Major cleanup

flake.nix

@@ -109,35 +109,10 @@
               })
           ];
         };
-
-        shanghai = nixpkgs-stable.lib.nixosSystem {
-          system = "x86_64-linux";
-          specialArgs = { inherit inputs; };
-          modules = [
-            ./hosts/servers/shanghai.nix
-            agenix.nixosModules.default
-            self.nixosModules.qbittorrent
-            ({ config, pkgs, ... }:
-              let
-                unstable-overlay = final: prev: {
-                  unstable = nixpkgs.legacyPackages.x86_64-linux;
-                };
-              in {
-                nixpkgs.overlays = [ unstable-overlay agenix.overlays.default ];
-                imports = [ ];
-              })
-          ];
-        };
       };
 
-      # packages."x86_64-linux" = {
-      #   chromeos-ectool = nixpkgs.legacyPackages."x86_64-linux".callPackage
-      #     ./packages/chromeos-ectool.nix { };
-      # };
-
       overlays = {
         custom = final: prev: {
-          # inherit (self.packages."x86_64-linux") chromeos-ectool;
           chromeos-ectool = nixpkgs.legacyPackages."x86_64-linux".callPackage
             ./packages/chromeos-ectool.nix { };
           plasticity = nixpkgs.legacyPackages."x86_64-linux".callPackage
@@ -162,19 +137,6 @@
             };
           };
 
-          shanghai = {
-            hostname = "shanghai";
-            profiles = {
-              system = {
-                user = "root";
-                sshUser = "root";
-                remoteBuild = true;
-                plath = deploy-rs.lib.x86_64-linux.activate.nixos
-                  self.nixosConfigurations.shanghai;
-              };
-            };
-          };
-
           io = {
             hostname = "io";
             profiles = {

hosts/common/boot.nix

@@ -9,6 +9,11 @@
         enable = true;
         editor = false;
         consoleMode = "max";
+        sortKey = "aa";
+        netbootxyz = {
+          enable = true;
+          sortKey = "zz";
+        };
       };
     };
   };

hosts/common/default.nix

@@ -13,5 +13,6 @@
     ./users.nix
     ./virtualisation.nix
     ./stylix.nix
+    ./environment.nix
   ];
 }

hosts/common/environment.nix

@@ -0,0 +1,9 @@
+{ ... }:
+
+{
+  environment.shellAliases = {
+    neofetch = "fastfetch";
+    syscleanup =
+      "sudo nix-collect-garbage -d; sudo /run/current-system/bin/switch-to-configuration boot";
+  };
+}

hosts/common/packages.nix

@@ -7,9 +7,9 @@
     agenix
     bind
     btop
+    fastfetch
     git
     helix
-    neofetch
     sysz
     tmux
     tree

hosts/common/services.nix

@@ -6,5 +6,12 @@
     fstrim.enable = true;
     tailscale.enable = true;
     openssh.enable = true;
+    keyd = {
+      enable = true;
+      keyboards.all = {
+        ids = [ "*" ];
+        settings.main.capslock = "overload(meta, esc)";
+      };
+    };
   };
 }

hosts/desktops/common/boot.nix

@@ -4,16 +4,7 @@
   boot = {
     plymouth.enable = true;
     initrd.systemd.enable = true;
-    loader = {
-      efi.efiSysMountPoint = "/boot/efi";
-      systemd-boot = {
-        sortKey = "aa";
-        netbootxyz = {
-          enable = true;
-          sortKey = "zz";
-        };
-      };
-    };
+    loader.efi.efiSysMountPoint = "/boot/efi";
     kernelPackages = pkgs.linuxPackages_xanmod_latest;
     extraModprobeConfig = ''
       options bluetooth disable_ertm=1

hosts/desktops/common/hardware.nix

@@ -4,7 +4,7 @@
   hardware = {
     xpadneo.enable = true;
     bluetooth.enable = true;
-    pulseaudio.enable = false; # Use pipewire instead
+    pulseaudio.enable = false;
     steam-hardware.enable = true; # Allow steam client to manage controllers
     graphics.enable32Bit = true; # For OpenGL games
     i2c.enable = true;

