diff --git a/README.md b/README.md index 878a6a6..571c9a3 100644 --- a/README.md +++ b/README.md @@ -29,19 +29,12 @@ sudo nix-channel --add https://github.com/NixOS/nixos-hardware/archive/master.ta sudo nix-channel --update ``` -- `hp-omen.nix` : This file is mainly for my HP Omen to add and enable the NVIDIA driver from stable - `linode.nix` : This file is for a Linode instance though it might work for other server setups - `sovereign.nix` : This file is for the Linode instance that hosts https://stoners.space which is a Mastodon instance - `harbinger.nix` : This file is for the Linode instance that hosts the following sites: - https://ahoneybun.net/ - https://rockymountainlinuxfest.org/ - https://tildecafe.com/ -- `oryp6.nix` : This file is mainly for my work System76 Oryx Pro (oryp6) to add and enable the NVIDIA driver from stable -- `rpi4.nix` : This file is to configure a Raspberry Pi 4B (Vetra Nyx) -- `pinebook-pro.nix` : This file is to configure a PineBook Pro (Jaal Ama Darav) -- `pinephone.nix` : This file is to configure a PinePhone (PeeBee) -- `galp3-b.nix` : This file is for my personal System76 Galago Pro (galp3-b). -- `galp4.nix` : This file is for my work System76 Galago Pro (galp4). ## Shell Nix files: (nix-configs/shell/) diff --git a/configuration.nix b/configuration.nix index 811a957..e416a06 100644 --- a/configuration.nix +++ b/configuration.nix @@ -12,7 +12,6 @@ # Latest kernel boot.kernelPackages = pkgs.linuxPackages_latest; - boot.kernelParams = [ "vfio-pci.ids=8086:9b41" "qxl" "bochs_drm"]; boot.loader = { systemd-boot.enable = true; @@ -66,16 +65,7 @@ hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx."; packages = with pkgs; [ - # Fonts - fira - fira-mono - firefox - mdbook - restic - roboto-slab - neofetch - thunderbird ]; }; @@ -89,8 +79,13 @@ avahi cargo dmidecode + fira + firefox + git + git-lfs libcamera lshw + roboto-slab nix-index unzip wget @@ -126,7 +121,7 @@ }; # System - system.stateVersion = "22.11"; + system.stateVersion = "23.05"; system.autoUpgrade.enable = true; } diff --git a/desktops/gnome.nix b/desktops/gnome.nix index 33858c9..d58b3c7 100644 --- a/desktops/gnome.nix +++ b/desktops/gnome.nix @@ -10,7 +10,6 @@ # Add GNOME packages environment.systemPackages = (with pkgs; [ - amberol gnome.dconf-editor gnome.gnome-tweaks gnomeExtensions.appindicator diff --git a/desktops/herbstluftwm.nix b/desktops/herbstluftwm.nix new file mode 100644 index 0000000..fd88d14 --- /dev/null +++ b/desktops/herbstluftwm.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: + +{ + # Start herbstluftwm + services.xserver = { + enable = true; + displayManager.gdm.enable = true; + windowManager.herbstluftwm.enable = true; + }; + + environment.systemPackages = (with pkgs; [ + polybar # status bar + rofi # launcher + ]); +} + + + diff --git a/home.nix b/home.nix index 192796d..57b98a8 100644 --- a/home.nix +++ b/home.nix @@ -14,13 +14,18 @@ # You can update Home Manager without changing this value. See # the Home Manager release notes for a list of state version # changes in each release. - home.stateVersion = "22.11"; + home.stateVersion = "23.05"; nixpkgs.config.allowUnfree = true; home.packages = with pkgs; [ + # GUI spotify vscode + + # CLI + mdbook + neofetch ]; programs.bash = { @@ -62,7 +67,6 @@ programs.command-not-found.enable = true; - programs.firefox.enable = true; programs.gh.enable = true; # Let Home Manager install and manage itself. diff --git a/systems/COSMIC-configuration.nix b/systems/COSMIC-configuration.nix new file mode 100644 index 0000000..d0efbac --- /dev/null +++ b/systems/COSMIC-configuration.nix @@ -0,0 +1,162 @@ + Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, inputs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ./cachix.nix + ]; + # make ready for nix flakes which are experimental... + nix.package = pkgs.nixFlakes; + nix.extraOptions = '' + experimental-features = nix-command flakes + ''; + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "nixos"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "America/New_York"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + # Enable the GNOME Desktop Environment. + services.xserver.displayManager.gdm.enable = true; + services.xserver.displayManager.gdm.wayland = true; + services.xserver.desktopManager.gnome.enable = true; + services.xserver.displayManager.sessionPackages = [ inputs.cosmic-session.packages.x86_64-linux.default ]; + services.xserver.displayManager.defaultSession = "cosmic"; + # Configure keymap in X11 + services.xserver = { + layout = "us"; + xkbVariant = ""; + }; + + # Enable CUPS to print documents. + services.printing.enable = true; + + programs.gnupg.agent = { + enable = true; + pinentryFlavor = "gnome3"; + enableSSHSupport = true; + }; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.ashley = { + isNormalUser = true; + description = "Ashley Wulber"; + extraGroups = [ "networkmanager" "wheel" ]; + packages = with pkgs; [ + firefox + git + git-crypt + gnupg + pinentry + # thunderbird + ]; + }; + + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + cachix + vim + xdg-desktop-portal-gtk + inputs.cosmic-session.packages.x86_64-linux.default + inputs.cosmic-comp.packages.x86_64-linux.default + inputs.cosmic-panel.packages.x86_64-linux.default + inputs.cosmic-applibrary.packages.x86_64-linux.default + inputs.cosmic-launcher.packages.x86_64-linux.default + inputs.cosmic-settings.packages.x86_64-linux.default + inputs.cosmic-applets.packages.x86_64-linux.default + # inputs.cosmic-notifications.packages.x86_64-linux.default + inputs.cosmic-osd.packages.x86_64-linux.default + inputs.cosmic-workspaces.packages.x86_64-linux.default + inputs.cosmic-bg.packages.x86_64-linux.default + inputs.xdg-desktop-portal-cosmic.packages.x86_64-linux.default + inputs.cosmic-settings-daemon.packages.x86_64-linux.default + ]; + + services.dbus.implementation = "broker"; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "23.05"; # Did you read the comment? + +} diff --git a/systems/COSMIC-flake.nix b/systems/COSMIC-flake.nix new file mode 100644 index 0000000..d44fb4b --- /dev/null +++ b/systems/COSMIC-flake.nix @@ -0,0 +1,41 @@ +{ + description = "Aaron's System Config"; + + inputs = { + nixpkgs.url = "nixpkgs/nixos-23.05"; + cosmic-comp.url = "github:pop-os/cosmic-comp/master_jammy"; + cosmic-panel.url = "github:pop-os/cosmic-panel/master_jammy"; + cosmic-settings.url = "github:pop-os/cosmic-settings/master_jammy"; + cosmic-settings-daemon.url = "github:pop-os/cosmic-settings-daemon/master_jammy"; + cosmic-launcher.url = "github:pop-os/cosmic-launcher/master_jammy"; + cosmic-applibrary.url = "github:pop-os/cosmic-applibrary/master_jammy"; + cosmic-session.url = "github:pop-os/cosmic-session/ab26218ab2139dc884a66bdb57f6216b248670bf"; + cosmic-applets.url = "github:pop-os/cosmic-applets/58c27e88603ad47479115b632d2fa87579d8fa39"; + cosmic-workspaces.url = "github:pop-os/cosmic-workspaces-epoch/717c454a7e31c4ffc8baf6c1d1c90fd74a223e55"; + cosmic-osd.url = "github:pop-os/cosmic-osd/b6d93f736d4b9ab3df4cceafaf59cd8c95859ed6"; + cosmic-bg.url = "github:pop-os/cosmic-bg/master_jammy"; + xdg-desktop-portal-cosmic.url = "github:pop-os/xdg-desktop-portal-cosmic/master_jammy"; + }; + + outputs = { self, nixpkgs, cosmic-comp, cosmic-session, cosmic-panel, cosmic-applets, cosmic-settings, cosmic-settings-daemon, cosmic-launcher, cosmic-applibrary, cosmic-workspaces, cosmic-osd, xdg-desktop-portal-cosmic, cosmic-bg }@attrs: let + system = "x86_64-linux"; + pkgs = import nixpkgs { + inherit system; + config = { allowUnfree = true; }; + }; + cosmic-session.inputs.nixpkgs.follows = "nixpkgs"; + + lib = nixpkgs.lib; + + in { + nixosConfigurations = { + nixos = lib.nixosSystem { + inherit system; + specialArgs.inputs = attrs; + modules = [ + ./configuration.nix + ]; + }; + }; + }; +} diff --git a/systems/pbp.nix b/systems/aarch64/jaal/pbp.nix similarity index 64% rename from systems/pbp.nix rename to systems/aarch64/jaal/pbp.nix index 52054d4..d4f4b62 100644 --- a/systems/pbp.nix +++ b/systems/aarch64/jaal/pbp.nix @@ -2,6 +2,6 @@ { # Name your host machine - networking.hostName = "Jaal"; + networking.hostName = "jaal"; } diff --git a/systems/pinebook-pro.nix b/systems/aarch64/jaal/pinebook-pro.nix similarity index 99% rename from systems/pinebook-pro.nix rename to systems/aarch64/jaal/pinebook-pro.nix index af1193d..aef143f 100644 --- a/systems/pinebook-pro.nix +++ b/systems/aarch64/jaal/pinebook-pro.nix @@ -64,7 +64,7 @@ }; networking = { - hostName = "pbp"; + hostName = "jaal"; networkmanager.enable = true; }; diff --git a/systems/pinephone.nix b/systems/aarch64/peebee/pinephone.nix similarity index 59% rename from systems/pinephone.nix rename to systems/aarch64/peebee/pinephone.nix index e2217fe..6bb0749 100644 --- a/systems/pinephone.nix +++ b/systems/aarch64/peebee/pinephone.nix @@ -7,16 +7,27 @@ ]; - networking.hostName = "Peebee"; - time.timeZone = "America/Denver"; + fileSystems."/mnt/ExtraDrive" = + { device = "/dev/disk/by-uuid/631d2b85-2e0b-4740-8b45-6147cf15193f"; + fsType = "ext4"; + }; - # - # Opinionated defaults - # - - # Use Network Manager + # Kernel changes + # boot.kernelPackages = pkgs.linuxPackages_latest; + + nix.settings.auto-optimise-store = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + # NetworkManager networking.wireless.enable = false; networking.networkmanager.enable = true; + networking.hostName = "peebee"; # SSH services.openssh = { @@ -43,9 +54,7 @@ user = "aaronh"; }; - # - # User configuration - # + time.timeZone = "America/Denver"; users.users."aaronh" = { isNormalUser = true; @@ -57,42 +66,25 @@ "networkmanager" "video" "wheel" - ]; - + ]; + # GUI packages = with pkgs; [ - deja-dup - foliate - headlines - gnome.gnome-clocks - gnome.gnome-calculator - gnome-feeds - gnome-photos - gnome-podcasts - lollypop - marker - phosh-mobile-settings portfolio-filemanager - spot - tootle # CLI grim + ]; + }; - ]; -}; - - # Remove non-friendly GNOME packages + # Remove GNOME packages environment.gnome.excludePackages = (with pkgs; [ gnome-photos gnome-tour ]); - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? -} + environment.systemPackages = (with pkgs; [ + # rest of your packages + ]); + + system.stateVersion = "23.11"; diff --git a/systems/rpi4.nix b/systems/aarch64/vetra/configuration.nix similarity index 72% rename from systems/rpi4.nix rename to systems/aarch64/vetra/configuration.nix index 94cc8bb..3e83893 100644 --- a/systems/rpi4.nix +++ b/systems/aarch64/vetra/configuration.nix @@ -1,12 +1,17 @@ { config, pkgs, lib, ... }: { - imports = - [ - -# ./programs.nix + imports = [ +# + ./home-assistant.nix +# ./gnome.nix +# ./programs.nix ]; +# boot.kernelPackages = pkgs.linuxPackages_latest; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + fileSystems = { "/" = { device = "/dev/disk/by-label/NIXOS_SD"; @@ -16,7 +21,7 @@ }; networking = { - hostName = "Vetra"; + hostName = "vetra"; networkmanager.enable = true; }; @@ -34,14 +39,17 @@ ]; # Define user accounts - users.extraUsers.aaronh = { + users.users.aaronh = { description = "Aaron Honeycutt"; home = "/home/aaronh"; extraGroups = [ "wheel" "networkmanager" "adm"]; isNormalUser = true; + shell = pkgs.fish; hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx."; }; + programs.fish.enable = true; + # Enable Pipewire security.rtkit.enable = true; services.pipewire = { @@ -57,7 +65,7 @@ # Enable Bluetooth hardware.bluetooth.enable = true; - # Enable the OpenSSH daemon + # Enable SSH services.openssh.enable = true; # Enable CUPS @@ -69,9 +77,15 @@ # Allow Unfree nixpkgs.config.allowUnfree = true; + services.hydra = { + enable = false; + hydraURL = "http://localhost:3000"; + notificationSender = "hydra@localhost"; + buildMachinesFiles = []; + useSubstitutes = true; + }; + # System system.stateVersion = "22.11"; system.autoUpgrade.enable = true; - - } diff --git a/systems/aarch64/vetra/flake.nix b/systems/aarch64/vetra/flake.nix new file mode 100644 index 0000000..0764a0d --- /dev/null +++ b/systems/aarch64/vetra/flake.nix @@ -0,0 +1,111 @@ +{ + description = "Vetra"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/release-23.05"; + home-manager = { + url = "github:nix-community/home-manager/release-22.11"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + }; + + outputs = { self, nixpkgs, nixos-hardware, ... }@inputs: { + nixosConfigurations = { + "vetra" = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here + nixos-hardware.nixosModules.raspberry-pi-4 +# ./configuration.nix + + ({config, pkgs, ...