix b/hosts/x86_64/hp-omen.nix new file mode 100644 index 0000000..f5eab2c --- /dev/null +++ b/hosts/x86_64/hp-omen.nix @@ -0,0 +1,24 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "hp-omen"; + + # NVIDIA + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.opengl.enable = true; + hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; + + ## Enable 32 Bit libraries for applications like Steam + hardware.opengl.driSupport32Bit = true; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; + + environment.systemPackages = + with pkgs; + [ + steam + ]; + +} diff --git a/hosts/x86_64/joker/flake.nix b/hosts/x86_64/joker/flake.nix new file mode 100644 index 0000000..62cd867 --- /dev/null +++ b/hosts/x86_64/joker/flake.nix @@ -0,0 +1,143 @@ +{ + description = "Joker"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/release-23.11"; + }; + + outputs = { self, nixpkgs, ... }@inputs: { + nixosConfigurations = { + "thelio-b1" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here +# ./configuration.nix + ./hardware-configuration.nix + + ({config, pkgs, ...}: { + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + nixpkgs.config.allowUnfree = true; + + boot = { + initrd.luks.devices = { + root = { + device = "/dev/nvme0n1p2"; + preLVM = true; + }; + }; + + # kernelPackages = pkgs.linuxPackages_latest; + # kernelParams = [ "console=ttyS0,1920n8" ]; + + loader.systemd-boot.enable = true; + loader.systemd-boot.consoleMode = "0"; + }; + + networking = { + hostName = "thelio-b1"; + networkmanager.enable = true; + }; + + users.users.aaronh = { + description = "Aaron Honeycutt"; + home = "/home/aaronh"; + isNormalUser = true; + shell = pkgs.fish; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + mdbook + neofetch + restic + roboto-slab + rustc + + # GUI + signal-desktop + youtube-music + ]; + }; + + programs.fish.enable = true; + + environment.systemPackages = with pkgs; [ + avahi + cosmic-edit + dmidecode + firefox + libcamera + lshw + nix-index + sysstat + tree + unzip + wget + + gnome.dconf-editor + ]; + + # GNOME + services.xserver = { + enable = true; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + }; + + # Remove GNOME packages + environment.gnome.excludePackages = (with pkgs; [ + epiphany # web browser + gnome.geary + gnome.gnome-software + gnome-connections + gnome-photos + gnome-tour + ]); + + # Services + services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + + hardware.pulseaudio.enable = false; + + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + services = { + fwupd.enable = true; + printing.enable = true; + openssh.enable = true; + }; + + services.avahi = { + enable = true; + nssmdns = true; + openFirewall = true; + }; + + system = { + stateVersion = "23.11"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} diff --git a/hosts/x86_64/lemp12.nix b/hosts/x86_64/lemp12.nix new file mode 100644 index 0000000..2d3a183 --- /dev/null +++ b/hosts/x86_64/lemp12.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "lemp12"; + + # System76 + hardware.system76.enableAll = true; +} diff --git a/hosts/x86_64/linode.nix b/hosts/x86_64/linode.nix new file mode 100644 index 0000000..018a464 --- /dev/null +++ b/hosts/x86_64/linode.nix @@ -0,0 +1,173 @@ +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix +# ./unstable.nix + ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelParams = [ "console=ttyS0,19200n8" ]; + + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + + nix.settings.extra-platforms = [ "aarch64-linux" ]; + nix.settings.auto-optimise-store = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + nix.buildMachines = [{ + hostName = "localhost"; + systems = ["x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin"]; + supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; + maxJobs = 8; + }]; + + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + boot.loader.grub.device = "nodev"; # or "nodev" for efi only + boot.loader.timeout = 10; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + networking.extraHosts = + '' + 23.32.241.51 r3.o.lencr.org + ''; + + fileSystems."