diff options
| author | Mark Nipper <nipsy@bitgnome.net> | 2025-06-02 20:42:23 -0700 | 
|---|---|---|
| committer | Mark Nipper <nipsy@bitgnome.net> | 2025-06-02 20:42:23 -0700 | 
| commit | 7482e4098518c20050062eb70836f3753d60520c (patch) | |
| tree | e2c1a2d4ed8390b1e9d7645631e14dbdc04f3d03 | |
| parent | 1b96f473780541fe4f801e38f7d6e3c70f5700b7 (diff) | |
| download | nix-7482e4098518c20050062eb70836f3753d60520c.tar nix-7482e4098518c20050062eb70836f3753d60520c.tar.gz nix-7482e4098518c20050062eb70836f3753d60520c.tar.bz2 nix-7482e4098518c20050062eb70836f3753d60520c.tar.lz nix-7482e4098518c20050062eb70836f3753d60520c.tar.xz nix-7482e4098518c20050062eb70836f3753d60520c.tar.zst nix-7482e4098518c20050062eb70836f3753d60520c.zip | |
Add new host caladan
Diffstat (limited to '')
| -rw-r--r-- | flake.nix | 28 | ||||
| -rw-r--r-- | home/nipsy/caladan.nix | 58 | ||||
| -rw-r--r-- | home/root/caladan.nix | 14 | ||||
| -rw-r--r-- | hosts/caladan/default.nix | 150 | ||||
| -rw-r--r-- | hosts/caladan/disks.nix | 132 | ||||
| -rw-r--r-- | hosts/caladan/hardware-configuration.nix | 57 | ||||
| -rw-r--r-- | hosts/caladan/services.nix | 35 | 
7 files changed, 474 insertions, 0 deletions
| @@ -100,6 +100,34 @@          ];        }; +      caladan = nixpkgs.lib.nixosSystem { +        specialArgs = { inherit inputs outputs; }; +        modules = [ +          #{ +          #  environment.systemPackages = [ +          #    ghostty.packages.x86_64-linux.default +          #  ]; +          #} +          #({ config, pkgs, ... }: +          #  let +          #    overlay-dict-pr367392 = final: prev: { +          #      dict = nixpkgs-pr367392.legacyPackages."x86_64-linux".dict; +          #    }; +          #  in { +          #    nixpkgs.overlays = [ overlay-dict-pr367392 ]; +          #  } +          #) +          disko.nixosModules.disko +          ./hosts/caladan +          home-manager.nixosModules.home-manager { +            #home-manager.sharedModules = [ sops-nix.homeManagerModules.sops ]; +            home-manager.users.root = import ./home/root/caladan.nix; +            home-manager.users.nipsy = import ./home/nipsy/caladan.nix; +          } +          #sops-nix.nixosModules.sops +        ]; +      }; +        darkstar = nixpkgs.lib.nixosSystem {          specialArgs = { inherit inputs outputs; };          modules = [ diff --git a/home/nipsy/caladan.nix b/home/nipsy/caladan.nix new file mode 100644 index 0000000..49f84a7 --- /dev/null +++ b/home/nipsy/caladan.nix @@ -0,0 +1,58 @@ +{ inputs, lib, pkgs, config, outputs, ... }: +{ +  imports = [ +    common/core +    common/optional/desktops +    common/optional/desktops/services/xscreensaver.nix +    #inputs.sops-nix.homeManagerModules.sops +  ]; + +  home.file = { +    #".mailcap".text = '' +    #  #application/msword; antiword -rs '%s'; copiousoutput; description=Microsoft Word Document +    #  application/pdf; pdftotext '%s' -; copiousoutput; description=Adobe Portable Document Format +    #  #image/gif; asciiview -driver curses -dim -bold -reverse -normal -boldfont -extended -eight '%s'; description=GIF image +    #  image/gif; sxiv '%s'; description=GIF image +    #  #image/jpeg; asciiview -driver curses -dim -bold -reverse -normal -boldfont -extended -eight '%s'; description=JPEG image +    #  image/jpeg; sxiv '%s'; description=JPEG image +    #  image/png; sxiv '%s'; description=PNG image +    #  text/html; elinks -dump %s; copiousoutput +    #  #text/richtext; catdoc '%s'; copiousoutput; description=Microsoft Rich Text Format +    #''; +    #".mutt/aliases".source = ./arrakis/mutt/aliases; +    #".mutt/colors".source = ./arrakis/mutt/colors; +    #".mutt/headers".source = ./arrakis/mutt/headers; +    #".mutt/keys".source = ./arrakis/mutt/keys; +    #".mutt/muttrc".source = ./arrakis/mutt/muttrc; +    "bin/knock".source = ../common/scripts/knock; +  }; + +  programs.zsh = { +    shellAliases = { +      manage = "tmux new-window ssh root@darkstar\\; split-window -d ssh root@king\\; new-window