}: { + fileSystems = { + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + options = [ "noatime" ]; + }; + + "/mnt/ExtraDrive" = { + device = "/dev/disk/by-uuid/72315f9e-ceda-4152-8e8d-09590affba28"; + fsType = "ext4"; + }; + }; + + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + networking = { + hostName = "vetra"; + networkmanager.enable = true; + }; + + time.timeZone = "America/Denver"; + + environment.systemPackages = with pkgs; [ + fish + git + neofetch + restic + wget + ]; + + users.users.aaronh = { + description = "Aaron Honeycutt"; + home = "/home/aaronh"; + extraGroups = [ "wheel" "networkmanager" "adm" ]; + isNormalUser = true; + shell = pkgs.fish; + hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx."; + }; + + programs.fish.enable = true; + + # Enable Pipewire + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + # Turn off PulseAudio + hardware.pulseaudio.enable = false; + + # Enable Bluetooth + hardware.bluetooth.enable = true; + + # Enable SSH + services.openssh.enable = true; + + # Enable CUPS + services.printing.enable = true; + + # Enable GPU Acceleration + hardware.raspberry-pi."4".fkms-3d.enable = true; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; + + # System + system = { + stateVersion = "23.05"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} diff --git a/systems/rpi4-example.nix b/systems/aarch64/vetra/rpi4-example.nix similarity index 100% rename from systems/rpi4-example.nix rename to systems/aarch64/vetra/rpi4-example.nix diff --git a/systems/vm.nix b/systems/vm.nix index ffb929c..830b2f0 100644 --- a/systems/vm.nix +++ b/systems/vm.nix @@ -19,13 +19,6 @@ systemd-boot.consoleMode = "0"; }; - boot.initrd.luks.devices = { - root = { - device = "/dev/sda"; - preLVM = true; - }; - }; - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; nix.settings.extra-platforms = [ "aarch64-linux" ]; @@ -55,10 +48,6 @@ hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx."; packages = with pkgs; [ - # Fonts - fira - restic - neofetch ]; }; @@ -70,12 +59,6 @@ environment.systemPackages = with pkgs; [ - avahi - cargo - dmidecode - firefox - libcamera - lshw nix-index unzip wget diff --git a/systems/galp3-b.nix b/systems/x86_64/darp9.nix similarity index 75% rename from systems/galp3-b.nix rename to systems/x86_64/darp9.nix index 4350b02..59cbbd4 100644 --- a/systems/galp3-b.nix +++ b/systems/x86_64/darp9.nix @@ -2,7 +2,7 @@ { # Name your host machine - networking.hostName = "Garrus"; + networking.hostName = "darp9"; # System76 hardware.system76.enableAll = true; diff --git a/systems/galp4.nix b/systems/x86_64/galp4.nix similarity index 100% rename from systems/galp4.nix rename to systems/x86_64/galp4.nix diff --git a/systems/x86_64/garrus/configuration.nix b/systems/x86_64/garrus/configuration.nix new file mode 100644 index 0000000..37527a8 --- /dev/null +++ b/systems/x86_64/garrus/configuration.