/mnt/swapfile" = + { device = "/dev/disk/by-uuid/82672991-fe8a-485a-8dcf-7c8ae1282b6c"; + fsType = "ext4"; + }; + + services.hydra = { + enable = true; + hydraURL = "localhost:3000"; + notificationSender = "hydra@localhost"; + #buildMachinesFiles = []; + useSubstitutes = true; + }; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + networking.hostName = "nixos-server"; # Define your hostname. + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + flatpak + git + git-lfs + just + ]; + }; + + users.users.nathanielw = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; + packages = with pkgs; [ + neofetch + ]; + }; + + users.users.builder = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + packages = with pkgs; [ + neofetch + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + inetutils + mtr + neofetch + sysstat + toybox + tree + wget + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + permitRootLogin = "yes"; + }; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + networking.usePredictableInterfaceNames = false; + networking.useDHCP = false; + networking.interfaces.eth0.useDHCP = true; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + +} diff --git a/hosts/x86_64/oryp6.nix b/hosts/x86_64/oryp6.nix new file mode 100644 index 0000000..1a5ccc5 --- /dev/null +++ b/hosts/x86_64/oryp6.nix @@ -0,0 +1,17 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "oryp6"; + + # System76 + hardware.system76.enableAll = true; + + # NVIDIA + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.opengl.enable = true; + hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; +} diff --git a/hosts/x86_64/shepard/.gitkeep b/hosts/x86_64/shepard/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/hosts/x86_64/shepard/configuration.nix b/hosts/x86_64/shepard/configuration.nix new file mode 100644 index 0000000..95a0a99 --- /dev/null +++ b/hosts/x86_64/shepard/configuration.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "shepard"; + + ## Enable 32 Bit libraries for applications like Steam + hardware.opengl.driSupport32Bit = true; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; + + environment.systemPackages = + with pkgs; + [ + steam + ]; +} diff --git a/hosts/x86_64/shepard/flake.nix b/hosts/x86_64/shepard/flake.nix new file mode 100644 index 0000000..4b26bab --- /dev/null +++ b/hosts/x86_64/shepard/flake.nix @@ -0,0 +1,129 @@ +{ + description = "Shepard"; + + inputs = { +# nixpkgs.url = "github:NixOS/nixpkgs/release-23.05"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + }; + + outputs = { self, nixpkgs-unstable, nixos-hardware, ... }@inputs: { + nixosConfigurations = { + "shepard" = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here +# nixos-hardware.nixosModules.raspberry-pi-4 +# ./configuration.nix + ./hardware-configuration.nix + ./gnome.nix + + ({config, pkgs, ...}: { + + # Latest kernel + boot.kernelPackages = pkgs.linuxPackages_latest; + + boot.loader = { + systemd-boot.enable = true; + systemd-boot.consoleMode = "0"; + }; + + boot.initrd.luks.devices = { + root = { + device = "/dev/nvme1n1p2"; + preLVM = true; + }; + }; + + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + networking = { + hostName = "shepard"; + networkmanager.enable = true; + }; + + time.timeZone = "America/Denver"; + + # Stable + environment.systemPackages = with pkgs; [ + avahi + cargo + cosmic-edit + dmidecode + fire + firefox + fish + git + git-lfs + libcamera + lshw + roboto-slab + neofetch + restic + unzip + wget + xz + ]; + + users.users.aaronh = { + description = "Aaron Honeycutt"; + home = "/home/aaronh"; + extraGroups = [ "wheel" "networkmanager" "adm" ]; + isNormalUser = true; + shell = pkgs.fish; + hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx."; + + packages = with pkgs; [ + signal-desktop + youtube-music + ]; + }; + + programs.fish.enable = true; + + # Enable Pipewire + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + # Turn off PulseAudio + hardware.pulseaudio.enable = false; + + # Enable Bluetooth + hardware.bluetooth.enable = true; + + # Enable SSH + services.openssh.enable = true; + + # Enable CUPS + services.printing.enable = true; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; + + # System + system = { + stateVersion = "23.11"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} diff --git a/hosts/x86_64/sovereign.nix b/hosts/x86_64/sovereign.nix new file mode 100644 index 0000000..b61b256 --- /dev/null +++ b/hosts/x86_64/sovereign.nix @@ -0,0 +1,122 @@ +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix +# ./unstable.nix + ./stoners-space.nix + ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelParams = [ "console=ttyS0,19200n8" ]; + + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + + nix.settings.extra-platforms = [ "aarch64-linux" ]; + nix.settings.auto-optimise-store = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + nix.buildMachines = [{ + hostName = "localhost"; + systems = ["x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin"]; + supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; + maxJobs = 8; + }]; + + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + boot.loader.grub.device = "nodev"; # or "nodev" for efi only + boot.loader.timeout = 10; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + networking.extraHosts = + '' + 23.32.241.51 r3.o.lencr.org + ''; + + # fileSystems."/mnt/swapfile" = + # { device = "/dev/disk/by-uuid/82672991-fe8a-485a-8dcf-7c8ae1282b6c"; + # fsType = "ext4"; + # }; + + # services.hydra = { + # enable = true; + # hydraURL = "localhost:3000"; + # notificationSender = "hydra@localhost"; + # useSubstitutes = true; + # }; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + networking.hostName = "sovereign"; + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + users.users.builder = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + packages = with pkgs; [ + neofetch + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + mtr + neofetch + sysstat + tree + wget + ]; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + permitRootLogin = "no"; + }; + + networking.usePredictableInterfaceNames = false; + networking.useDHCP = false; + networking.interfaces.eth0.useDHCP = true; + + system.stateVersion = "22.11"; # Did you read the comment? + +} diff --git a/hosts/x86_64/sovereign/.gitkeep b/hosts/x86_64/sovereign/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/hosts/x86_64/sovereign/configuration.nix b/hosts/x86_64/sovereign/configuration.nix new file mode 100644 index 0000000..02e5160 --- /dev/null +++ b/hosts/x86_64/sovereign/configuration.nix @@ -0,0 +1,123 @@ +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix +# ./unstable.nix + ./stoners-space.nix + ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelParams = [ "console=ttyS0,19200n8" ]; + + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + + nix.settings.extra-platforms = [ "aarch64-linux" ]; + nix.settings.auto-optimise-store = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + nix.buildMachines = [{ + hostName = "localhost"; + systems = ["x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin"]; + supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; + maxJobs = 8; + }]; + + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + boot.loader.grub.device = "nodev"; # or "nodev" for efi only + boot.loader.timeout = 10; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + networking.extraHosts = + '' + 23.32.241.51 r3.o.lencr.org + ''; + + # fileSystems."/mnt/swapfile" = + # { device = "/dev/disk/by-uuid/82672991-fe8a-485a-8dcf-7c8ae1282b6c"; + # fsType = "ext4"; + # }; + + # services.hydra = { + # enable = true; + # hydraURL = "localhost:3000"; + # notificationSender = "hydra@localhost"; + # useSubstitutes = true; + # }; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + networking.hostName = "sovereign"; + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + users.users.builder = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + packages = with pkgs; [ + neofetch + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + inetutils + mtr + neofetch + sysstat + tree + wget + ]; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + permitRootLogin = "no"; + }; + + networking.usePredictableInterfaceNames = false; + networking.useDHCP = false; + networking.interfaces.eth0.useDHCP = true; + + system.stateVersion = "22.11"; # Did you read the comment? + system.autoUpgrade.enable = true; +} + diff --git a/hosts/x86_64/sovereign/flake.nix b/hosts/x86_64/sovereign/flake.nix new file mode 100644 index 0000000..8e4eff1 --- /dev/null +++ b/hosts/x86_64/sovereign/flake.nix @@ -0,0 +1,111 @@ +{ + description = "Sovereign"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/release-23.05"; + }; + + outputs = { self, nixpkgs, ... }@inputs: { + nixosConfigurations = { + "sovereign" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here +# ./configuration.nix + ./hardware-configuration.nix + ./stoners-space.nix + + ({config, pkgs, ...