ahoneybun/nix-configs
1
0
Fork 0
mirror of https://gitlab.com/ahoneybun/nix-configs.git synced 2025-05-12 11:14:02 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'main' into 'luks'

Browse source 
# Conflicts:
#   systems/vm.nix
This commit is contained in:
Aaron Honeycutt 2023-10-27 16:18:49 +00:00
commit 8a5c4c9380
37 changed files with 1212 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

7
README.md
View file

@ -29,19 +29,12 @@ sudo nix-channel --add https://github.com/NixOS/nixos-hardware/archive/master.ta
sudo nix-channel --update
```
- `hp-omen.nix` : This file is mainly for my HP Omen to add and enable the NVIDIA driver from stable
- `linode.nix` : This file is for a Linode instance though it might work for other server setups
- `sovereign.nix` : This file is for the Linode instance that hosts https://stoners.space which is a Mastodon instance
- `harbinger.nix` : This file is for the Linode instance that hosts the following sites:
- https://ahoneybun.net/
- https://rockymountainlinuxfest.org/
- https://tildecafe.com/
- `oryp6.nix` : This file is mainly for my work System76 Oryx Pro (oryp6) to add and enable the NVIDIA driver from stable
- `rpi4.nix` : This file is to configure a Raspberry Pi 4B (Vetra Nyx)
- `pinebook-pro.nix` : This file is to configure a PineBook Pro (Jaal Ama Darav)
- `pinephone.nix` : This file is to configure a PinePhone (PeeBee)
- `galp3-b.nix` : This file is for my personal System76 Galago Pro (galp3-b).
- `galp4.nix` : This file is for my work System76 Galago Pro (galp4).
## Shell Nix files: (nix-configs/shell/)

17
configuration.nix
View file

@ -12,7 +12,6 @@
# Latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelParams = [ "vfio-pci.ids=8086:9b41" "qxl" "bochs_drm"];
boot.loader = {
systemd-boot.enable = true;
@ -66,16 +65,7 @@
hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx.";
packages = with pkgs; [
# Fonts
fira
fira-mono
firefox
mdbook
restic
roboto-slab
neofetch
thunderbird
];
};
@ -89,8 +79,13 @@
avahi
cargo
dmidecode
fira
firefox
git
git-lfs
libcamera
lshw
roboto-slab
nix-index
unzip
wget
@ -126,7 +121,7 @@
};
# System
system.stateVersion = "22.11";
system.stateVersion = "23.05";
system.autoUpgrade.enable = true;
}

1
desktops/gnome.nix
View file

@ -10,7 +10,6 @@
# Add GNOME packages
environment.systemPackages = (with pkgs; [
amberol
gnome.dconf-editor
gnome.gnome-tweaks
gnomeExtensions.appindicator

18
desktops/herbstluftwm.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, pkgs, ... }:
{
# Start herbstluftwm
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
windowManager.herbstluftwm.enable = true;
};
environment.systemPackages = (with pkgs; [
polybar # status bar
rofi # launcher
]);
}

8
home.nix
View file

@ -14,13 +14,18 @@
# You can update Home Manager without changing this value. See
# the Home Manager release notes for a list of state version
# changes in each release.
home.stateVersion = "22.11";
home.stateVersion = "23.05";
nixpkgs.config.allowUnfree = true;
home.packages = with pkgs; [
# GUI
spotify
vscode
# CLI
mdbook
neofetch
];
programs.bash = {
@ -62,7 +67,6 @@
programs.command-not-found.enable = true;
programs.firefox.enable = true;
programs.gh.enable = true;
# Let Home Manager install and manage itself.

162
systems/COSMIC-configuration.nix Normal file
View file

@ -0,0 +1,162 @@
Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, inputs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
./cachix.nix
];
# make ready for nix flakes which are experimental...
nix.package = pkgs.nixFlakes;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "nixos"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "America/New_York";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.displayManager.gdm.wayland = true;
services.xserver.desktopManager.gnome.enable = true;
services.xserver.displayManager.sessionPackages = [ inputs.cosmic-session.packages.x86_64-linux.default ];
services.xserver.displayManager.defaultSession = "cosmic";
# Configure keymap in X11
services.xserver = {
layout = "us";
xkbVariant = "";
};
