diff --git a/flake.nix b/flake.nix index 7f285f7..304d53c 100644 --- a/flake.nix +++ b/flake.nix @@ -109,35 +109,10 @@ }) ]; }; - - shanghai = nixpkgs-stable.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - ./hosts/servers/shanghai.nix - agenix.nixosModules.default - self.nixosModules.qbittorrent - ({ config, pkgs, ... }: - let - unstable-overlay = final: prev: { - unstable = nixpkgs.legacyPackages.x86_64-linux; - }; - in { - nixpkgs.overlays = [ unstable-overlay agenix.overlays.default ]; - imports = [ ]; - }) - ]; - }; }; - # packages."x86_64-linux" = { - # chromeos-ectool = nixpkgs.legacyPackages."x86_64-linux".callPackage - # ./packages/chromeos-ectool.nix { }; - # }; - overlays = { custom = final: prev: { - # inherit (self.packages."x86_64-linux") chromeos-ectool; chromeos-ectool = nixpkgs.legacyPackages."x86_64-linux".callPackage ./packages/chromeos-ectool.nix { }; plasticity = nixpkgs.legacyPackages."x86_64-linux".callPackage @@ -162,19 +137,6 @@ }; }; - shanghai = { - hostname = "shanghai"; - profiles = { - system = { - user = "root"; - sshUser = "root"; - remoteBuild = true; - plath = deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.shanghai; - }; - }; - }; - io = { hostname = "io"; profiles = { diff --git a/hosts/common/boot.nix b/hosts/common/boot.nix index 54b37f2..0ce7f2f 100644 --- a/hosts/common/boot.nix +++ b/hosts/common/boot.nix @@ -9,6 +9,11 @@ enable = true; editor = false; consoleMode = "max"; + sortKey = "aa"; + netbootxyz = { + enable = true; + sortKey = "zz"; + }; }; }; }; diff --git a/hosts/common/default.nix b/hosts/common/default.nix index 21b8dfc..4b64078 100644 --- a/hosts/common/default.nix +++ b/hosts/common/default.nix @@ -13,5 +13,6 @@ ./users.nix ./virtualisation.nix ./stylix.nix + ./environment.nix ]; } diff --git a/hosts/common/environment.nix b/hosts/common/environment.nix new file mode 100644 index 0000000..3cca583 --- /dev/null +++ b/hosts/common/environment.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + environment.shellAliases = { + neofetch = "fastfetch"; + syscleanup = + "sudo nix-collect-garbage -d; sudo /run/current-system/bin/switch-to-configuration boot"; + }; +} diff --git a/hosts/common/packages.nix b/hosts/common/packages.nix index d2e330b..90e2388 100644 --- a/hosts/common/packages.nix +++ b/hosts/common/packages.nix @@ -7,9 +7,9 @@ agenix bind btop + fastfetch git helix - neofetch sysz tmux tree diff --git a/hosts/common/services.nix b/hosts/common/services.nix index e35b37c..7d66d14 100644 --- a/hosts/common/services.nix +++ b/hosts/common/services.nix @@ -6,5 +6,12 @@ fstrim.enable = true; tailscale.enable = true; openssh.enable = true; + keyd = { + enable = true; + keyboards.all = { + ids = [ "*" ]; + settings.main.capslock = "overload(meta, esc)"; + }; + }; }; } diff --git a/hosts/desktops/common/boot.nix b/hosts/desktops/common/boot.nix index 62e53a4..19ba815 100644 --- a/hosts/desktops/common/boot.nix +++ b/hosts/desktops/common/boot.nix @@ -4,16 +4,7 @@ boot = { plymouth.enable = true; initrd.systemd.enable = true; - loader = { - efi.efiSysMountPoint = "/boot/efi"; - systemd-boot = { - sortKey = "aa"; - netbootxyz = { - enable = true; - sortKey = "zz"; - }; - }; - }; + loader.efi.efiSysMountPoint = "/boot/efi"; kernelPackages = pkgs.linuxPackages_xanmod_latest; extraModprobeConfig = '' options bluetooth disable_ertm=1 diff --git a/hosts/desktops/common/hardware.nix b/hosts/desktops/common/hardware.nix index 0ca1b24..b81beb4 100644 --- a/hosts/desktops/common/hardware.nix +++ b/hosts/desktops/common/hardware.nix @@ -4,7 +4,7 @@ hardware = { xpadneo.enable = true; bluetooth.enable = true; - pulseaudio.enable = false; # Use