diff options
| -rw-r--r-- | flake.nix | 28 | ||||
| -rw-r--r-- | home/nipsy/caladan.nix | 58 | ||||
| -rw-r--r-- | home/root/caladan.nix | 14 | ||||
| -rw-r--r-- | hosts/caladan/default.nix | 150 | ||||
| -rw-r--r-- | hosts/caladan/disks.nix | 132 | ||||
| -rw-r--r-- | hosts/caladan/hardware-configuration.nix | 57 | ||||
| -rw-r--r-- | hosts/caladan/services.nix | 35 |
7 files changed, 474 insertions, 0 deletions
@@ -100,6 +100,34 @@ ]; }; + caladan = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs outputs; }; + modules = [ + #{ + # environment.systemPackages = [ + # ghostty.packages.x86_64-linux.default + # ]; + #} + #({ config, pkgs, ... }: + # let + # overlay-dict-pr367392 = final: prev: { + # dict = nixpkgs-pr367392.legacyPackages."x86_64-linux".dict; + # }; + # in { + # nixpkgs.overlays = [ overlay-dict-pr367392 ]; + # } + #) + disko.nixosModules.disko + ./hosts/caladan + home-manager.nixosModules.home-manager { + #home-manager.sharedModules = [ sops-nix.homeManagerModules.sops ]; + home-manager.users.root = import ./home/root/caladan.nix; + home-manager.users.nipsy = import ./home/nipsy/caladan.nix; + } + #sops-nix.nixosModules.sops + ]; + }; + darkstar = nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs outputs; }; modules = [ diff --git a/home/nipsy/caladan.nix b/home/nipsy/caladan.nix new file mode 100644 index 0000000..49f84a7 --- /dev/null +++ b/home/nipsy/caladan.nix @@ -0,0 +1,58 @@ +{ inputs, lib, pkgs, config, outputs, ... }: +{ + imports = [ + common/core + common/optional/desktops + common/optional/desktops/services/xscreensaver.nix + #inputs.sops-nix.homeManagerModules.sops + ]; + + home.file = { + #".mailcap".text = '' + # #application/msword; antiword -rs '%s'; copiousoutput; description=Microsoft Word Document + # application/pdf; pdftotext '%s' -; copiousoutput; description=Adobe Portable Document Format + # #image/gif; asciiview -driver curses -dim -bold -reverse -normal -boldfont -extended -eight '%s'; description=GIF image + # image/gif; sxiv '%s'; description=GIF image + # #image/jpeg; asciiview -driver curses -dim -bold -reverse -normal -boldfont -extended -eight '%s'; description=JPEG image + # image/jpeg; sxiv '%s'; description=JPEG image + # image/png; sxiv '%s'; description=PNG image + # text/html; elinks -dump %s; copiousoutput + # #text/richtext; catdoc '%s'; copiousoutput; description=Microsoft Rich Text Format + #''; + #".mutt/aliases".source = ./arrakis/mutt/aliases; + #".mutt/colors".source = ./arrakis/mutt/colors; + #".mutt/headers".source = ./arrakis/mutt/headers; + #".mutt/keys".source = ./arrakis/mutt/keys; + #".mutt/muttrc".source = ./arrakis/mutt/muttrc; + "bin/knock".source = ../common/scripts/knock; + }; + + programs.zsh = { + shellAliases = { + manage = "tmux new-window ssh root@darkstar\\; split-window -d ssh root@king\\; new-window ssh root@black-sheep\\; split-window -d ssh root@fangorn\\; split-window -d ssh root@treebeard\\; new-window ssh root@casey\\; split-window -d ssh root@homer\\; new-window ssh root@lilnasx\\; split-window -d ssh root@trent"; + }; + }; + + #sops = { + # age.keyFile = "/home/nipsy/.config/sops/age/keys.txt"; + # defaultSopsFile = ./secrets/arrakis.yaml; + + # secrets = { + # "reaper_license" = { + # path = "/home/nipsy/.config/REAPER/reaper-license.rk"; + # }; + # "ssh_config" = { + # path = "/home/nipsy/.ssh/config"; + # }; + # }; + #}; + + xsession = { + initExtra = '' + xrandr --output DisplayPort-0 --primary --mode 2560x1440 --rate 165 + + # disable VRR because it causes the display to go to sleep on my GeForce 1080 (now 3070 Ti) sometimes; maybe monitor related? + #nvidia-settings -a AllowVRR=0 + ''; + }; +} diff --git a/home/root/caladan.nix b/home/root/caladan.nix new file mode 100644 index 0000000..287f220 --- /dev/null +++ b/home/root/caladan.nix @@ -0,0 +1,14 @@ +{ config, inputs, lib, outputs, pkgs, ... }: +{ + imports = [ + common/core + ]; + + home.file = { + "bin/knock".source = ../common/scripts/knock; + }; + + #nix.extraOptions = '' + # !include /run/secrets/nix-access-token-github + #''; +} diff --git a/hosts/caladan/default.nix b/hosts/caladan/default.nix new file mode 100644 index 0000000..f203d46 --- /dev/null +++ b/hosts/caladan/default.nix @@ -0,0 +1,150 @@ +{ config, inputs, outputs, pkgs, ... }: { + boot = { + initrd.kernelModules = [ "amdgpu" "zfs" ]; + kernelPackages = pkgs.master.linuxPackages_6_14; + kernelParams = [ + "amdgpu.ppfeaturemask=0xfffd3fff" + "split_lock_detect=off" + ]; + loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/efiboot/efi1"; + }; + systemd-boot = { + enable = true; + extraInstallCommands = '' + ${pkgs.rsync}/bin/rsync -av --delete /efiboot/efi1/ /efiboot/efi2 + ''; + }; + timeout = 3; + }; + supportedFilesystems = [ "zfs" ]; + zfs.package = pkgs.master.zfs; + }; + + environment.systemPackages = [ + pkgs.angband + #pkgs.assaultcube + pkgs.bsdgames + pkgs.bzflag + pkgs.extremetuxracer + #pkgs.frozen-bubble + pkgs.hedgewars + pkgs.kobodeluxe + pkgs.mailutils + pkgs.moc + pkgs.nethack + #pkgs.openttd + pkgs.qbittorrent-nox + pkgs.rdiff-backup + #pkgs.scorched3d + pkgs.signal-desktop + pkgs.superTux + pkgs.superTuxKart + pkgs.umoria + pkgs.vial + pkgs.warzone2100 + #pkgs.wine9_22.wineWowPackages.stagingFull + pkgs.wpa_supplicant + pkgs.xonotic-sdl + #pkgs.xpilot-ng + ]; + + imports = [ + ./disks.nix + ./hardware-configuration.nix + ./services.nix + ../common/core + ../common/optional/adb.nix + ../common/optional/db.nix + ../common/optional/dev.nix + ../common/optional/ebooks.nix + ../common/optional/games.nix + ../common/optional/google-authenticator.nix + ../common/optional/misc.nix + ../common/optional/multimedia.nix + ../common/optional/pipewire.nix + ../common/optional/sdr.nix + ../common/optional/services/chrony.nix + ../common/optional/services/openssh.nix + ../common/optional/services/xorg.nix + ../common/optional/sound.nix + ../common/optional/wdt.nix + ../common/optional/zfs.nix + ../common/users/nipsy + ../common/users/root + ]; + + networking = { + # defaultGateway = { + # address = "192.168.1.1"; + # interface = "wlp15s0"; + # }; + domain = "bitgnome.net"; + hostId = "8981d1e5"; + hostName = "caladan"; + # interfaces = { + # wlp15s0 = { + # ipv4.addresses = [ + # { address = "192.168.1.3"; prefixLength = 24; } + # ]; + # }; + # }; + # nameservers = [ "192.168.1.1" ]; + # nftables.enable = true; + # useDHCP = false; + # wireless = { + # enable = true; + # networks = { + # "Crystal Palace" = { + # pskRaw = "ext:psk_crystal_palace"; + # }; + # }; + # secretsFile = "${config.sops.secrets."wpa_supplicant".path}"; + # }; + }; + + nixpkgs = { + config = { + allowUnfree = true; + }; + hostPlatform = "x86_64-linux"; + overlays = [ + #inputs.nvidia-patch.overlays.default + outputs.overlays.additions + outputs.overlays.modifications + outputs.overlays.master-packages + outputs.overlays.stable-packages + #outputs.overlays.wine9_22-packages + ]; + }; + + services.openssh.settings.X11Forwarding = true; + services.xserver.videoDrivers = [ "amdgpu" ]; + + #sops = { + # age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + # defaultSopsFile = ../secrets/arrakis.yaml; + + # secrets = { + # "nftables/ssh" = {}; + # "nix-access-token-github" = {}; + # "ssh_config".path = "/root/.ssh/config"; + # "wireguard/arrakis_key" = {}; + # "wireguard/black-sheep_psk" = {}; + # "wireguard/fangorn_psk" = {}; + # "wireguard/ginaz_psk" = {}; + # "wireguard/homer_psk" = {}; + # "wireguard/lilnasx_psk" = {}; + # "wireguard/lolli_psk" = {}; + # "wireguard/ramped_psk" = {}; + # "wireguard/timetrad_psk" = {}; + # "wireguard/treebeard_psk" = {}; + # "wireguard/wg1_conf" = {}; + # "wpa_supplicant" = {}; + # }; + #}; + + system.stateVersion = "23.11"; +} diff --git a/hosts/caladan/disks.nix b/hosts/caladan/disks.nix new file mode 100644 index 0000000..8961361 --- /dev/null +++ b/hosts/caladan/disks.nix @@ -0,0 +1,132 @@ +{ + disko.devices = { + disk = { + nvme0n1 = { + type = "disk"; + device = "/dev/disk/by-id/nvme-CT4000P3PSSD8_2512E9B12C42"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/efiboot/efi1"; + mountOptions = [ "X-mount.mkdir" "umask=0077" ]; + extraArgs = [ "-nESP1" ]; + }; + }; + swap = { + size = "32G"; + type = "8200"; + content = { + type = "swap"; + extraArgs = [ "-L swap1" ]; + }; + }; + zfs = { + size = "100%"; + content = { + type = "zfs"; + pool = "rpool"; + }; + }; + }; + }; + }; + nvme1n1 = { + type = "disk"; + device = "/dev/disk/by-id/nvme-CT4000P3PSSD8_2512E9B12C44"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/efiboot/efi2"; + mountOptions = [ "X-mount.mkdir" "umask=0077" ]; + extraArgs = [ "-nESP2" ]; + }; + }; + swap = { + size = "32G"; + type = "8200"; + content = { + type = "swap"; + extraArgs = [ "-L swap2" ]; + }; + }; + zfs = { + size = "100%"; + content = { + type = "zfs"; + pool = "rpool"; + }; + }; + }; + }; + }; + }; + zpool = { + rpool = { + mode = "mirror"; + type = "zpool"; + rootFsOptions = { + acltype = "posixacl"; + canmount = "off"; + compression = "on"; + dnodesize = "auto"; + relatime = "on"; + xattr = "sa"; + }; + options = { + ashift = "12"; + autotrim = "on"; + }; + datasets = { + "local" = { + type = "zfs_fs"; + options.mountpoint = "none"; + }; + "local/root" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/"; + }; + "local/nix" = { + type = "zfs_fs"; + options = { + atime = "off"; + mountpoint = "legacy"; + }; + mountpoint = "/nix"; + }; + "user" = { + type = "zfs_fs"; + options.mountpoint = "none"; + }; + "user/home" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/home"; + }; + "user/home/root" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/root"; + }; + "user/home/nipsy" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/home/nipsy"; + }; + }; + }; + }; + }; +} diff --git a/hosts/caladan/hardware-configuration.nix b/hosts/caladan/hardware-configuration.nix new file mode 100644 index 0000000..de0e516 --- /dev/null +++ b/hosts/caladan/hardware-configuration.nix @@ -0,0 +1,57 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, inputs, lib, outputs, pkgs, modulesPath, ... }: + +{ + imports = + [ #(modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot = { + extraModulePackages = [ ]; + initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" ]; + initrd.kernelModules = [ ]; + kernelModules = [ "kvm-amd" ]; + #zfs.extraPools = [ "data" ]; + }; + + environment.sessionVariables = { + #LIBVA_DRIVER_NAME = "nvidia"; + MOZ_DISABLE_RDD_SANDBOX = "1"; + }; + + hardware = { + bluetooth.enable = true; + + graphics = { + enable = true; + #extraPackages = [ pkgs.nvidia-vaapi-driver ]; + #extraPackages32 = [ pkgs.pkgsi686Linux.nvidia-vaapi-driver ]; + }; + + #nvidia = let + # betaPkg = config.boot.kernelPackages.nvidiaPackages.beta; + # pkgAfterFbc = if builtins.hasAttr betaPkg.version pkgs.nvidia-patch-list.fbc then pkgs.nvidia-patch.patch-fbc betaPkg else betaPkg; + # finalPkg = if builtins.hasAttr betaPkg.version pkgs.nvidia-patch-list.nvenc then pkgs.nvidia-patch.patch-nvenc pkgAfterFbc else pkgAfterFbc; + #in { + # modesetting.enable = true; + # open = true; + # package = if finalPkg == betaPkg then betaPkg else finalPkg; + #}; + + printers = let + brother = "Brother_HL-L2340D"; + ip = "192.168.1.20"; + in { + ensureDefaultPrinter = brother; + ensurePrinters = [{ + name = brother; + deviceUri = "ipp://${ip}/ipp"; + model = "everywhere"; + description = lib.replaceStrings [ "_" ] [ " " ] brother; + location = "home"; + }]; + }; + }; +} diff --git a/hosts/caladan/services.nix b/hosts/caladan/services.nix new file mode 100644 index 0000000..4644188 --- /dev/null +++ b/hosts/caladan/services.nix @@ -0,0 +1,35 @@ +{ config, lib, pkgs, ... }: { + + services = { + + clamav.updater.enable = true; + + cron.enable = true; + + dictd.enable = true; + + iperf3.openFirewall = true; + + printing.enable = true; + + #smartd = let my_email_addr = "nipsy@bitgnome.net"; in { + # enable = true; + # devices = [ + # { + # device = "/dev/disk/by-id/nvme-WD_BLACK_SN850X_4000GB_23162P800005"; + # options = "-a -o on -S on -m ${my_email_addr}"; + # } + # { + # device = "/dev/disk/by-id/nvme-WD_BLACK_SN850X_4000GB_23162P800014"; + # options = "-a -o on -S on -m ${my_email_addr}"; + # } + # ]; + #}; + + udev.packages = [ + pkgs.vial + ]; + + }; + +} |