# Enable CUPS to print documents.
services.printing.enable = true;
programs.gnupg.agent = {
enable = true;
pinentryFlavor = "gnome3";
enableSSHSupport = true;
};
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.ashley = {
isNormalUser = true;
description = "Ashley Wulber";
extraGroups = [ "networkmanager" "wheel" ];
packages = with pkgs; [
firefox
git
git-crypt
gnupg
pinentry
# thunderbird
];
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
cachix
vim
xdg-desktop-portal-gtk
inputs.cosmic-session.packages.x86_64-linux.default
inputs.cosmic-comp.packages.x86_64-linux.default
inputs.cosmic-panel.packages.x86_64-linux.default
inputs.cosmic-applibrary.packages.x86_64-linux.default
inputs.cosmic-launcher.packages.x86_64-linux.default
inputs.cosmic-settings.packages.x86_64-linux.default
inputs.cosmic-applets.packages.x86_64-linux.default
# inputs.cosmic-notifications.packages.x86_64-linux.default
inputs.cosmic-osd.packages.x86_64-linux.default
inputs.cosmic-workspaces.packages.x86_64-linux.default
inputs.cosmic-bg.packages.x86_64-linux.default
inputs.xdg-desktop-portal-cosmic.packages.x86_64-linux.default
inputs.cosmic-settings-daemon.packages.x86_64-linux.default
];
services.dbus.implementation = "broker";
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

41
systems/COSMIC-flake.nix Normal file
View file

@ -0,0 +1,41 @@
{
description = "Aaron's System Config";
inputs = {
nixpkgs.url = "nixpkgs/nixos-23.05";
cosmic-comp.url = "github:pop-os/cosmic-comp/master_jammy";
cosmic-panel.url = "github:pop-os/cosmic-panel/master_jammy";
cosmic-settings.url = "github:pop-os/cosmic-settings/master_jammy";
cosmic-settings-daemon.url = "github:pop-os/cosmic-settings-daemon/master_jammy";
cosmic-launcher.url = "github:pop-os/cosmic-launcher/master_jammy";
cosmic-applibrary.url = "github:pop-os/cosmic-applibrary/master_jammy";
cosmic-session.url = "github:pop-os/cosmic-session/ab26218ab2139dc884a66bdb57f6216b248670bf";
cosmic-applets.url = "github:pop-os/cosmic-applets/58c27e88603ad47479115b632d2fa87579d8fa39";
cosmic-workspaces.url = "github:pop-os/cosmic-workspaces-epoch/717c454a7e31c4ffc8baf6c1d1c90fd74a223e55";
cosmic-osd.url = "github:pop-os/cosmic-osd/b6d93f736d4b9ab3df4cceafaf59cd8c95859ed6";
cosmic-bg.url = "github:pop-os/cosmic-bg/master_jammy";
xdg-desktop-portal-cosmic.url = "github:pop-os/xdg-desktop-portal-cosmic/master_jammy";
};
outputs = { self, nixpkgs, cosmic-comp, cosmic-session, cosmic-panel, cosmic-applets, cosmic-settings, cosmic-settings-daemon, cosmic-launcher, cosmic-applibrary, cosmic-workspaces, cosmic-osd, xdg-desktop-portal-cosmic, cosmic-bg }@attrs: let
system = "x86_64-linux";
pkgs = import nixpkgs {
inherit system;
config = { allowUnfree = true; };
};
cosmic-session.inputs.nixpkgs.follows = "nixpkgs";
lib = nixpkgs.lib;
in {
nixosConfigurations = {
nixos = lib.nixosSystem {
inherit system;
specialArgs.inputs = attrs;
modules = [
./configuration.nix
];
};
};
};
}

2
systems/pbp.nix → systems/aarch64/jaal/pbp.nix
View file

@ -2,6 +2,6 @@
{
# Name your host machine
networking.hostName = "Jaal";
networking.hostName = "jaal";
}

2
systems/pinebook-pro.nix → systems/aarch64/jaal/pinebook-pro.nix