pipewire instead + pulseaudio.enable = false; steam-hardware.enable = true; # Allow steam client to manage controllers graphics.enable32Bit = true; # For OpenGL games i2c.enable = true; diff --git a/hosts/desktops/common/packages.nix b/hosts/desktops/common/packages.nix index fd2df50..3e9e696 100644 --- a/hosts/desktops/common/packages.nix +++ b/hosts/desktops/common/packages.nix @@ -34,6 +34,7 @@ in { krita libfido2 libreoffice-qt + lilipod mangohud microsoft-edge mission-center @@ -92,7 +93,7 @@ in { }; nh = { enable = true; - flake = "/home/user/Projects/nix-config"; + flake = "/home/user/Projects/personal/nix-config"; }; }; diff --git a/hosts/desktops/common/services.nix b/hosts/desktops/common/services.nix index 40a0546..d130be9 100644 --- a/hosts/desktops/common/services.nix +++ b/hosts/desktops/common/services.nix @@ -2,10 +2,7 @@ { services = { - printing = { - enable = true; - drivers = with pkgs; [ epson-escpr ]; - }; + printing.enable = true; udev.packages = with pkgs; [ yubikey-personalization ]; desktopManager.plasma6.enable = true; nginx = { diff --git a/hosts/desktops/rotterdam.nix b/hosts/desktops/rotterdam.nix index d640895..92740db 100644 --- a/hosts/desktops/rotterdam.nix +++ b/hosts/desktops/rotterdam.nix @@ -46,13 +46,10 @@ in { keyd = { enable = true; keyboards.main = { - ids = [ "*" ]; - settings = { - main = { esc = "overload(meta, esc)"; }; - shift = { - leftshift = "capslock"; - rightshift = "capslock"; - }; + ids = [ "5653:0001" ]; + settings.main = { + esc = "overload(meta, esc)"; + shift = "oneshot(shift)"; }; }; }; @@ -70,11 +67,13 @@ in { kernelParams = [ "processor.max_cstate=1" # Fixes bug where ryzen cpus freeze when in highest C state "clearcpuid=514" + # Fixes amdgpu freezing "amdgpu.noretry=0" "amdgpu.ppfeaturemask=0xfffd3fff" "amdgpu.gpu_recovery=1" "amdgpu.lockup_timeout=1000" ]; + # QubesOS boot entry loader.systemd-boot = { extraFiles = { "efi/edk2-shell/shell.efi" = "${pkgs.edk2-uefi-shell}/shell.efi"; diff --git a/hosts/servers/alexandria/actual.nix b/hosts/servers/alexandria/actual.nix deleted file mode 100644 index 6f953ef..0000000 --- a/hosts/servers/alexandria/actual.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ config, pkgs, lib, ... }: - -{ - virtualisation.oci-containers.containers."actual" = { - image = "docker.io/actualbudget/actual-server:latest"; - ports = [ "${config.ports.actual}:5006" ]; - volumes = [ "/data/actual:/data" ]; - extraOptions = - [ "--pull=newer" "--label=io.containers.autoupdate=registry" ]; - }; - - services.nginx.virtualHosts."actual.baduhai.dev" = { - useACMEHost = "baduhai.dev"; - forceSSL = true; - kTLS = true; - locations."/".proxyPass = "http://127.0.0.1:${config.ports.actual}"; - }; -} diff --git a/hosts/servers/alexandria/arr.nix b/hosts/servers/alexandria/arr.nix deleted file mode 100644 index 8ea97e7..0000000 --- a/hosts/servers/alexandria/arr.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ inputs, config, pkgs, lib, ... }: - -{ - services = { - bazarr = { - enable = true; - user = "user"; - group = "hosted"; - }; - - jackett.enable = true; - - qbittorrent = { - enable = true; - user = "user"; - group = "hosted"; - port = lib.toInt "${config.ports.qbittorrent}"; - }; - - radarr = { - enable = true; - user = "user"; - group = "hosted"; - }; - - sonarr = { - enable = true; - user = "user"; - group = "hosted"; - }; - - nginx.virtualHosts = { - "bazarr.baduhai.dev" = { - useACMEHost = "baduhai.dev"; - forceSSL = true; - kTLS = true; - locations."/".proxyPass = "http://127.0.0.1:${config.ports.bazaar}"; - }; - "jackett.baduhai.dev" = { - useACMEHost = "baduhai.dev"; - forceSSL = true; - kTLS = true; - locations."