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "garrus"; + + # System76 + hardware.system76.enableAll = true; +} diff --git a/systems/gaze16-3050.nix b/systems/x86_64/gaze16-3050.nix similarity index 100% rename from systems/gaze16-3050.nix rename to systems/x86_64/gaze16-3050.nix diff --git a/systems/harbinger.nix b/systems/x86_64/harbinger.nix similarity index 99% rename from systems/harbinger.nix rename to systems/x86_64/harbinger.nix index 5a1a5ac..6d376dd 100644 --- a/systems/harbinger.nix +++ b/systems/x86_64/harbinger.nix @@ -83,7 +83,6 @@ acme-sh git git-lfs - inetutils jekyll mtr neofetch @@ -91,7 +90,6 @@ rubyPackages.jekyll-feed rubyPackages.jekyll-redirect-from sysstat - toybox tree wget ]; diff --git a/home/.gitkeep b/systems/x86_64/harbinger/.gitkeep similarity index 100% rename from home/.gitkeep rename to systems/x86_64/harbinger/.gitkeep diff --git a/systems/x86_64/harbinger/configuration.nix b/systems/x86_64/harbinger/configuration.nix new file mode 100644 index 0000000..04a6f1d --- /dev/null +++ b/systems/x86_64/harbinger/configuration.nix @@ -0,0 +1,123 @@ +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix +# ./unstable.nix + ./ahoneybun-net.nix + ./mc-ahoneybun-net.nix +# ./nextcloud.nix + ./tildecafe-com.nix + ./rockymtnlug-org.nix +# ./chat-rockymtnlug-org.nix + ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelParams = [ "console=ttyS0,19200n8" ]; + + nix.settings.auto-optimise-store = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + boot.loader.grub.device = "nodev"; # or "nodev" for efi only + boot.loader.timeout = 10; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + networking.extraHosts = + '' + 23.32.241.51 r3.o.lencr.org + ''; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + networking.hostName = "harbinger"; + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + git-lfs + mtr + neofetch + sysstat + tree + wget + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + permitRootLogin = "no"; + }; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + networking.usePredictableInterfaceNames = false; + networking.useDHCP = false; + networking.interfaces.eth0.useDHCP = true; + + system.stateVersion = "22.11"; # Did you read the comment? + system.autoUpgrade.enable = true; +} + diff --git a/systems/x86_64/harbinger/flake.nix b/systems/x86_64/harbinger/flake.nix new file mode 100644 index 0000000..64dc310 --- /dev/null +++ b/systems/x86_64/harbinger/flake.nix @@ -0,0 +1,99 @@ +{ + description = "Harbinger"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/release-23.05"; + }; + + outputs = { self, nixpkgs, ... }@inputs: { + nixosConfigurations = { + "harbinger" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here +# ./configuration.nix + ./hardware-configuration.nix + ./ahoneybun-net.nix + ./tildecafe-com.nix + ./rockymtnlug-org.nix + + ({config, pkgs, ...}: { + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + boot = { + kernelPackages = pkgs.linuxPackages_latest; + kernelParams = [ "console=ttyS0,1920n8" ]; + + loader.grub.enable = true; + loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + loader.grub.device = "nodev"; # or "nodev" for efi only + loader.timeout = 10; + }; + + networking = { + hostName = "harbinger"; + + firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + usePredictableInterfaceNames = false; + useDHCP = false; + interfaces.eth0.useDHCP = true; + + }; + + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + git-lfs + mtr + neofetch + sysstat + tree + wget + ]; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + services.openssh = { + enable = true; + settings.PermitRootLogin = "no"; + }; + + system = { + stateVersion = "23.05"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} diff --git a/systems/hp-omen.nix b/systems/x86_64/hp-omen.nix similarity index 80% rename from systems/hp-omen.nix rename to systems/x86_64/hp-omen.nix index 372a311..f5eab2c 100644 --- a/systems/hp-omen.nix +++ b/systems/x86_64/hp-omen.nix @@ -9,8 +9,8 @@ hardware.opengl.enable = true; hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; - ## Enable 32 Bit libraries for applications like Steam - hardware.opengl.driSupport32Bit = true; + ## Enable 32 Bit libraries for applications like Steam + hardware.opengl.driSupport32Bit = true; # Allow Unfree nixpkgs.config.allowUnfree = true; diff --git a/systems/x86_64/lemp12.nix b/systems/x86_64/lemp12.nix new file mode 100644 index 0000000..2d3a183 --- /dev/null +++ b/systems/x86_64/lemp12.