View file

@ -64,7 +64,7 @@
};
networking = {
hostName = "pbp";
hostName = "jaal";
networkmanager.enable = true;
};

56
systems/pinephone.nix → systems/aarch64/peebee/pinephone.nix
View file

@ -7,16 +7,27 @@
<mobile-nixos/examples/phosh/phosh.nix>
];
networking.hostName = "Peebee";
time.timeZone = "America/Denver";
fileSystems."/mnt/ExtraDrive" =
{ device = "/dev/disk/by-uuid/631d2b85-2e0b-4740-8b45-6147cf15193f";
fsType = "ext4";
};
#
# Opinionated defaults
#
# Kernel changes
# boot.kernelPackages = pkgs.linuxPackages_latest;
# Use Network Manager
nix.settings.auto-optimise-store = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
# NetworkManager
networking.wireless.enable = false;
networking.networkmanager.enable = true;
networking.hostName = "peebee";
# SSH
services.openssh = {
@ -43,9 +54,7 @@
user = "aaronh";
};
#
# User configuration
#
time.timeZone = "America/Denver";
users.users."aaronh" = {
isNormalUser = true;
@ -61,38 +70,21 @@
# GUI
packages = with pkgs; [
deja-dup
foliate
headlines
gnome.gnome-clocks
gnome.gnome-calculator
gnome-feeds
gnome-photos
gnome-podcasts
lollypop
marker
phosh-mobile-settings
portfolio-filemanager
spot
tootle
# CLI
grim
];
};
# Remove non-friendly GNOME packages
# Remove GNOME packages
environment.gnome.excludePackages = (with pkgs; [
gnome-photos
gnome-tour
]);
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}
environment.systemPackages = (with pkgs; [
# rest of your packages
]);
system.stateVersion = "23.11";

30
systems/rpi4.nix → systems/aarch64/vetra/configuration.nix
View file

@ -1,12 +1,17 @@
{ config, pkgs, lib, ... }:
{
imports =
[
<nixos-hardware/raspberry-pi/4>
imports = [
# <nixos-hardware/raspberry-pi/4>
./home-assistant.nix
# ./gnome.nix
# ./programs.nix
];
# boot.kernelPackages = pkgs.linuxPackages_latest;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
@ -16,7 +21,7 @@
};
networking = {
hostName = "Vetra";
hostName = "vetra";
networkmanager.enable = true;
};
@ -34,14 +39,17 @@
];
# Define user accounts
users.extraUsers.aaronh = {
users.users.aaronh = {
description = "Aaron Honeycutt";
home = "/home/aaronh";
extraGroups = [ "wheel" "networkmanager" "adm"];
isNormalUser = true;
shell = pkgs.fish;
hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx.";
};
programs.fish.enable = true;
# Enable Pipewire
security.rtkit.enable = true;
services.pipewire = {
@ -57,7 +65,7 @@
# Enable Bluetooth
hardware.bluetooth.enable = true;
# Enable the OpenSSH daemon
# Enable SSH
services.openssh.enable = true;
# Enable CUPS
@ -69,9 +77,15 @@
# Allow Unfree
nixpkgs.config.allowUnfree = true;
services.hydra = {
enable = false;
hydraURL = "http://localhost:3000";
notificationSender = "hydra@localhost";
buildMachinesFiles = [];
useSubstitutes = true;
};
# System
system.stateVersion = "22.11";
system.autoUpgrade.enable = true;
}

111
systems/aarch64/vetra/flake.nix Normal file
View file

@ -0,0 +1,111 @@
{
description = "Vetra";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/release-23.05";
home-manager = {
url = "github:nix-community/home-manager/release-22.11";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
};