/".proxyPass = "http://127.0.0.1:${config.ports.jackett}"; - }; - "qbittorrent.baduhai.dev" = { - useACMEHost = "baduhai.dev"; - forceSSL = true; - kTLS = true; - locations."/".proxyPass = - "http://127.0.0.1:${config.ports.qbittorrent}"; - }; - "radarr.baduhai.dev" = { - useACMEHost = "baduhai.dev"; - forceSSL = true; - kTLS = true; - locations."/".proxyPass = "http://127.0.0.1:${config.ports.radarr}"; - }; - "sonarr.baduhai.dev" = { - useACMEHost = "baduhai.dev"; - forceSSL = true; - kTLS = true; - locations."/".proxyPass = "http://127.0.0.1:${config.ports.sonarr}"; - }; - }; - }; -} diff --git a/hosts/servers/alexandria/default.nix b/hosts/servers/alexandria/default.nix index 808c15e..51f947c 100644 --- a/hosts/servers/alexandria/default.nix +++ b/hosts/servers/alexandria/default.nix @@ -2,8 +2,6 @@ { imports = [ - ./actual.nix - ./arr.nix ./changedetection.nix ./cinny.nix ./hardware-configuration.nix diff --git a/hosts/servers/alexandria/matrix.nix b/hosts/servers/alexandria/matrix.nix deleted file mode 100644 index 2cd0426..0000000 --- a/hosts/servers/alexandria/matrix.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ inputs, config, pkgs, lib, ... }: - -{ - services = { - matrix-conduit = { - enable = true; - extraEnvironment = { RUST_MIN_STACK = "16777216"; }; - package = pkgs.unstable.matrix-conduit; - settings.global = { - server_name = "baduhai.dev"; - address = "127.0.0.1"; - port = 6167; - max_request_size = 20000000; - allow_registration = true; - allow_encryption = false; - allow_federation = false; - }; - }; - - nginx.virtualHosts."matrix.baduhai.dev" = { - useACMEHost = "baduhai.dev"; - forceSSL = true; - kTLS = true; - locations."/".proxyPass = "http://127.0.0.1:${config.ports.cinny2}"; - locations."/_matrix/".proxyPass = "http://127.0.0.1:6167$request_uri"; - locations."= /.well-known/matrix/client" = { - alias = pkgs.writeText "matrix-wk-client" '' - { "m.homeserver": { "base_url": "https://matrix.baduhai.dev" } } - ''; - extraConfig = "add_header Access-Control-Allow-Origin *;"; - }; - locations."= /.well-known/matrix/server" = { - alias = pkgs.writeText "matrix-wk-server" '' - { "m.server": "matrix.baduhai.dev:443" } - ''; - extraConfig = "add_header Access-Control-Allow-Origin *;"; - }; - }; - }; - - virtualisation.oci-containers.containers."cinny2" = { - image = "ghcr.io/cinnyapp/cinny:latest"; - ports = [ "${config.ports.cinny2}:80" ]; - environment = { TZ = "America/Bahia"; }; - volumes = [ "/data/matrix/cinny-config.json:/app/config.json" ]; - extraOptions = [ "--pull=always" ]; - }; -} diff --git a/hosts/servers/alexandria/node-red.nix b/hosts/servers/alexandria/node-red.nix deleted file mode 100644 index 5a87370..0000000 --- a/hosts/servers/alexandria/node-red.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ inputs, config, pkgs, lib, ... }: - -{ - services = { - node-red = { - enable = true; - group = "hosted"; - withNpmAndGcc = true; - userDir = "/data/node-red"; - }; - - nginx.virtualHosts."node-red.baduhai.dev" = { - useACMEHost = "baduhai.dev"; - forceSSL = true; - kTLS = true; - locations."/".proxyPass = - "http://127.0.0.1:${builtins.toString config.services.node-red.port}"; - }; - }; -} diff --git a/hosts/servers/alexandria/users.nix b/hosts/servers/alexandria/users.nix index c00b8b0..ac234b8 100644 --- a/hosts/servers/alexandria/users.nix +++ b/hosts/servers/alexandria/users.nix @@ -6,7 +6,7 @@ groups = { hosted = { gid = 1005; - members = [ "user" "shiori" "minecraft" "paperless" "vaultwarden" ]; + members = [ "user" "minecraft" "paperless" "vaultwarden" ]; }; }; }; diff --git a/hosts/servers/shanghai.nix b/hosts/servers/shanghai.nix deleted file mode 100644 index afd0eb2..0000000 --- a/hosts/servers/shanghai.