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "lemp12"; + + # System76 + hardware.system76.enableAll = true; +} diff --git a/systems/linode.nix b/systems/x86_64/linode.nix similarity index 100% rename from systems/linode.nix rename to systems/x86_64/linode.nix diff --git a/systems/oryp6.nix b/systems/x86_64/oryp6.nix similarity index 100% rename from systems/oryp6.nix rename to systems/x86_64/oryp6.nix diff --git a/systems/sovereign.nix b/systems/x86_64/sovereign.nix similarity index 99% rename from systems/sovereign.nix rename to systems/x86_64/sovereign.nix index 98ddd12..b61b256 100644 --- a/systems/sovereign.nix +++ b/systems/x86_64/sovereign.nix @@ -100,11 +100,9 @@ environment.systemPackages = with pkgs; [ acme-sh git - inetutils mtr neofetch sysstat - toybox tree wget ]; diff --git a/systems/x86_64/sovereign/.gitkeep b/systems/x86_64/sovereign/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/systems/x86_64/sovereign/configuration.nix b/systems/x86_64/sovereign/configuration.nix new file mode 100644 index 0000000..02e5160 --- /dev/null +++ b/systems/x86_64/sovereign/configuration.nix @@ -0,0 +1,123 @@ +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix +# ./unstable.nix + ./stoners-space.nix + ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelParams = [ "console=ttyS0,19200n8" ]; + + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + + nix.settings.extra-platforms = [ "aarch64-linux" ]; + nix.settings.auto-optimise-store = true; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + nix.buildMachines = [{ + hostName = "localhost"; + systems = ["x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin"]; + supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"]; + maxJobs = 8; + }]; + + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + boot.loader.grub.device = "nodev"; # or "nodev" for efi only + boot.loader.timeout = 10; + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + networking.extraHosts = + '' + 23.32.241.51 r3.o.lencr.org + ''; + + # fileSystems."/mnt/swapfile" = + # { device = "/dev/disk/by-uuid/82672991-fe8a-485a-8dcf-7c8ae1282b6c"; + # fsType = "ext4"; + # }; + + # services.hydra = { + # enable = true; + # hydraURL = "localhost:3000"; + # notificationSender = "hydra@localhost"; + # useSubstitutes = true; + # }; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + networking.hostName = "sovereign"; + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + users.users.builder = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + packages = with pkgs; [ + neofetch + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + inetutils + mtr + neofetch + sysstat + tree + wget + ]; + + # Enable the OpenSSH daemon. + services.openssh = { + enable = true; + permitRootLogin = "no"; + }; + + networking.usePredictableInterfaceNames = false; + networking.useDHCP = false; + networking.interfaces.eth0.useDHCP = true; + + system.stateVersion = "22.11"; # Did you read the comment? + system.autoUpgrade.enable = true; +} + diff --git a/systems/x86_64/sovereign/flake.nix b/systems/x86_64/sovereign/flake.nix new file mode 100644 index 0000000..8e4eff1 --- /dev/null +++ b/systems/x86_64/sovereign/flake.nix @@ -0,0 +1,111 @@ +{ + description = "Sovereign"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/release-23.05"; + }; + + outputs = { self, nixpkgs, ... }@inputs: { + nixosConfigurations = { + "sovereign" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here +# ./configuration.nix + ./hardware-configuration.nix + ./stoners-space.nix + + ({config, pkgs, ...