outputs = { self, nixpkgs, nixos-hardware, ... }@inputs: {
nixosConfigurations = {
"vetra" = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
# Import the configuration.nix we used before, so that the old configuration file can still take effect.
# Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here
nixos-hardware.nixosModules.raspberry-pi-4
# ./configuration.nix
({config, pkgs, ...}: {
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
options = [ "noatime" ];
};
"/mnt/ExtraDrive" = {
device = "/dev/disk/by-uuid/72315f9e-ceda-4152-8e8d-09590affba28";
fsType = "ext4";
};
};
nix = {
settings.auto-optimise-store = true;
settings.experimental-features = [ "nix-command" "flakes" ];
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
};
networking = {
hostName = "vetra";
networkmanager.enable = true;
};
time.timeZone = "America/Denver";
environment.systemPackages = with pkgs; [
fish
git
neofetch
restic
wget
];
users.users.aaronh = {
description = "Aaron Honeycutt";
home = "/home/aaronh";
extraGroups = [ "wheel" "networkmanager" "adm" ];
isNormalUser = true;
shell = pkgs.fish;
hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx.";
};
programs.fish.enable = true;
# Enable Pipewire
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# Turn off PulseAudio
hardware.pulseaudio.enable = false;
# Enable Bluetooth
hardware.bluetooth.enable = true;
# Enable SSH
services.openssh.enable = true;
# Enable CUPS
services.printing.enable = true;
# Enable GPU Acceleration
hardware.raspberry-pi."4".fkms-3d.enable = true;
# Allow Unfree
nixpkgs.config.allowUnfree = true;
# System
system = {
stateVersion = "23.05";
autoUpgrade.enable = true;
};
})
];
};
};
};
}

0
systems/rpi4-example.nix → systems/aarch64/vetra/rpi4-example.nix
View file

17
systems/vm.nix
View file

@ -19,13 +19,6 @@
systemd-boot.consoleMode = "0";
};
boot.initrd.luks.devices = {
root = {
device = "/dev/sda";
preLVM = true;
};
};
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
nix.settings.extra-platforms = [ "aarch64-linux" ];
@ -55,10 +48,6 @@
hashedPassword = "$6$aAcbLtqiqzySifls$jdKMOQjoWITHD/dWNNZVUH/qNc6aoJ7v4zYofi0U7IJSVTbmOfChS3mzaJbp57AodjdPNKPrnrip8Nlh2Qanx.";
packages = with pkgs; [
# Fonts
fira
restic
neofetch
];
};
@ -70,12 +59,6 @@
environment.systemPackages =
with pkgs;
[
avahi
cargo
dmidecode
firefox
libcamera
lshw
nix-index
unzip
wget

2
systems/galp3-b.nix → systems/x86_64/darp9.nix
View file

@ -2,7 +2,7 @@
{
# Name your host machine
networking.hostName = "Garrus";
networking.hostName = "darp9";
# System76
hardware.system76.enableAll = true;

0
systems/galp4.nix → systems/x86_64/galp4.nix
View file

9
systems/x86_64/garrus/configuration.nix Normal file
View file

@ -0,0 +1,9 @@
{ config, pkgs, ... }:
{
# Name your host machine
networking.hostName = "garrus";
# System76
hardware.system76.enableAll = true;
}

0
systems/gaze16-3050.nix → systems/x86_64/gaze16-3050.nix
View file

2
systems/harbinger.nix → systems/x86_64/harbinger.nix
View file

@ -83,7 +83,6 @@
acme-sh
git
git-lfs
inetutils
jekyll
mtr
neofetch
@ -91,7 +90,6 @@
rubyPackages.jekyll-feed
rubyPackages.jekyll-redirect-from
sysstat
toybox
tree
wget
];

0
home/.gitkeep → systems/x86_64/harbinger/.gitkeep
View file

123
systems/x86_64/harbinger/configuration.nix Normal file
View file

@ -0,0 +1,123 @@
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
# ./unstable.nix
./ahoneybun-net.nix
./mc-ahoneybun-net.nix
# ./nextcloud.nix
./tildecafe-com.nix
./rockymtnlug-org.nix
# ./chat-rockymtnlug-org.nix
];
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelParams = [ "console=ttyS0,19200n8" ];
nix.settings.auto-optimise-store = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1;
terminal_input serial;
terminal_output serial
'';
boot.loader.grub.device = "nodev"; # or "nodev" for efi only
boot.loader.timeout = 10;
networking.firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
};
networking.extraHosts =
''
23.32.241.51 r3.o.lencr.org
'';
security.acme.acceptTerms = true;
security.acme.defaults.email = "aaronhoneycutt@proton.me";
networking.hostName = "harbinger";
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.aaronh = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ]; # Enable sudo for the user.
packages = with pkgs; [
cargo
git
git-lfs
];
};
environment.systemPackages = with pkgs; [
acme-sh
git
git-lfs
mtr
neofetch
sysstat
tree
wget
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
permitRootLogin = "no";
};
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
networking.usePredictableInterfaceNames = false;
networking.useDHCP = false;
networking.interfaces.eth0.useDHCP = true;
system.stateVersion = "22.11"; # Did you read the comment?