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ ... }: - -{ - imports = [ - # Host-common imports - ../common - # Server-common imports - ./common - # Host-specific imports - ./shanghai - ]; - - nix.nixPath = [ "nixos-config=${./shanghai.nix}" ]; - - networking = { - hostName = "shanghai"; - firewall = { - allowedTCPPorts = [ 25565 ]; - allowedUDPPorts = [ 25565 ]; - }; - nftables.enable = true; - }; - - zramSwap.enable = true; -} diff --git a/hosts/servers/shanghai/default.nix b/hosts/servers/shanghai/default.nix deleted file mode 100644 index 704aaf0..0000000 --- a/hosts/servers/shanghai/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ ... }: - -{ - imports = [ ./hardware-configuration.nix ]; -} diff --git a/hosts/servers/shanghai/hardware-configuration.nix b/hosts/servers/shanghai/hardware-configuration.nix deleted file mode 100644 index e5f757a..0000000 --- a/hosts/servers/shanghai/hardware-configuration.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ modulesPath, ... }: - -{ - imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - - boot.initrd = { - availableKernelModules = - [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; - kernelModules = [ "nvme" ]; - }; - - fileSystems = { - "/" = { - device = "/dev/sda4"; - fsType = "xfs"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/14EF-4002"; - fsType = "vfat"; - }; - }; -} diff --git a/readme.md b/readme.md index c6918e2..f19ab12 100644 --- a/readme.md +++ b/readme.md @@ -2,6 +2,6 @@ All my personal Nix and NixOS hosts, in a flake. |Host|Description|Nixpkgs version| |:---|:---:|---:| -|alexandria|Personal server/NAS|23.05| +|alexandria|Personal server/NAS|24.05| |io|Mobile workstation|unstable| |rotterdam|Workstation|unstable| diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 7d28fd9..5faa985 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -15,11 +15,8 @@ let "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK95QueW+jp1ZmF299Xr3XkgHJ6dL7aZVsfWxqbOKVKA"; alexandria = [ alexandria-host ]; - taipei-host = ""; - taipei = [ taipei-host ]; - desktops = io ++ rotterdam; - servers = alexandria ++ taipei; + servers = alexandria; all-hosts = desktops ++ servers; in { "nextcloud-secrets.json.age".publicKeys = all-hosts; diff --git a/users/common/programs.nix b/users/common/programs.nix index 88a5354..8c307a6 100644 --- a/users/common/programs.nix +++ b/users/common/programs.nix @@ -166,7 +166,6 @@ tsh = "ssh -o RequestTTY=yes $argv tmux -u -CC new -A -s tmux-main"; }; shellInit = '' - set -g -x NNN_OPTS H set -g -x FONTCONFIG_FILE ${pkgs.fontconfig.out}/etc/fonts/fonts.conf ''; plugins = [ diff --git a/users/desktops/common/programs.nix b/users/desktops/common/programs.nix index 4f2461c..b80e538 100644 --- a/users/desktops/common/programs.nix +++ b/users/desktops/common/programs.nix @@ -3,14 +3,6 @@ { fonts.fontconfig.enable = true; - gtk = { - enable = true; - font = { - name = "Inter"; - size = 10; - }; - }; - programs = { password-store.package = pkgs.pass-wayland; @@ -27,14 +19,10 @@ fish = { functions = { - sysrebuild = - "nh os switch --ask /home/user/Projects/personal/nix-config"; - sysrebuild-boot = - "nh os boot --ask /home/user/Projects/personal/nix-config"; + sysrebuild = "nh os switch --ask"; + sysrebuild-boot = "nh os boot --ask"; sysupdate = "nix flake update --commit-lock-file /home/user/Projects/personal/nix-config"; - syscleanup = - "sudo nix-collect-garbage -d; sudo /run/current-system/bin/switch-to-configuration boot"; code = '' wezterm cli split-pane --top --percent=75 -- hx wezterm cli activate-pane-direction up