}: { + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + settings.extra-platforms = [ "aarch64-linux" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + + buildMachines = [{ + hostName = "localhost"; + systems = [ "x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin" ]; + supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ]; + maxJobs = 8; + }]; + + }; + + boot = { + kernelPackages = pkgs.linuxPackages_latest; + kernelParams = [ "console=ttyS0,1920n8" ]; + + binfmt.emulatedSystems = [ "aarch64-linux" ]; + + loader.grub.enable = true; + loader.grub.extraConfig = '' + serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1; + terminal_input serial; + terminal_output serial + ''; + loader.grub.device = "nodev"; # or "nodev" for efi only + loader.timeout = 10; + }; + + networking = { + hostName = "sovereign"; + + firewall = { + enable = true; + allowedTCPPorts = [ 80 443 ]; + }; + + usePredictableInterfaceNames = false; + useDHCP = false; + interfaces.eth0.useDHCP = true; + + }; + + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + ]; + }; + + environment.systemPackages = with pkgs; [ + acme-sh + git + git-lfs + mtr + neofetch + sysstat + tree + wget + ]; + + security.acme.acceptTerms = true; + security.acme.defaults.email = "aaronhoneycutt@proton.me"; + + services.openssh = { + enable = true; + settings.PermitRootLogin = "no"; + }; + + system = { + stateVersion = "23.05"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} diff --git a/systems/x86_64/thelio-b1/.gitkeep b/systems/x86_64/thelio-b1/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/systems/x86_64/thelio-b1/flake.nix b/systems/x86_64/thelio-b1/flake.nix new file mode 100644 index 0000000..959c151 --- /dev/null +++ b/systems/x86_64/thelio-b1/flake.nix @@ -0,0 +1,142 @@ +{ + description = "Joker"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/release-23.05"; + }; + + outputs = { self, nixpkgs, ... }@inputs: { + nixosConfigurations = { + "joker" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here +# ./configuration.nix + ./hardware-configuration.nix + + ({config, pkgs, ...}: { + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + nixpkgs.config.allowUnfree = true; + + boot = { + initrd.luks.devices = { + root = { + device = "/dev/sda"; + preLVM = true; + }; + }; + + # kernelPackages = pkgs.linuxPackages_latest; + # kernelParams = [ "console=ttyS0,1920n8" ]; + + binfmt.emulatedSystems = [ "aarch64-linux" ]; + + loader.systemd-boot.enable = true; + loader.systemd-boot.consoleMode = "0"; + }; + + networking = { + hostName = "joker"; + networkmanager.enable = true; + }; + + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + mdbook + neofetch + restic + roboto-slab + + firefox + ]; + }; + + environment.systemPackages = with pkgs; [ + avahi + dmidecode + libcamera + lshw + nix-index + sysstat + tree + unzip + wget + ]; + + # GNOME + services.xserver = { + enable = true; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + }; + + # Add GNOME packages + environment.systemPackages = (with pkgs; [ + gnome.dconf-editor + gnome.gnome-tweaks + gnomeExtensions.appindicator + gnomeExtensions.pop-shell + gnomeExtensions.pop-launcher-super-key + ]); + + # Remove GNOME packages + environment.gnome.excludePackages = (with pkgs; [ + epiphany # web browser + gnome.geary + gnome.gnome-software + gnome-connections + gnome-photos + gnome-tour + ]); + + # Services + services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + + hardware.pulseaudio.enable = false; + + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + services = { + fwupd.enable = true; + printing.enable = true; + openssh.enable = true; + }; + + services.avahi = { + enable = true; + nssmdns = true; + openFirewall = true; + }; + + system = { + stateVersion = "23.05"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} diff --git a/systems/x86_64/thelio-nvidia.nix b/systems/x86_64/thelio-nvidia.nix new file mode 100644 index 0000000..9cd7d3a --- /dev/null +++ b/systems/x86_64/thelio-nvidia.nix @@ -0,0 +1,17 @@ +{ config, pkgs, ... }: + +{ + # Name your host machine + networking.hostName = "thelio-b1"; + + # System76 + hardware.system76.enableAll = true; + + # NVIDIA + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.opengl.enable = true; + hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; + + # Allow Unfree + nixpkgs.config.allowUnfree = true; +} diff --git a/systems/x86_64/vm/.gitkeep b/systems/x86_64/vm/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/systems/x86_64/vm/flake.nix b/systems/x86_64/vm/flake.nix new file mode 100644 index 0000000..28bef95 --- /dev/null +++ b/systems/x86_64/vm/flake.nix @@ -0,0 +1,140 @@ +{ + description = "nixos-vm"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; + }; + + outputs = { self, nixpkgs, ... }@inputs: { + nixosConfigurations = { + "nixos-vm" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + # Import the configuration.nix we used before, so that the old configuration file can still take effect. + # Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here +# ./configuration.nix + ./hardware-configuration.nix + + ({config, pkgs, ...