hosts/desktops/common/packages.nix

@@ -34,6 +34,7 @@ in {
       krita
       libfido2
       libreoffice-qt
+      lilipod
       mangohud
       microsoft-edge
       mission-center
@@ -92,7 +93,7 @@ in {
     };
     nh = {
       enable = true;
-      flake = "/home/user/Projects/nix-config";
+      flake = "/home/user/Projects/personal/nix-config";
     };
   };
 

hosts/desktops/common/services.nix

@@ -2,10 +2,7 @@
 
 {
   services = {
-    printing = {
-      enable = true;
-      drivers = with pkgs; [ epson-escpr ];
-    };
+    printing.enable = true;
     udev.packages = with pkgs; [ yubikey-personalization ];
     desktopManager.plasma6.enable = true;
     nginx = {

hosts/desktops/rotterdam.nix

@@ -46,13 +46,10 @@ in {
     keyd = {
       enable = true;
       keyboards.main = {
-        ids = [ "*" ];
-        settings = {
-          main = { esc = "overload(meta, esc)"; };
-          shift = {
-            leftshift = "capslock";
-            rightshift = "capslock";
-          };
+        ids = [ "5653:0001" ];
+        settings.main = {
+          esc = "overload(meta, esc)";
+          shift = "oneshot(shift)";
         };
       };
     };
@@ -70,11 +67,13 @@ in {
     kernelParams = [
       "processor.max_cstate=1" # Fixes bug where ryzen cpus freeze when in highest C state
       "clearcpuid=514"
+      # Fixes amdgpu freezing
       "amdgpu.noretry=0"
       "amdgpu.ppfeaturemask=0xfffd3fff"
       "amdgpu.gpu_recovery=1"
       "amdgpu.lockup_timeout=1000"
     ];
+    # QubesOS boot entry
     loader.systemd-boot = {
       extraFiles = {
         "efi/edk2-shell/shell.efi" = "${pkgs.edk2-uefi-shell}/shell.efi";

hosts/servers/alexandria/actual.nix

@@ -1,18 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-{
-  virtualisation.oci-containers.containers."actual" = {
-    image = "docker.io/actualbudget/actual-server:latest";
-    ports = [ "${config.ports.actual}:5006" ];
-    volumes = [ "/data/actual:/data" ];
-    extraOptions =
-      [ "--pull=newer" "--label=io.containers.autoupdate=registry" ];
-  };
-
-  services.nginx.virtualHosts."actual.baduhai.dev" = {
-    useACMEHost = "baduhai.dev";
-    forceSSL = true;
-    kTLS = true;
-    locations."/".proxyPass = "http://127.0.0.1:${config.ports.actual}";
-  };
-}

hosts/servers/alexandria/arr.nix

@@ -1,66 +0,0 @@
-{ inputs, config, pkgs, lib, ... }:
-
-{
-  services = {
-    bazarr = {
-      enable = true;
-      user = "user";
-      group = "hosted";
-    };
-
-    jackett.enable = true;
-
-    qbittorrent = {
-      enable = true;
-      user = "user";
-      group = "hosted";
-      port = lib.toInt "${config.ports.qbittorrent}";
-    };
-
-    radarr = {
-      enable = true;
-      user = "user";
-      group = "hosted";
-    };
-
-    sonarr = {
-      enable = true;
-      user = "user";
-      group = "hosted";
-    };
-
-    nginx.virtualHosts = {
-      "bazarr.baduhai.dev" = {
-        useACMEHost = "baduhai.dev";
-        forceSSL = true;
-        kTLS = true;
-        locations."/".proxyPass = "http://127.0.0.1:${config.ports.bazaar}";
-      };
-      "jackett.baduhai.dev" = {
-        useACMEHost = "baduhai.dev";
-        forceSSL = true;
-        kTLS = true;
-        locations."/".proxyPass = "http://127.0.0.1:${config.ports.jackett}";
-      };
-      "qbittorrent.baduhai.dev" = {
-        useACMEHost = "baduhai.dev";
-        forceSSL = true;
-        kTLS = true;
-        locations."/".proxyPass =
-          "http://127.0.0.1:${config.ports.qbittorrent}";
-      };
-      "radarr.baduhai.dev" = {
-        useACMEHost = "baduhai.dev";
-        forceSSL = true;
-        kTLS = true;
-        locations."/".proxyPass = "http://127.0.0.1:${config.ports.radarr}";
-      };
-      "sonarr.baduhai.dev" = {
-        useACMEHost = "baduhai.dev";
-        forceSSL = true;
-        kTLS = true;
-        locations."/".proxyPass = "http://127.0.0.1:${config.ports.sonarr}";
-      };
-    };
-  };
-}