system.autoUpgrade.enable = true;
}

99
systems/x86_64/harbinger/flake.nix Normal file
View file

@ -0,0 +1,99 @@
{
description = "Harbinger";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/release-23.05";
};
outputs = { self, nixpkgs, ... }@inputs: {
nixosConfigurations = {
"harbinger" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
# Import the configuration.nix we used before, so that the old configuration file can still take effect.
# Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here
# ./configuration.nix
./hardware-configuration.nix
./ahoneybun-net.nix
./tildecafe-com.nix
./rockymtnlug-org.nix
({config, pkgs, ...}: {
nix = {
settings.auto-optimise-store = true;
settings.experimental-features = [ "nix-command" "flakes" ];
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
};
boot = {
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [ "console=ttyS0,1920n8" ];
loader.grub.enable = true;
loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1;
terminal_input serial;
terminal_output serial
'';
loader.grub.device = "nodev"; # or "nodev" for efi only
loader.timeout = 10;
};
networking = {
hostName = "harbinger";
firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
};
usePredictableInterfaceNames = false;
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
users.users.aaronh = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ]; # Enable sudo for the user.
packages = with pkgs; [
cargo
git
git-lfs
];
};
environment.systemPackages = with pkgs; [
acme-sh
git
git-lfs
mtr
neofetch
sysstat
tree
wget
];
security.acme.acceptTerms = true;
security.acme.defaults.email = "aaronhoneycutt@proton.me";
services.openssh = {
enable = true;
settings.PermitRootLogin = "no";
};
system = {
stateVersion = "23.05";
autoUpgrade.enable = true;
};
})
];
};
};
};
}

0
systems/hp-omen.nix → systems/x86_64/hp-omen.nix
View file

9
systems/x86_64/lemp12.nix Normal file
View file

@ -0,0 +1,9 @@
{ config, pkgs, ... }:
{
# Name your host machine
networking.hostName = "lemp12";
# System76
hardware.system76.enableAll = true;
}

0
systems/linode.nix → systems/x86_64/linode.nix
View file

0
systems/oryp6.nix → systems/x86_64/oryp6.nix
View file

2
systems/sovereign.nix → systems/x86_64/sovereign.nix
View file

@ -100,11 +100,9 @@
environment.systemPackages = with pkgs; [
acme-sh
git
inetutils
mtr
neofetch
sysstat
toybox
tree
wget
];

0
systems/x86_64/sovereign/.gitkeep Normal file
View file

123
systems/x86_64/sovereign/configuration.nix Normal file
View file

@ -0,0 +1,123 @@
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
# ./unstable.nix
./stoners-space.nix
];
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelParams = [ "console=ttyS0,19200n8" ];
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
nix.settings.extra-platforms = [ "aarch64-linux" ];
nix.settings.auto-optimise-store = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.buildMachines = [{
hostName = "localhost";
systems = ["x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"];
supportedFeatures = ["kvm" "nixos-test" "big-parallel" "benchmark"];
maxJobs = 8;
}];
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1;
terminal_input serial;
terminal_output serial
'';
boot.loader.grub.device = "nodev"; # or "nodev" for efi only
boot.loader.timeout = 10;
networking.firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
};
networking.extraHosts =
''
23.32.241.51 r3.o.lencr.org
'';
# fileSystems."/mnt/swapfile" =
# { device = "/dev/disk/by-uuid/82672991-fe8a-485a-8dcf-7c8ae1282b6c";
# fsType = "ext4";
# };
# services.hydra = {
# enable = true;
# hydraURL = "localhost:3000";
# notificationSender = "hydra@localhost";
# useSubstitutes = true;
# };
security.acme.acceptTerms = true;
security.acme.defaults.email = "aaronhoneycutt@proton.me";
networking.hostName = "sovereign";
# Set your time zone.
# time.timeZone = "Europe/Amsterdam";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Define a user account. Don't forget to set a password with passwd.
users.users.aaronh = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ]; # Enable sudo for the user.