}: { + nix = { + settings.auto-optimise-store = true; + settings.experimental-features = [ "nix-command" "flakes" ]; + + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + nixpkgs.config.allowUnfree = true; + + boot = { + initrd.luks.devices = { + root = { + device = "/dev/sda"; + preLVM = true; + }; + }; + + # kernelPackages = pkgs.linuxPackages_latest; + kernelParams = [ "console=ttyS0,1920n8" ]; + + binfmt.emulatedSystems = [ "aarch64-linux" ]; + + loader.systemd-boot.enable = true; + loader.systemd-boot.consoleMode = "0"; + }; + + networking = { + hostName = "nixos-vm"; + networkmanager.enable = true; + }; + + users.users.aaronh = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + cargo + git + git-lfs + mdbook + neofetch + restic + roboto-slab + + firefox + ]; + }; + + # GNOME + services.xserver = { + enable = true; + displayManager.gdm.enable = true; + desktopManager.gnome.enable = true; + }; + + environment.systemPackages = (with pkgs; [ + avahi + dmidecode + libcamera + lshw + nix-index + sysstat + tree + unzip + wget + + # Add GNOME packages + gnome.dconf-editor + gnome.gnome-tweaks + gnomeExtensions.appindicator + gnomeExtensions.pop-shell + gnomeExtensions.pop-launcher-super-key + ]); + + # Remove GNOME packages + environment.gnome.excludePackages = (with pkgs; [ + epiphany # web browser + gnome.geary + gnome.gnome-software + gnome-connections + gnome-photos + gnome-tour + ]); + + # Services + services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ]; + + hardware.pulseaudio.enable = false; + + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + services = { + fwupd.enable = true; + printing.enable = true; + openssh.enable = true; + }; + + services.avahi = { + enable = true; + nssmdns = true; + openFirewall = true; + }; + + system = { + stateVersion = "23.05"; + autoUpgrade.enable = true; + }; + }) + ]; + }; + }; + }; +} diff --git a/web/ahoneybun-net.nix b/web/ahoneybun-net.nix index 7de9655..3df668a 100644 --- a/web/ahoneybun-net.nix +++ b/web/ahoneybun-net.nix @@ -1,20 +1,17 @@ { config, pkgs, ... }: { - security.acme.acceptTerms = true; - security.acme.defaults.email = "aaronhoneycutt@proton.me"; - - services.nginx = { - enable = true; - virtualHosts = { + services.nginx = { + enable = true; + virtualHosts = { "ahoneybun.net" = { forceSSL = true; enableACME = true; - locations."/" = { - root = "/var/www"; - }; - }; - }; -}; + locations."/" = { + root = "/var/www/ahoneybun-net/_site"; + }; + }; + }; + }; } diff --git a/web/mc-ahoneybun-net.nix b/web/mc-ahoneybun-net.nix new file mode 100644 index 0000000..1761e68 --- /dev/null +++ b/web/mc-ahoneybun-net.nix @@ -0,0 +1,29 @@ +{ config, pkgs, ... }: + +{ + services.minecraft-server = { + enable = true; + eula = true; + openFirewall = true; + declarative = true; + + # see here for more info: https://minecraft.gamepedia.com/Server.properties#server.properties + serverProperties = { + server-port = 25565; + gamemode = "survival"; + motd = "NixOS Minecraft server"; + max-players = 5; + enable-rcon = true; + enable-query = true; + # This password can be used to administer your minecraft server. + # Exact details as to how will be explained later. If you want + # you can replace this with another password. +# rcon.password = "hunter2"; +# query.port = 25565; + level-seed = "10292992"; + }; + }; + + # enable closed source packages such as the minecraft server + nixpkgs.config.allowUnfree = true; +}