hosts/servers/alexandria/default.nix

@@ -2,8 +2,6 @@
 
 {
   imports = [
-    ./actual.nix
-    ./arr.nix
     ./changedetection.nix
     ./cinny.nix
     ./hardware-configuration.nix

hosts/servers/alexandria/matrix.nix

@@ -1,48 +0,0 @@
-{ inputs, config, pkgs, lib, ... }:
-
-{
-  services = {
-    matrix-conduit = {
-      enable = true;
-      extraEnvironment = { RUST_MIN_STACK = "16777216"; };
-      package = pkgs.unstable.matrix-conduit;
-      settings.global = {
-        server_name = "baduhai.dev";
-        address = "127.0.0.1";
-        port = 6167;
-        max_request_size = 20000000;
-        allow_registration = true;
-        allow_encryption = false;
-        allow_federation = false;
-      };
-    };
-
-    nginx.virtualHosts."matrix.baduhai.dev" = {
-      useACMEHost = "baduhai.dev";
-      forceSSL = true;
-      kTLS = true;
-      locations."/".proxyPass = "http://127.0.0.1:${config.ports.cinny2}";
-      locations."/_matrix/".proxyPass = "http://127.0.0.1:6167$request_uri";
-      locations."= /.well-known/matrix/client" = {
-        alias = pkgs.writeText "matrix-wk-client" ''
-          { "m.homeserver": { "base_url": "https://matrix.baduhai.dev" } }
-        '';
-        extraConfig = "add_header Access-Control-Allow-Origin *;";
-      };
-      locations."= /.well-known/matrix/server" = {
-        alias = pkgs.writeText "matrix-wk-server" ''
-          { "m.server": "matrix.baduhai.dev:443" }
-        '';
-        extraConfig = "add_header Access-Control-Allow-Origin *;";
-      };
-    };
-  };
-
-  virtualisation.oci-containers.containers."cinny2" = {
-    image = "ghcr.io/cinnyapp/cinny:latest";
-    ports = [ "${config.ports.cinny2}:80" ];
-    environment = { TZ = "America/Bahia"; };
-    volumes = [ "/data/matrix/cinny-config.json:/app/config.json" ];
-    extraOptions = [ "--pull=always" ];
-  };
-}

hosts/servers/alexandria/node-red.nix

@@ -1,20 +0,0 @@
-{ inputs, config, pkgs, lib, ... }:
-
-{
-  services = {
-    node-red = {
-      enable = true;
-      group = "hosted";
-      withNpmAndGcc = true;
-      userDir = "/data/node-red";
-    };
-
-    nginx.virtualHosts."node-red.baduhai.dev" = {
-      useACMEHost = "baduhai.dev";
-      forceSSL = true;
-      kTLS = true;
-      locations."/".proxyPass =
-        "http://127.0.0.1:${builtins.toString config.services.node-red.port}";
-    };
-  };
-}