packages = with pkgs; [
cargo
git
git-lfs
];
};
users.users.builder = {
isNormalUser = true;
extraGroups = [ "wheel" ];
packages = with pkgs; [
neofetch
];
};
environment.systemPackages = with pkgs; [
acme-sh
git
inetutils
mtr
neofetch
sysstat
tree
wget
];
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
permitRootLogin = "no";
};
networking.usePredictableInterfaceNames = false;
networking.useDHCP = false;
networking.interfaces.eth0.useDHCP = true;
system.stateVersion = "22.11"; # Did you read the comment?
system.autoUpgrade.enable = true;
}

111
systems/x86_64/sovereign/flake.nix Normal file
View file

@ -0,0 +1,111 @@
{
description = "Sovereign";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/release-23.05";
};
outputs = { self, nixpkgs, ... }@inputs: {
nixosConfigurations = {
"sovereign" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
# Import the configuration.nix we used before, so that the old configuration file can still take effect.
# Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here
# ./configuration.nix
./hardware-configuration.nix
./stoners-space.nix
({config, pkgs, ...}: {
nix = {
settings.auto-optimise-store = true;
settings.experimental-features = [ "nix-command" "flakes" ];
settings.extra-platforms = [ "aarch64-linux" ];
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
buildMachines = [{
hostName = "localhost";
systems = [ "x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin" ];
supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ];
maxJobs = 8;
}];
};
boot = {
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [ "console=ttyS0,1920n8" ];
binfmt.emulatedSystems = [ "aarch64-linux" ];
loader.grub.enable = true;
loader.grub.extraConfig = ''
serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1;
terminal_input serial;
terminal_output serial
'';
loader.grub.device = "nodev"; # or "nodev" for efi only
loader.timeout = 10;
};
networking = {
hostName = "sovereign";
firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
};
usePredictableInterfaceNames = false;
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
users.users.aaronh = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ]; # Enable sudo for the user.
packages = with pkgs; [
cargo
git
git-lfs
];
};
environment.systemPackages = with pkgs; [
acme-sh
git
git-lfs
mtr
neofetch
sysstat
tree
wget
];
security.acme.acceptTerms = true;
security.acme.defaults.email = "aaronhoneycutt@proton.me";
services.openssh = {
enable = true;
settings.PermitRootLogin = "no";
};
system = {
stateVersion = "23.05";
autoUpgrade.enable = true;
};
})
];
};
};
};
}

0
systems/x86_64/thelio-b1/.gitkeep Normal file
View file

142
systems/x86_64/thelio-b1/flake.nix Normal file
View file

@ -0,0 +1,142 @@
{
description = "Joker";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/release-23.05";
};
outputs = { self, nixpkgs, ... }@inputs: {
nixosConfigurations = {
"joker" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
# Import the configuration.nix we used before, so that the old configuration file can still take effect.
# Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here
# ./configuration.nix
./hardware-configuration.nix
({config, pkgs, ...}: {
nix = {
settings.auto-optimise-store = true;
settings.experimental-features = [ "nix-command" "flakes" ];
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
};
nixpkgs.config.allowUnfree = true;
boot = {
initrd.luks.devices = {
root = {
device = "/dev/sda";
preLVM = true;
};
};
# kernelPackages = pkgs.linuxPackages_latest;
# kernelParams = [ "console=ttyS0,1920n8" ];
binfmt.emulatedSystems = [ "aarch64-linux" ];
loader.systemd-boot.enable = true;
loader.systemd-boot.consoleMode = "0";
};
networking = {
hostName = "joker";
networkmanager.enable = true;
};
users.users.aaronh = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ]; # Enable sudo for the user.