ssh root@black-sheep\\; split-window -d ssh root@fangorn\\; split-window -d ssh root@treebeard\\; new-window ssh root@casey\\; split-window -d ssh root@homer\\; new-window ssh root@lilnasx\\; split-window -d ssh root@trent"; +    }; +  }; + +  #sops = { +  #  age.keyFile = "/home/nipsy/.config/sops/age/keys.txt"; +  #  defaultSopsFile = ./secrets/arrakis.yaml; + +  #  secrets = { +  #    "reaper_license" = { +  #      path = "/home/nipsy/.config/REAPER/reaper-license.rk"; +  #    }; +  #    "ssh_config" = { +  #      path = "/home/nipsy/.ssh/config"; +  #    }; +  #  }; +  #}; + +  xsession = { +    initExtra = '' +      xrandr --output DisplayPort-0 --primary --mode 2560x1440 --rate 165 + +      # disable VRR because it causes the display to go to sleep on my GeForce 1080 (now 3070 Ti) sometimes; maybe monitor related? +      #nvidia-settings -a AllowVRR=0 +    ''; +  }; +} diff --git a/home/root/caladan.nix b/home/root/caladan.nix new file mode 100644 index 0000000..287f220 --- /dev/null +++ b/home/root/caladan.nix @@ -0,0 +1,14 @@ +{ config, inputs, lib, outputs, pkgs, ... }: +{ +  imports = [ +    common/core +  ]; + +  home.file = { +    "bin/knock".source = ../common/scripts/knock; +  }; + +  #nix.extraOptions = '' +  #  !include /run/secrets/nix-access-token-github +  #''; +} diff --git a/hosts/caladan/default.nix b/hosts/caladan/default.nix new file mode 100644 index 0000000..f203d46 --- /dev/null +++ b/hosts/caladan/default.nix @@ -0,0 +1,150 @@ +{ config, inputs, outputs, pkgs, ... }: { +  boot = { +    initrd.kernelModules = [ "amdgpu" "zfs" ]; +    kernelPackages = pkgs.master.linuxPackages_6_14; +    kernelParams = [ +      "amdgpu.ppfeaturemask=0xfffd3fff" +      "split_lock_detect=off" +    ]; +    loader = { +      efi = { +        canTouchEfiVariables = true; +        efiSysMountPoint = "/efiboot/efi1"; +      }; +      systemd-boot = { +        enable = true; +        extraInstallCommands = '' +          ${pkgs.rsync}/bin/rsync -av --delete /efiboot/efi1/ /efiboot/efi2 +        ''; +      }; +      timeout = 3; +    }; +    supportedFilesystems = [ "zfs" ]; +    zfs.package = pkgs.master.zfs; +  }; + +  environment.systemPackages = [ +    pkgs.angband +    #pkgs.assaultcube +    pkgs.bsdgames +    pkgs.bzflag +    pkgs.extremetuxracer +    #pkgs.frozen-bubble +    pkgs.hedgewars +    pkgs.kobodeluxe +    pkgs.mailutils +    pkgs.moc +    pkgs.nethack +    #pkgs.openttd +    pkgs.qbittorrent-nox +    pkgs.rdiff-backup +    #pkgs.scorched3d +    pkgs.signal-desktop +    pkgs.superTux +    pkgs.superTuxKart +    pkgs.umoria +    pkgs.vial +    pkgs.warzone2100 +    #pkgs.wine9_22.wineWowPackages.stagingFull +    pkgs.wpa_supplicant +    pkgs.xonotic-sdl +    #pkgs.xpilot-ng +  ]; + +  imports = [ +    ./disks.nix +    ./hardware-configuration.nix +    ./services.nix +    ../common/core +    ../common/optional/adb.nix +    ../common/optional/db.nix +    ../common/optional/dev.nix +    ../common/optional/ebooks.nix +    ../common/optional/games.nix +    ../common/optional/google-authenticator.nix +    ../common/optional/misc.nix +    ../common/optional/multimedia.nix +    ../common/optional/pipewire.nix +    ../common/optional/sdr.nix +    ../common/optional/services/chrony.nix +    ../common/optional/services/openssh.nix +    ../common/optional/services/xorg.nix +    ../common/optional/sound.nix +    ../common/optional/wdt.nix +    ../common/optional/zfs.nix +    ../common/users/nipsy +    ../common/users/root +  ]; + +  networking = { +  #  defaultGateway = { +  #    address = "192.168.1.1"; +  #    interface = "wlp15s0"; +  #  }; +    domain = "bitgnome.net"; +    hostId = "8981d1e5"; +    hostName = "caladan"; +  #  interfaces = { +  #    wlp15s0 = { +  #      ipv4.addresses = [ +  #        { address = "192.168.1.3"; prefixLength = 24; } +  #      ]; +  #    }; +  #  }; +  #  nameservers = [ "192.168.1.1" ]; +  #  nftables.enable = true; +  #  useDHCP = false; +  #  wireless = { +  #    enable = true; +  #    networks = { +  #      "Crystal Palace" = { +  #        pskRaw = "ext:psk_crystal_palace"; +  #      }; +  #    }; +  #    secretsFile = "${config.sops.secrets."wpa_supplicant".path}"; +  #  }; +  }; + +  nixpkgs = { +    config = { +      allowUnfree = true; +    }; +    hostPlatform = "x86_64-linux"; +    overlays = [ +      #inputs.nvidia-patch.overlays.default +      outputs.overlays.additions +      outputs.overlays.modifications +      outputs.overlays.master-packages +      outputs.overlays.stable-packages +      #outputs.overlays.wine9_22-packages +    ]; +  }; + +  services.openssh.settings.X11Forwarding = true; +  services.xserver.videoDrivers = [ "amdgpu" ]; + +  #sops = { +  #  age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; +  #  defaultSopsFile = ../secrets/arrakis.yaml; + +  #  secrets = { +  #    "nftables/ssh" = {}; +  #    "nix-access-token-github" = {}; +  #    "ssh_config".path = "/root/.ssh/config"; +  #    "wireguard/arrakis_key" = {}; +  #    "wireguard/black-sheep_psk" = {}; +  #    "wireguard/fangorn_psk" = {}; +  #    "wireguard/ginaz_psk" = {}; +  #    "wireguard/homer_psk" = {}; +  #    "wireguard/lilnasx_psk" = {}; +  #    "wireguard/lolli_psk" = {}; +  #    "wireguard/ramped_psk" = {}; +  #    "wireguard/timetrad_psk" = {}; +  #    "wireguard/treebeard_psk" = {}; +  #    "wireguard/wg1_conf" = {}; +  #    "wpa_supplicant" = {}; +  #  }; +  #}; + +  system.stateVersion = "23.11"; +} diff --git a/hosts/caladan/disks.nix b/hosts/caladan/disks.nix new file mode 100644 index 0000000..8961361 --- /dev/null +++ b/hosts/caladan/disks.nix @@ -0,0 +1,132 @@ +{ +  disko.devices = { +    disk = { +      nvme0n1 = { +        type = "disk"; +        device = "/dev/disk/by-id/nvme-CT4000P3PSSD8_2512E9B12C42"; +        content = { +          type = "gpt"; +          partitions = { +            ESP = { +              size = "1G"; +              type = "EF00"; +              content = { +                type = "filesystem"; +                format = "vfat"; +                mountpoint = "/efiboot/efi1"; +                mountOptions = [ "X-mount.mkdir" "umask=0077" ]; +                extraArgs = [ "-nESP1" ]; +              }; +            }; +            swap = { +              size = "32G"; +              type = "8200"; +              content = { +                type = "swap"; +                extraArgs = [ "-L swap1" ]; +              }; +            }; +            zfs = { +              size = "100%"; +              content = { +                type = "zfs"; +                pool = "rpool"; +              }; +            }; +          }; +        }; +      }; +      nvme1n1 = { +        type = "disk"; +        device = "/dev/disk/by-id/nvme-CT4000P3PSSD8_2512E9B12C44"; +        content = { +          type = "gpt"; +          partitions = { +            ESP = { +              size = "1G"; +              type = "EF00"; +              content = { +                type = "filesystem"; +                format = "vfat"; +                mountpoint = "/efiboot/efi2"; +                mountOptions = [ "X-mount.mkdir" "umask=0077" ]; +                extraArgs = [ "-nESP2" ]; +              }; +            }; +            swap = { +              size = "32G"; +              type = "8200"; +              content = { +                type = "swap"; +                extraArgs = [ "-L swap2" ]; +              }; +            }; +            zfs = { +              size = "100%"; +              content = { +                type = "zfs"; +                pool = "rpool"; +              }; +            }; +          }; +        }; +      }; +    }; +    zpool = { +      rpool = { +        mode = "mirror"; +        type = "zpool"; +        rootFsOptions = { +          acltype = "posixacl"; +          canmount = "off"; +          compression = "on"; +          dnodesize = "auto"; +          relatime = "on"; +          xattr = "sa"; +        }; +        options = { +          ashift = "12"; +          autotrim = "on"; +        }; +        datasets = { +          "local" = { +            type = "zfs_fs"; +            options.mountpoint = "none"; +          }; +          "local/root" = { +            type = "zfs_fs"; +            options.mountpoint = "legacy"; +            mountpoint = "/"; +          }; +          "local/nix" = { +            type = "zfs_fs"; +            options = { +              atime = "off"; +              mountpoint = "legacy"; +            }; +            mountpoint = "/nix"; +          }; +          "user" = { +            type = "zfs_fs"; +            options.mountpoint = "none"; +          }; +          "user/home" = { +            type = "zfs_fs"; +            options.mountpoint = "legacy"; +            mountpoint = "/home"; +          }; +          "user/home/root" = { +            type = "zfs_fs"; +            options.mountpoint = "legacy"; +            mountpoint = "/root"; +          }; +          "user/home/nipsy" = { +            type = "zfs_fs"; +            options.mountpoint = "legacy"; +            mountpoint = "/home/nipsy"; +          }; +        }; +      }; +    }; +  }; +} diff --git a/hosts/caladan/hardware-configuration.nix b/hosts/caladan/hardware-configuration.nix new file mode 100644 index 0000000..de0e516 --- /dev/null +++ b/hosts/caladan/hardware-configuration.nix @@ -0,0 +1,57 @@ +# Do not modify this file!  It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations.  Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, inputs, lib, outputs, pkgs, modulesPath, ... }: + +{ +  imports = +    [ #(modulesPath + "/installer/scan/not-detected.nix") +    ]; + +  boot = { +    extraModulePackages = [ ]; +    initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" ]; +    initrd.kernelModules = [ ]; +    kernelModules = [ "kvm-amd" ]; +    #zfs.extraPools = [ "data" ]; +  }; + +  environment.sessionVariables = { +    #LIBVA_DRIVER_NAME = "nvidia"; +    MOZ_DISABLE_RDD_SANDBOX = "1"; +  }; + +  hardware = { +    bluetooth.enable = true; + +    graphics = { +      enable = true; +      #extraPackages = [ pkgs.nvidia-vaapi-driver ]; +      #extraPackages32 = [ pkgs.pkgsi686Linux.nvidia-vaapi-driver ]; +    }; + +    #nvidia = let +    #  betaPkg = config.boot.kernelPackages.nvidiaPackages.beta; +    #  pkgAfterFbc = if builtins.hasAttr betaPkg.version pkgs.nvidia-patch-list.fbc then pkgs.nvidia-patch.patch-fbc betaPkg else betaPkg; +    #  finalPkg = if builtins.hasAttr betaPkg.version pkgs.nvidia-patch-list.nvenc then pkgs.nvidia-patch.patch-nvenc pkgAfterFbc else pkgAfterFbc; +    #in { +    #  modesetting.enable = true; +    #  open = true; +    #  package = if finalPkg == betaPkg then betaPkg else finalPkg; +    #}; + +    printers = let +      brother = "Brother_HL-L2340D"; +      ip = "192.168.1.20"; +    in { +      ensureDefaultPrinter = brother; +      ensurePrinters = [{ +        name = brother; +        deviceUri = "ipp://${ip}/ipp"; +        model = "everywhere"; +        description = lib.replaceStrings [ "_" ] [ " " ] brother; +        location = "home"; +      }]; +    }; +  }; +} diff --git a/hosts/caladan/services.nix b/hosts/caladan/services.nix new file mode 100644 index 0000000..4644188 --- /dev/null +++ b/hosts/caladan/services.nix @@ -0,0 +1,35 @@ +{ config, lib, pkgs, ... }: { + +  services = { + +    clamav.updater.enable = true; + +    cron.enable = true; + +    dictd.enable = true; + +    iperf3.openFirewall = true; + +    printing.enable = true; + +    #smartd = let my_email_addr = "nipsy@bitgnome.net"; in { +    #  enable = true; +    #  devices = [ +    #    { +    #      device = "/dev/disk/by-id/nvme-WD_BLACK_SN850X_4000GB_23162P800005"; +    #      options = "-a -o on -S on -m ${my_email_addr}"; +    #    } +    #    { +    #      device = "/dev/disk/by-id/nvme-WD_BLACK_SN850X_4000GB_23162P800014"; +    #      options = "-a -o on -S on -m ${my_email_addr}"; +    #    } +    #  ]; +    #}; + +    udev.packages = [ +      pkgs.vial +    ]; + +  }; + +} | 