hosts/servers/alexandria/users.nix

@@ -6,7 +6,7 @@
     groups = {
       hosted = {
         gid = 1005;
-        members = [ "user" "shiori" "minecraft" "paperless" "vaultwarden" ];
+        members = [ "user" "minecraft" "paperless" "vaultwarden" ];
       };
     };
   };

hosts/servers/shanghai.nix

@@ -1,25 +0,0 @@
-{ ... }:
-
-{
-  imports = [
-    # Host-common imports
-    ../common
-    # Server-common imports
-    ./common
-    # Host-specific imports
-    ./shanghai
-  ];
-
-  nix.nixPath = [ "nixos-config=${./shanghai.nix}" ];
-
-  networking = {
-    hostName = "shanghai";
-    firewall = {
-      allowedTCPPorts = [ 25565 ];
-      allowedUDPPorts = [ 25565 ];
-    };
-    nftables.enable = true;
-  };
-
-  zramSwap.enable = true;
-}

hosts/servers/shanghai/default.nix

@@ -1,5 +0,0 @@
-{ ... }:
-
-{
-  imports = [ ./hardware-configuration.nix ];
-}

hosts/servers/shanghai/hardware-configuration.nix

@@ -1,22 +0,0 @@
-{ modulesPath, ... }:
-
-{
-  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
-
-  boot.initrd = {
-    availableKernelModules =
-      [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
-    kernelModules = [ "nvme" ];
-  };
-
-  fileSystems = {
-    "/" = {
-      device = "/dev/sda4";
-      fsType = "xfs";
-    };
-    "/boot" = {
-      device = "/dev/disk/by-uuid/14EF-4002";
-      fsType = "vfat";
-    };
-  };
-}

readme.md

@@ -2,6 +2,6 @@ All my personal Nix and NixOS hosts, in a flake.
 
 |Host|Description|Nixpkgs version|
 |:---|:---:|---:|
-|alexandria|Personal server/NAS|23.05|
+|alexandria|Personal server/NAS|24.05|
 |io|Mobile workstation|unstable|
 |rotterdam|Workstation|unstable|

secrets/secrets.nix

@@ -15,11 +15,8 @@ let
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK95QueW+jp1ZmF299Xr3XkgHJ6dL7aZVsfWxqbOKVKA";
   alexandria = [ alexandria-host ];
 
-  taipei-host = "";
-  taipei = [ taipei-host ];
-
   desktops = io ++ rotterdam;
-  servers = alexandria ++ taipei;
+  servers = alexandria;
   all-hosts = desktops ++ servers;
 in {
   "nextcloud-secrets.json.age".publicKeys = all-hosts;

users/common/programs.nix

@@ -166,7 +166,6 @@
         tsh = "ssh -o RequestTTY=yes $argv tmux -u -CC new -A -s tmux-main";
       };
       shellInit = ''
-        set -g -x NNN_OPTS H
         set -g -x FONTCONFIG_FILE ${pkgs.fontconfig.out}/etc/fonts/fonts.conf
       '';
       plugins = [

users/desktops/common/programs.nix

@@ -3,14 +3,6 @@
 {
   fonts.fontconfig.enable = true;
 
-  gtk = {
-    enable = true;
-    font = {
-      name = "Inter";
-      size = 10;
-    };
-  };
-
   programs = {
     password-store.package = pkgs.pass-wayland;
 
@@ -27,14 +19,10 @@
 
     fish = {
       functions = {
-        sysrebuild =
-          "nh os switch --ask /home/user/Projects/personal/nix-config";
-        sysrebuild-boot =
-          "nh os boot --ask /home/user/Projects/personal/nix-config";
+        sysrebuild = "nh os switch --ask";
+        sysrebuild-boot = "nh os boot --ask";
         sysupdate =
           "nix flake update --commit-lock-file /home/user/Projects/personal/nix-config";
-        syscleanup =
-          "sudo nix-collect-garbage -d; sudo /run/current-system/bin/switch-to-configuration boot";
         code = ''
           wezterm cli split-pane --top --percent=75 -- hx
           wezterm cli activate-pane-direction up