packages = with pkgs; [
cargo
git
git-lfs
mdbook
neofetch
restic
roboto-slab
firefox
];
};
environment.systemPackages = with pkgs; [
avahi
dmidecode
libcamera
lshw
nix-index
sysstat
tree
unzip
wget
];
# GNOME
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
# Add GNOME packages
environment.systemPackages = (with pkgs; [
gnome.dconf-editor
gnome.gnome-tweaks
gnomeExtensions.appindicator
gnomeExtensions.pop-shell
gnomeExtensions.pop-launcher-super-key
]);
# Remove GNOME packages
environment.gnome.excludePackages = (with pkgs; [
epiphany # web browser
gnome.geary
gnome.gnome-software
gnome-connections
gnome-photos
gnome-tour
]);
# Services
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
services = {
fwupd.enable = true;
printing.enable = true;
openssh.enable = true;
};
services.avahi = {
enable = true;
nssmdns = true;
openFirewall = true;
};
system = {
stateVersion = "23.05";
autoUpgrade.enable = true;
};
})
];
};
};
};
}

17
systems/x86_64/thelio-nvidia.nix Normal file
View file

@ -0,0 +1,17 @@
{ config, pkgs, ... }:
{
# Name your host machine
networking.hostName = "thelio-b1";
# System76
hardware.system76.enableAll = true;
# NVIDIA
services.xserver.videoDrivers = [ "nvidia" ];
hardware.opengl.enable = true;
hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable;
# Allow Unfree
nixpkgs.config.allowUnfree = true;
}

0
systems/x86_64/vm/.gitkeep Normal file
View file

140
systems/x86_64/vm/flake.nix Normal file
View file

@ -0,0 +1,140 @@
{
description = "nixos-vm";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
};
outputs = { self, nixpkgs, ... }@inputs: {
nixosConfigurations = {
"nixos-vm" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
# Import the configuration.nix we used before, so that the old configuration file can still take effect.
# Note: /etc/nixos/configuration.nix itself is also a Nix Module, so you can import it directly here
# ./configuration.nix
./hardware-configuration.nix
({config, pkgs, ...}: {
nix = {
settings.auto-optimise-store = true;
settings.experimental-features = [ "nix-command" "flakes" ];
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
};
nixpkgs.config.allowUnfree = true;
boot = {
initrd.luks.devices = {
root = {
device = "/dev/sda";
preLVM = true;
};
};
# kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [ "console=ttyS0,1920n8" ];
binfmt.emulatedSystems = [ "aarch64-linux" ];
loader.systemd-boot.enable = true;
loader.systemd-boot.consoleMode = "0";
};
networking = {
hostName = "nixos-vm";
networkmanager.enable = true;
};
users.users.aaronh = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ]; # Enable sudo for the user.
packages = with pkgs; [
cargo
git
git-lfs
mdbook
neofetch
restic
roboto-slab
firefox
];
};
# GNOME
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
environment.systemPackages = (with pkgs; [
avahi
dmidecode
libcamera
lshw
nix-index
sysstat
tree
unzip
wget
# Add GNOME packages
gnome.dconf-editor
gnome.gnome-tweaks
gnomeExtensions.appindicator
gnomeExtensions.pop-shell
gnomeExtensions.pop-launcher-super-key
]);
# Remove GNOME packages
environment.gnome.excludePackages = (with pkgs; [
epiphany # web browser
gnome.geary
gnome.gnome-software
gnome-connections
gnome-photos
gnome-tour
]);
# Services
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
services = {
fwupd.enable = true;
printing.enable = true;
openssh.enable = true;
};
services.avahi = {
enable = true;
nssmdns = true;
openFirewall = true;
};
system = {
stateVersion = "23.05";
autoUpgrade.enable = true;
};
})
];
};
};
};
}

5
web/ahoneybun-net.nix
View file

@ -1,9 +1,6 @@
{ config, pkgs, ... }:
{
security.acme.acceptTerms = true;
security.acme.defaults.email = "aaronhoneycutt@proton.me";
services.nginx = {
enable = true;
virtualHosts = {
@ -11,7 +8,7 @@
forceSSL = true;
enableACME = true;
locations."/" = {
root = "/var/www";
root = "/var/www/ahoneybun-net/_site";
};
};
};

29
web/mc-ahoneybun-net.nix Normal file
View file

@ -0,0 +1,29 @@
{ config, pkgs, ... }:
{
services.minecraft-server = {
enable = true;
eula = true;
openFirewall = true;
declarative = true;
# see here for more info: https://minecraft.gamepedia.com/Server.properties#server.properties
serverProperties = {
server-port = 25565;
gamemode = "survival";
motd = "NixOS Minecraft server";
max-players = 5;
enable-rcon = true;
enable-query = true;
# This password can be used to administer your minecraft server.
# Exact details as to how will be explained later. If you want
# you can replace this with another password.
# rcon.password = "hunter2";
# query.port = 25565;
level-seed = "10292992";
};
};
# enable closed source packages such as the minecraft server
nixpkgs.config.allowUnfree = true;
}