}: { + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + settings.extra-platforms = [ "aarch64-linux" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + buildMachines = [{ + hostName = "localhost"; + systems = [ "x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin" ]; + supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ]; + maxJobs = 8; + }]; + + }; + + boot = { + kernelPackages = pkgs.linuxPackages_latest; + kernelParams = [ "console=ttyS0,1920n8" ]; + + binfmt.emulatedSystems = [ "aarch64-linux" ]; + + loader.grub.enable = true; + loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + loader.grub.device = "nodev"; # or "nodev" for efi only + loader.timeout = 10; + }; + + networking = { + hostName = "sovereign"; + + firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + usePredictableInterfaceNames = false; + useDHCP = false; + interfaces.eth0.useDHCP = true; + + }; + + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + git-lfs + mtr + neofetch + sysstat + tree + wget + ]; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + services.openssh = { + enable = true; + settings.PermitRootLogin = "no"; + }; + + system = { + stateVersion = "23.05"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} diff --git a/hosts/x86_64/thelio-nvidia.nix b/hosts/x86_64/thelio-nvidia.nix new file mode 100644 index 0000000..9cd7d3a --- /dev/null +++ b/hosts/x86_64/thelio-nvidia.nix @@ -0,0 +1,17 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "thelio-b1"; + + # System76 + hardware.system76.enableAll = true; + + # NVIDIA + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.opengl.enable = true; + hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; +} diff --git a/hosts/x86_64/vm/.gitkeep b/hosts/x86_64/vm/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/hosts/x86_64/vm/flake.nix b/hosts/x86_64/vm/flake.nix new file mode 100644 index 0000000..28bef95 --- /dev/null +++ b/hosts/x86_64/vm/flake.nix @@ -0,0 +1,140 @@ +{ + description = "nixos-vm"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; + }; + + outputs = { self, nixpkgs, ... }@inputs: { + nixosConfigurations = { + "nixos-vm" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here +# ./configuration.nix + ./hardware-configuration.nix + + ({config, pkgs, ...}: { + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + nixpkgs.config.allowUnfree = true; + + boot = { + initrd.luks.devices = { + root = { + device = "/dev/sda"; + preLVM = true; + }; + }; + + # kernelPackages = pkgs.linuxPackages_latest; + kernelParams = [ "console=ttyS0,1920n8" ]; + + binfmt.emulatedSystems = [ "aarch64-linux" ]; + + loader.systemd-boot.enable = true; + loader.systemd-boot.consoleMode = "0"; + }; + + networking = { + hostName = "nixos-vm"; + networkmanager.enable = true; + }; + + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + mdbook + neofetch + restic + roboto-slab + + firefox + ]; + }; + + # GNOME + services.xserver = { + enable = true; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + }; + + environment.systemPackages = (with pkgs; [ + avahi + dmidecode + libcamera + lshw + nix-index + sysstat + tree + unzip + wget + + # Add GNOME packages + gnome.dconf-editor + gnome.gnome-tweaks + gnomeExtensions.appindicator + gnomeExtensions.pop-shell + gnomeExtensions.pop-launcher-super-key + ]); + + # Remove GNOME packages + environment.gnome.excludePackages = (with pkgs; [ + epiphany # web browser + gnome.geary + gnome.gnome-software + gnome-connections + gnome-photos + gnome-tour + ]); + + # Services + services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + + hardware.pulseaudio.enable = false; + + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + services = { + fwupd.enable = true; + printing.enable = true; + openssh.enable = true; + }; + + services.avahi = { + enable = true; + nssmdns = true; + openFirewall = true; + }; + + system = { + stateVersion = "23.05"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +}